Berners-Lee's Solid project: Schneier joins team to give you back control over data

Inrupt, the company behind the open-source Solid project, hires experts in its drive to let users control their data.

Can Tim Berners-Lee really save the web?

Web creator Sir Tim Berners-Lee's young company, Inrupt, which aims to steer the web away from oligopoly, has announced five key hires, including cryptography expert Bruce Schneier. 

Inrupt is the company that's backing the open-source project, Solid, which was launched in late 2018 to address the problem of large corporations controlling most of the world's user data because the public, at one point, perceived there was value in exchanging their data for a service.

Berners-Lee originally described Solid as a web platform that gives users a choice about where data is stored, allowing people to share data with others and control which apps can access it. He argued that "people want apps that help them do what they want and need to do – without spying on them". 

A key component of Solid is the Pod, which Inrupt compares to a "USB stick for the web" and a private website that works with other apps. Users can create one or many Pods. 

SEE: Cybersecurity in an IoT and mobile world (ZDNet special report) | Download the report as a PDF (TechRepublic)

Bruce Schneier, a privacy advocate and fierce critic of government encryption backdoors, joined Inrupt as its chief of security architecture last summer, but until now his role has remained concealed, according to his blog.  

At the moment, the Solid Pod server that users would install locally, is just a prototype implementation with "no security or stability guarantees". 

"The idea behind Solid is both simple and extraordinarily powerful," writes Schneier. "Your data lives in a Pod that is controlled by you. Data generated by your things – your computer, your phone, your IoT whatever – is written to your Pod." 

"You authorize granular access to that Pod to whoever you want for whatever reason you want. Your data is no longer in a bazillion places on the internet, controlled by you-have-no-idea-who. It's yours. "

Schneier says if you, for example, want your insurance company to have access to your fitness data, you grant it through your Pod.

"If you want your friends to have access to your vacation photos, you grant it through your Pod. If you want your thermostat to share data with your air conditioner, you give both of them access through your Pod ."

Schneier sees Pods potentially being as portable as a cell phone number is today when moving between carriers. 

He also rates it as having a "very good chance" of becoming a key for protocol for IoT companies to use as a data-sharing agreement. 

Other appointments Inrupt announced today include Davi Ottenheimer, VP of trust and digital ethics; Osmar Olivo, VP of product; Emmet Townsend, VP of engineering; and Sarven Capadisli, technical architect. 

SEE: Cybersecurity: Do these ten things to keep your networks secure from hackers

Inrupt, which was establish in 2017, is headed up by co-founder and CEO John Bruce, who was the co-founder of the now IBM-owned Resilient Systems, where Schneier served as its chief technology officer. 

Schneier told the Financial Times that it would be a major challenge to create workable authentication and permission processes for Solid to work at scale. 

Solid is also a member of the Data Transfer Project (DTP), an open-source data portability project that is backed by Apple, Facebook, Google, Microsoft, and Twitter. 

According to the Financial Times, some big tech companies have privately dismissed Solid as an academic project, but there is a chance Solid could become more widely adopted if DTP integrated with it.