The Net Rat: Rethinking Connected Services for Increased Security

Traditional desktop computers have been outranked in terms of usage numbers by mobile devices. Still, many popular mobile-first services rely on workflows designed decades ago for a different environment. When relying on cloud-based services, privacy and data protection issues need to be considered. Mostly, however, one can choose between either well-supported legacy applications or innovative niche solutions. In this paper, we introduce the Net Rat, a framework enabling a seamless transition from existing centralised setups to decentralised state-of-the-art services, increasing security while maintaining backwards compatibility to well-established legacy services. We demonstrate the feasibility of our approach with a case study focusing on the decentralisation of the e-mail service—until now, this failed due to missing backward compatibility. A security analysis demonstrates how our approach reaches its goal of protecting user data through decentralisation. The Net Rat is built on a solid foundation as result of a security-first design. The results of this work clearly show the feasibility of decentralising existing services and highlight how well-established services can be improved. Our approach also presents opportunities to develop new services based on a solid foundation.