techno

OWASP in Paris : Diving in Firefox OS Security !

You might have heard about it, a new mobile operating system was announced few months ago : Firefox OS, by Mozilla.This mixing of a browser product together with the ‘OS’ word is not a typo. It is a new type of operating system, web based, which will get rid of the open-but-proprietary mobile operating systems. On a web-based operating system, web apps will be the application bringing the services to the user. And Mozilla, is offering to have HTML5/CSS3 web apps running on their Firefox OS. Together with special APIs, names Web APIs that will enable some mobile-phone related features, such as access to phone call, SMS, and few other nice things.

So, yes, Firefox OS has landed in the mobile area … and its security challenges too. Imagine : a web engine, on which you execute applications, based on the web security model, which main security constraint is the single origin policy (any resource used by a web app must be from the same origin). If the ambition is really to port any kind of service on the web, including the highly sensitive ones, this imposes to have more constraints on the application and execution model. And this is what Mozilla has been integrating in their OS design and application deployment scheme. This is this nice story that Paul Theriault @creativemisuse, Mozilla Corporation, came to tell in Mozilla Paris offices this week, during a meeting organized by OWASP French Chapter. Here are the basics to remember about the Firefox OS security model :

– There will be several categories of web app : normal web apps, privileged web apps, certified web apps.

– Normal webapps are the ones with the lowest right, they can *only* use HTML5 and CSS3.

– Privileged and certified web apps are accessing the Web APIs, and will be submitted to the user permissions. The user will have to grant access when the web apps will actually access those APIs.

– Certified web apps will the ones accessing sensitives Web API, related to the mobile phone system. At the moment, certified apps are only developed by Mozilla and built in the mobile device, before going on the field. The so-preserved APIs are the ones related to TCP socket, mobile network, system XHR, alarms…

– Each web app will have dedicated cache and cookies memory.

– Web apps and browser will run in a separate thread, allowing to preserve the permissions and isolation during execution.

A video is available there, and will definitely make you better understand the main challenges that Mozilla is facing with their crazy idea to put the web on a mobile.

And, as all the activities of Mozilla are public and open to contributors, the ones interested in security aspects can stay tuned on https://developer.mozilla.org/en-US/docs/Mozilla/Firefox_OS/Security

First Web Crypto implementations : expecting your imagination to play with !

Being chair of a W3C Working Group puts you in a nice situation that you are aware of any brand new implementations of the specifications your working group is supposed to design. In the case of the Web Crypto WG, I must confess I am quite lucky : the group has started one year ago, the first public working drafts were fired 10 months ago, last call is planned for October (planned, I said, no blood signed promise here) and there are already several implementations and prototypes disclosed :

Which specification are we talking about ?

The Web Cryptography API is an API, edited by Ryan from Google. Once implemented natively in browser, it will provide web apps with primitive for cryptographic operations. Generate strong random number, generate a key (or a key pair), manage data ciphering of data signature with it. This is a nice toy to design the security model of your web application. Identified use cases are data synchronization between client and server, signing legal documents, protecting banking transactions, … See the Web Cryptography Use Cases, edited by Arun from Mozilla, for more information. The Working Group is also working on an API to discover keys available in the key store of the browser, but this API, edited by Mark from Netflix, named Web Cryptography Key Discovery does not have yet any implementation available.

What are the available implementations ?

As several companies have interest in that security feature, several implementations or experiments are made available to web developers.

A polyfill designed by BBN. BBN is a research laboratory sponsored by US government. It has issued a polyfill, a pure javascript implementation of the Web Crypto API (based on the version from December 2012). It is compatible with a large number of browsers, including Chrome, Firefox, Safari, Internet Explorer 10, Opera, iCab. You can grab more by visiting the Polycrypt project : http://polycrypt.net/ and the related github : https://github.com/polycrypt/polycrypt .

A plugin by Netflix for Chrome. Netflix is working hard those day on delivering a complete solution to protect its streamed content over the combination of the Encrypted Media Extension and Web Crypto API (based on the version from April 2013). The current native plug-in has been designed and successfully tested in Chrome on Linux amd64 – but do not dream, it will not allow you to watch Netflix catalog for free ! All material and explanations are available under Netflix github.

A Microsoft IE 11 Preview feature. Microsoft has included the Web Crypto API in Internet Explorer 11 Preview (build date: 6/14/2013). This pre-release version is available to web developers.

A Chromium announced feature. Google has announced that the Web Crypto API would be available in Chromium. If you want to witness the on-going work, you can have a look at the chromium issue tracker.

A Firefox open feature**. Mozilla is working since this spring on the implementation of the Web Crypto API and progresses can be monitored under Bugzilla @ Mozilla tracker.

A teasing implementation from Inventive Designers.

One in another what can you do, now. And what are the limits ?

You can play with those prototypes, which are here to fill the gap, while browser makers embed the final feature in their final products. Note that none of the available plug-in, polyfill, pre-release do rely on Promises, which is the new taste of DOM, while the final version as lots of chance to  : the most recent draft already embeds it, and it is expecting review of the javascript and W3C Technical Architecture Group community. In addition the referenced plug-in, polyfill, pre-release features are relying on old version of the specification which is submitted to changes, as the Working Group is still managing some open issues. Nevertheless by having some tools today, it gives you a chance to play with crypto primitives on different platforms.

Which one to choose ? If your project is just about creating a key and using it for the basic operations such as generate key, sign, encrypt and corresponding operations, then the BBN polyfill will perfectly match. If you want to experience more with key wrapping (in order to protect your keys when being stored in your client), then, the Netflix and Microsoft tools will make the job.

Each of the implementations made some choices in algorithms supported, but in most of the cases, if your project does not require exotic algorithm, you will find what you need inside.

If you are having fun with it, who should you report it to ?

As you may imagine all W3C crypto community and implementers are expecting your report on your experiment. Feel free to tell us more on public-webcrypto-comments@w3.org or by reporting directly to the implementation providers…

You can also read a more recent post related to Web Crypto API development here : https://poulpita.com/2014/08/28/w3c-web-crypto-whats-next/

** Thanks @clochix for the info.

UnionWeb, une petite fédération qui pourrait bien devenir grande !

unionweb4-630x224Cette semaine, un petit évènement a eu lieu à Paris. Un petit évènement qui pourrait bien être le début de quelque chose de grand. UnionWeb a été lancé. UnionWeb est une toute jeune fédération qui vise à réunir les acteurs du web, quel que soit leur statut : individus, auto-entrepreneurs, salariés, PME, association, école, personne morale ou physique, tout le monde peut devenir adhérent est bénéficier de l’énergie positive qui se dégage de cette initiative.

Les acteurs du web sont légions aujourd’hui. Ils forment un ensemble fragmenté, réunis au sein de courants ayant des objectifs distincts. Ces courants animent de différentes façon la vie économique et les débats liés au numérique  en France. Les traditionnels : Syntec Numérique réunit les entreprises du numérique incluant également une branche Femmes du Numérique [1], le Conseil National du Numérique, composés de membres nommés par le gouvernement, conseille en matière de stratégie numérique [2]. Les formes un peu innovantes : la Fing (Fédération Internet Nouvelle Génération) qui supporte des initiatives croisées avec des acteurs publiques et privés sur l’innovation [3]. Les associations : Netexplo, un acteur incontournable sur l’observation de l’impact du web sur nos sociétés, soutenu par les grands groupes du CAC40 [4], Social Media Club qui fédère les acteurs qui s’intéressent aux réseaux sociaux et stratégies digitales, avec des bureaux à Paris, Marseille, Lille et Rennes [5], ou encore GirzlInWeb qui soutient et promeut l’entrepreneuriat féminin [6].

Les villes ont également leurs propres dynamiques. Avec des évènements ponctuels  tels que des startup week end, des hackaton, ou des barcamp. Il existe également plusieurs conférences qui adressent les problématiques du web en général telles que Web In Lorient, Paris Web, Sud Web, Web2Day à Nantes, web-5 à Bézier, Futur En Seine à Paris … L’innovation digitale se focalise souvent autours de lieux tels que des incubateurs ou des lieux de co-working  (Silicon Sentier et le réseau des cantines). Par ailleurs, cette carte se déplacera encore lorsque l’initiative des Quartiers Numériques lancée par Fleur Pellerin se déploiera à Paris.

Un réseau solide et distribué. Un des défis de UnionWeb sera de construire un réseau solide et distribué sur le territoire français. Toutes ces initiatives privées et publiques créent aujourd’hui de l’innovation, de la valeur, des réseaux formels et informels. Cependant ceci n’est pas suffisant. L’économie du numérique représentera une part non négligeable de nos richesses de demain, et c’est donc pour cela qu’il faut se préparer et s’organiser. Une fédération est un excellent moyen de renforcer un réseau d’individus riche et innovant, sur la base de valeurs de partage et de solidarité. Car c’est ainsi que Magali Boisseau et Marie Laure Vie présentent UnionWeb lors de la soirée de lancement qui a eu lieu le 12 Juin. UnionWeb a pour vocation de réunir les adhérents, de les aider à monter en compétence, de les accompagner sur leurs projets et de mutualiser les réseaux des individus. Les premières actions proposées seront  des rencontres composées de lightening talks et d’ateliers pratiques. Le partage par le biais de e-learning fait également partie du plan, pour tenir compte de la distribution des adhérents sur tout le territoire. Le programme des actions d’UnionWeb évoluera sans doute puisque la fédération est en période de recrutement, mais la proposition est d’ores et déjà intéressante.

Souhaitons que cette initiative prenne sur notre territoire et donne lieu à de belles rencontres !

Pour en savoir plus sur UnionWeb :

– Soirée de lancement vidéo, storify, slides, communauté

– Interview de Magali Boisseau sur Good Morning Business

– Trouver UnionWeb :  site web et Twitter @UnionWeb

Linkographie :

[1] Syntec Numérique : site web et Twitter @syntecnumerique

[2] Conseil National du Numérique : site web et Twitter @CNNum

[3] Fing : site web et Twitter @La_Fing

[4] Netexplo : site web et Twitter @Netexplo

[5] Social Media Club : site web et Twitter @SMCFrance

[6] GirlZinWeb : site web et Twitter @GirlZinWeb

Tokyo experience : W3C web developers meetup

Somewhere in the last days (excuse my approximation, my time reference is in the middle of Tokyo and Marseille), I attended together with around 300 people the W3C Meetup up developer in Tokyo in GREE premises.

w3cdev_roomPicture by Sangwhan Moon sangwhanmoon

Awesome venue, great and experienced speakers, and funny masters of ceremony, all was gathered to have a wonderful event.

w3cdev_costumesPicture by Tomomi ‏@girlie_mac via @ourmaninjapan

During this first W3C meetup in Tokyo ever, the virtue of the web was exposed.

HTML5. Mike Smith, codename Michael[tm] Smith @sideshowbarker reported the recent HTML5 stories, focusing on the template element.

Mobile webapps. The recent features to build attractive mobile web appwere developped by Tomomi from Nokia @girlie_mac. She covered all recent features and gave details about their implementations in the different mobile version browsers [slides]

Test the web. Earlier in the day, there was a Test The Web Forward event, a kind of great coding party where you test the web from top to bottom. It was a great opportunity here to have Tobie from Facebook and W3C fellow @tobie explaining us the main testing essence of the web [slides]

Security. I made a status on the web crypto API working group. Promoting how we could save the world (or at least support a better evoting user experience – with a bit of Paris and women power inside) [slides]

Design. Alan Stearns @alanstearns from Adobe made a fabulous CSS demo  [slides]

Gaming. Kazuho Oku @kazuho presented JSX allowing to improve performance for game coding [slides]

Panel. A panel ended the conference, trying to get from the participants how the japanese community could be present in the standardization of the web. Participants were Mike Smith from W3C @sideshowbarker, Fumi Yamazaki from google @Fumi, Richard Ishida from W3C Internationalization @r12a, Tomomi from Nokia @girlie_mac, Kensaku Komatsu from NTT Com and Shumpei Shiraishi from HTML5J @Shumpei. In a mixing of japanese and english – which was not a problem as there was a bi-language real time translation, they stated the following :

Community ? The Twitter community of this W3C dev Meetup can be explored with the Bluenod application, and it looks something like this

w3cdev_bluenod_map

Party. And because we all worked hard, our host offered a nice cake after a great japanese buffet …

w3cdev_cakePicture by @gihyoreport

ありがとうございます。

Yeah, I wanna be a W3C AB !

What’s up ?
Those days my friends are suffering conversations with me related to W3C, W3C and W3C. One of the reasons for that is that there is a nano-event happening (nano at the scale of the boiling web planet) : W3C is currently trying to renew part of its Advisory Board. Advisory Board members are 9 people interacting with W3C management on the questions of process, strategy, conflict. Even if ABs do have a limited power, there are part of the mechanics to make sure that W3C office stays connected with their membership.

Election. So what !
Where this election is becoming interesting is that there are 12 nominees in total for 4 available seats, a record in the history of W3C. Demonstrating the traction of that organization. Most of them are experienced smart people from big corporations. Some of them made public their application, such as Tantek from Mozilla, Chris from Google, Chaals from Yandex, and David from Apple. And I am part of the ones who would like to seat there. My two years in W3C planet, representing my company, and also chairing Web Crypto Working Group were such an experience that I would be delighted to use it to support migration of W3C.

What is at stake ?
To my point of view, W3C is getting transformed: it is getting bigger, welcoming so much members every year, it is getting more ambitious, covering more market such as mobile, automotive, payment, and members are bringing more and more ideas… In such changing time, it is key to stay a solid, delivery oriented, flexible organization. Challenges for the next team will be to progress on the evolution of W3C process (everyone is blaming W3C to be a slow delivery machine), dealing with open licensing of W3C documentation, potentially rethinking the AB itself (as some member do require it), and listen to the W3C members ideas to make that organization better. There will be also effort to maintain on the learning curve of new members, capturing the innovations in specifications, keeping the W3C culture (collaborative, sharing), and of course being the guardian of the open web platform ‘openness’.

Why me ?
I have heard a lot of enthusiasm around my application – actually more then expected. Here is a list of funny things I heard about the quality people believe I have : I am new to W3C and can have a fresh look, I am a chair (understand a chairperson, not an object), I am a woman (yes, I am representing a minority in W3C), I know well the mobile industry (one of the major playground area for the web), I am European (while W3C is highly US centric), I am interested in document open licensing, I am representing an industry that may save the web (which lacks of security we-all-know-that).

All of this may be true, but I must confess that those were not the first skills I thought about when running the election. I am firstly committed to *contribute* to the AB. I do want the W3C machine to become efficient, progressing on all the items mentioned above. Being reasonably connected to the web community and members, I am able to report the good ideas, actually transforming it efficiently in W3C arena, making the best effort to roll out the promise of the open web platform.

When will this end ?
The adventure of politic is really interesting and even by trying to play that game I learnt a lot of things. Election results will be announced beginning of June. Will keep you informed about it.
By the way, If you want to join the @poulpita fanclub, just share that post on your favorite social media networks and tell any AC Rep in W3C you meet that they should choose me in their top 4 candidates !

Note : if you want to know more about open licensing document, here is a good summary of the situation, by David Baron from Mozilla http://dbaron.org/log/20130522-w3c-licensing

Open Data : one step closer on data with infolab

Infolab kickoff. On the 11th of April, a workshop gathered 70 opendata enthusiasts in Paris. It was organized by La Fing, a french organization which creates, detects and shares novel and actionable ideas to anticipate digital transformations [1], in collaboration with Simon Chignard opendata activist and writer, Claire Gallon from LiberTIC association @LiberTIC promoting opendata, and Sarah Labelle @sl_lab, researcher on Communication and Information Science in Paris Université 13 [2]. The driver for such meeting was to initiate and support a two years program focusing on data, data in all its aspects : data quality, open data, data viz, data we love you. This ambitious program relies on the creation of an Infolab, a physical and digital place where anyone could find recipes to improve data quality, to make the importance of data understood by companies, to mediate the data to the citizen. Going beyond the dogma that open data is a super-exciting-major-topic, the workshop, lead by Amandine Brugière ‏ @abrugiere was really constructive. Representatives from different sectors were here to garantee that conversations hapening here were applicable to private and public sector. Attendees counted : delegations from regions and territories of Nantes, Bordeaux, Rennes, Paris, Poitiers, Lyon, Marseille, but also La Poste, Alcatel Lucent, Silicon Sentier (a startup enabling association), gemalto, caisse des dépôts, … All condidtions were met to make progress on the topic, as mentioned by Gael Musquet, supporting Open Street Map project [2].

Work and findings. Participants split into several workshops. One dedicated to surname data – and what to do with it, driven by Simon Chignard @schignard. A second related to data usage in corporation, driven by Charles Nepote @charlesnepote. A third one related to data visualization, driven by Vincent Mandinau @VincentMandinau and Hervé Paris from ANACT @Anact_, a national agency for improving working conditions. Some experimental findings from it :

–          Data representing companies today, accessible on the web thanks to google search are not efficiently controlled. Google algorithms are a science and companies should learn more about it. We all know that competitive advantage sometimes relies today on a good digital positioning. in addition, harmonization of data format, in a single organization or across several organizations is a nightmare. We all experienced that filling a database with MyCompañy or My Compañy or MYCOMPANY will induce fuzzy statistics. there are definitely rooms of improvement in the private sector to make data relevant.

–          Data usage has to be invented and the best way to do that is to play with sets of data, cross hints, explore intuition and find the queries you would expect t answer. Act before thinking in other words.

–          Data visualization is a good mean to practice *and* discuss the data. A demonstrator was made on unemployment data and attendees could reverse engineer the maps to build their own view. That practice was a wonderful pretext to discuss data and what they could reveal.

Some perspective. Finally an academic presentation was made by Sarah Labelle. Sarah explained the notion of “mediation to citizen” : the fact to encourage people to appropriate a specific topic or knowledge. She illustrated usages in different areas : culture, innovation, pedagogy. In each of those domains, it was demonstrated that recent trends were to mediate via tools. Teachers do integrate experiments in their lessons, museum do play with the visitors, allowing them to have audio guide, interacts with the art pieces. All findings around that kind of mediation could be tested in the area of data.

Infolab proposal. Infolab is offering to create the natural eco-system for progressing. It aims to inspect the possible tools and means to reach the people and make them having at least an opinion, at most an appropriate action plan on how to make data usable and how to exploit them in a smart way. The debate following the workshop raised some questions related to key questions such as what would a data museum look like, how to balance tool and democracy, what is the place of script and non-script in the data treatment, …Large questions that may find answers in the next Infolab meeting.

Super, when do we work again ? Participants were invited to meet again during the opendata european week which will be organized in Marseille, from the 25 to 28th of June, as announced by Stéphane Martayan @smartayan in collaboration with Provence region and La Fing. Save the date of the 27th of June and book your agenda [4] !

* translation of Gael tweet : all actors of french open data are here in the Infolab meeting, a nice familly picture in the house of association from Paris

[1] La Fing http://fing.org/?About-Fing&lang=fr

[2] Sarah Labelle research domain [fr] http://labsic.univ-paris13.fr/index.php/labelle-sarah

[3] Open Street Map project OSM http://www.openstreetmap.org/

[4] Collaborative day during the open data european week in Marseille, registration http://fr.amiando.com/DSXFDLF.html

Note : Link to a previous post ‘Opendata : a postcard from France’ https://poulpitablog.wordpress.com/2013/02/05/opendata-postcard-from-france/

Pieces of media technology that will shape your living room…

TVset_by_Zellaby

What is cooking in the labs of the TV and web players ? This is what the Fraunhofer Institute FOKUS has attempted to unveil to the 160 attendees during Media Web Symposium, held last week in Berlin.

Fraunhofer Institute is the best in class research institute in Europe, located in germany, having a strong link with the industry. This Web & Media Symposium gathered a wide range of actors, from the hardware to the service area, including the mobile network operators, browser manufacturer and TV or mobile makers. Each of them share its strategy or learnings about the screen usages. Here are some pieces of technology that may change your usage of screens, from your living room, at work, or in  mobility.

Smart TV revolution : not one screen, but multiple screens.

TVs are not anymore a screen, they are a platform, which user can interact with. Video on demand, program guide, applications (including your mail, your social media, your favorite games), web portals to propose content. Anything can land now on your TV, as mentionned by the different standardization organisations represented during the 2 days (Open IP TV forum [1], newly born DASH Industry Forum [2], W3C web & TV Interest Group [3], HbbTV [4]). And HTML5 is definitely part of the possible technology to be used to present services as mentionned Smart TV Alliance, a group of industrials willing to gather developers and service providers to make sure services can be deployed in an interoperable way.

TVs are not anymore standalone devices, they are interacting with other devices, other screens. The usages which are not anymore challenged by the industry is the fact that you may start your day by watching your TV at home, then do the same on your smartphone in the tube and end with a short game arriving in the office on your computer. All those screens must be synched to the same subscription. In addition, you can think about usage of several screens at the same time : your smart phone is hosting the remote controller of your TV set, or your smartphone and the tablet of your boyfriend are used to play a game on your TV set… This makes that applications must now be splittable and synchronized real time. How can you do that ? You need to have a robust mean to discover and share services across devices (and this is what W3C is working on with Web APIs such as Raw Socket and Service Discovery). You need also to be able to split the HTML5 code of your apps into several pieces, targeting different devices, one part for the screen, the other for the remote controler (and this is what NTT Labs demonstrated).

Multiple screens, but also your body.

Another usage which is entering now is the coupling of gesture detection with screens. Some examples : Sven Haiges @hansamann from Hybrisdemonstrated a new shopping experience :a large screen on which you can surf thanks to gesture, detected by a kinect, the famous gesture sensor. Once you have filled your digital bag, you can collect your item on your smartphone via the NFC capabilities of the system, and end your purchase on a store or on line (video). A purely web story. In the corporate domain, Alcatel Lucent with Olivier Martinot demonstrated how web presentation across different locations could be much more efficient and interactive with the addition of live images of presenterr on the remote attendees screens. Much more efficient and flexible then webcam-only usage. Here again the underlying technology for deploying such service was HTML5 with Web RTC and kinect integration.

Multiple screens, your body, … and the third dimension.

LG reminded the public that the 3D waves would soon be the basics of watching content. Any content. Picture, movie, clips. And if you want the public and the services to enjoy the 3D, you really need to align all the W3C specifications so support stereoscopic video. This is the purpose of a WG in W3C named the 3dweb which aims to upgrade specifications.

After this walk into the labs of the different organization making the TV market, you may guess that your 2D single screen strategy is about to change !

[1] Open IP TV Forum http://www.oipf.tv/

[2] Dash Industry Forum http://dashif.org

[3] W3C Web & TV  Interest Group http://www.w3.org/2011/webtv/

[4] HbbTV http://www.hbbtv.org/

Note : picture by Zellaby under Creative Common.

Your unconnected tatoo will soon be sooo vintage…

 Imagine. Take all the buzz words you hear in the digital planet [social media, cloud, crowd sourcing, e-health, open data] and instead of claiming it is the future and cross-finger, you analyze the new usages and sociological impacts they trigger. This is what Netexplo team is running after, each year. How can that magic happen ? Netexplo is sponsored by (rich) members, and is funding a team which analyses, collects, segments each year 500 innovative digital projects. Worldwide. 100 projects are selected and 10 of them are pitched during the Netexplo Forum in front of hundreds of attendees. I was there last February and let me witness that attending Netexplo Forum was a real experience. Just like learning the best of digital in two days.

What made the digital world shaking in 2012 ? Julien Levy was the spokesman of Netexplo team this year and exposed the identified trends. Obviously the Netexplo Trends report 2013 can not be sum up in few lines, but some of the key concepts were shared during Julien talk [1]. Cloud, appearance, digital immanence. Each of the concept was illustrated by projects developed by start up or research labs. Lets review the main concepts.

Cloud Care. Thanks to the network built by the connected people, machines and devices, some amazing services can be invented.

Taking care of objects. By deploying sensors and processors everywhere, it is possible to monitor a grid of water pumps, or balance the humidity of a natural eco-system.

Taking care of people. By connecting patients, robots, doctors, application can ease the patient journey. This may be particularly valid for the elders, who can be helped in their day to day life. Care Square was one of the projects awarded, which principle resided in a very simplified tablet, offering basic graphic user interface.

Taking care of opinion. By collecting opinion, comments, views, people can fine-tune their own opinion, choosing to endorse or not others advices.

Crowd cops. Taking care all together, replacing cops. By connecting the people and calling on their vigilance, material incidents can be declared in cities, or rescue team can be supported by bringing more local information, family and relatives can monitor each other, consumers can also report bad usages of companies or politics. This can be a way to introduce again solidarity among people. But the dark side of the crowd cop also exists. Employers tracking employees. Shops tracking customers. The right balance may be in the mutual agreement of monitoring and being monitored (but who knows what are the condition for a real free agreement).

Beyond the appearance. The main question for citizen and consumers facing the digital ocean is : Will web 2.0 marketing fool me ? How can I detect the truth behind the messages ? New expertise is required here and the collective experience collected thanks to the crowd may be a great tool to balance the super marketing machines.

Fact checking. By measuring the reality, thanks to sensors, the reality can be augmented, and become an augmented reality for everyone. Reality can be transmitted to disabled, to countermeasure their disability. Additional information about item, food, goods, books, can be found just by taking picture, recording sound, using laser. An interesting example is the China Survival Manual, an anonymous application, which alerts consumers to health risks. Another application which has been intensively adverted those days is the french ‘Citoyens Capteurs‘ (citizen as sensors), selected in the 100 projects, which allows each citizen to measure the air pollution and participate to scientific experiment. A last example awarded in the top 10 was Zéro-Gâchis, a application allowing supermarket to declare their items close to their sell-by date in nearby supermarkets. Less wastage, better consumption, more respect for the earth and production cycle.

Body Checking. The same applies to body. Blood pressure can be detected on faces, leading to potential interpretation of emotions. Parkinson can be diagnosed by voice analysis from 20 minutes of sample conversation (see Parkinson Voice Initiative project). health care can become in that case hell scary.

Reality and digital merging. Where the reality is helping you in your day to day life, with no effort from you. the connection, the context, the integration of the machines or devices are a support for the citizen. example with the Google glasses, but also the shoes guiding your way, lightened on the right when you should turn right. The best illustration for that amazing integration was Windows Of Opportunity WOO. WOO makes the windows of car a new area to play, to learn, to share. While driving in Paris, you may see the window of another car driving in Tokyo. You could also share music from other drivers stuck in the same traffic jam… WOO is a technology providing an interactive and contextual screen, in which you can imagine any funny or educative application. The winner of the Netexplo report was the Electronic Tatoos, a technology allowing to lay some electronic circuit on the skin, flexible and resistant enough to look like a tatoo. While not being already deployed, the technological challenge was amazing enough to make everyone dreaming or being frightened by the large scale of possible applications. Imagine, you wear data and emit messages, anytime…

Digital immanence. The digital and the real do not have borders, they are the world. More then having physical or technological fusion, you have a personal involvement in digital, that may affect your emotion, soul, mental illness. SPARX is a game to help depressive teenagers understanding their illness and highlight progresses. Teenagers do recover easily playing in a virtual society… you just need to design the appropriate situations and dialogs.

To sum-up. Trends covered the connected device, machine, people, brains. And Julien Levy ended with an embarrassing question – while we were all tweeting and surfing. What about usages in case our world would be disconnected. Panic ? Alternatives ? This may be a good topic for 2014 Netexplo Forum.

Which of the 2012 innovations will shape 2013 ? Probably none of them. Those innovations may definitely need to mature before they become actual democratic usages, so we should better wait for them in two or three years. Netexplo Forum offered a really good picture of where the digital world may go and it is up to each of us to think about the kind of word we want to shape for the future….

[1] Netexplo trends by Julien Levy http://www.netexplo.org/replays/2013/trend-report-2013

Note : look at the Bluenod map to track who tweeted what during the event Day1 : http://bluenod.com/event/nexplo_2013_day1 Day2 : http://bluenod.com/event/nexplo_2013_day2 (Twitter account required)