Skip to content
Banner Blogpost: Reclaim Digital Autonomy
07 February 2022| doi: 10.5281/zenodo.5931448

Reclaiming Digital Autonomy

In today’s digital age, all of us depend on a number of large companies to mean well with us: to guard our data, or at least to not abuse it too much without asking. Even if we wanted, we cannot take things into our own hands and reclaim our digital autonomy because too much depends on too many system operators. To help small-time users and sysadmins to fight this dependence, Jan Götte and Björn Scheuermann from HIIG have developed Inertial Hardware Security Modules, or IHSMs. IHSM-equipped low-budget servers provide high security even outside of well-protected data centers and enable us to regain our Digital Autonomy.

Digital Dependencies

The rise of networked computers has revolutionized many aspects of our modern lives. However, in lock-step with all the quality of life improvements that the internet brought us, today we can observe a worrying trend of increasing digital dependency. ”Opting out” of the digital life on social media or e-commerce platforms becomes increasingly difficult to sustain. At the same time the power of these platforms over their users is steadily increasing. Anyone who has ever had their Twitter or Facebook account suspended for an alleged Terms of Service violation or who has been locked out of their Google or Amazon account will know how acute this dependency and lack of digital autonomy is. What the platform decides is law and therefore we have to accept complicated and frustrating “account verification” processes for unnamed “security reasons” There is no way for us as users to meaningfully challenge its decisions because we are the platform’s product, not its customers.

Do it Yourself

With policy solutions to this issue still being in the distant future, the next-best approach would be technical, in order to take things into our own hands. On this premise, open-source projects such as Nextcloud and Mastodon have created de-centralized alternatives to some of the big platforms. Open-source software has great potential, but DIY’ing has a drawback beyond the time spent on installing and maintaining these solutions. While open-source software has made great strides over the last decades and offers viable alternatives to many proprietary, centralized platforms today, this software still has to run on someone’s computer. This underlying physical infrastructure is where things get complicated. Today, the only real option to run one’s own digital infrastructure is to rent a server (or part of one) from one of a number of large cloud providers. And in this case, whoever runs the data center ultimately controls access to the data stored within.

At first, this fact of life might not seem concerning. After all, a data center operator would risk a lot if it compromised its customers’ security. However, in the past we have seen several physical attacks targeting high-value data (Example). Large companies can mitigate such attacks by tightly controlling their entire infrastructure, from the application software down to the data center’s access control systems. For smaller organizations and private individuals, this option does not exist. If we cannot even escape reliance on these large cloud providers if we run our own open-source software, the question becomes what we have really gained through our efforts.

Inertial Hardware Security Modules – first steps towards digital autonomy

At HIIG, Björn and I have asked ourselves if there might be ways to claw back control over our hardware in order to build a solid foundation for a decentralized software ecosystem.  If we can find a way thatsomeone much smaller than an Amazon or Google can build a special physically secure server that is invulnerable to physical attacks, this server can be put into any commercial data center. At the same time it is completely decoupling the security of the data stored in it from the operator of the data center around it.

With Inertial Hardware Security Modules (short, IHSMs) we believe we have developed a promising approach towards this problem. You can read the full paper here. The gist of our solution is that we are able to build an enclosure that physically protects a server from any attempt at siphoning off its secrets, no matter who tries to attack it. IHSMs are similar to a type of device used in payment processing applications called Hardware Security Modules. Both provide a similar level of security. The main difference is that IHSMs allow much larger systems to be protected and bump both size and computing power from that of a smartphone to that of a server. This is a difference of about factor 100 in space, processing power and cooling capacity. IHSMs are simple to construct and can be built with basic tools that can be found in most electronic labs.

IHSMs work by putting the server’s mainboard, CPU, and memory inside of a tamper detection “mesh”. This mesh is a very delicate component that will sense when someone tries to cut, drill or poke through it. When tampering is detected, an alarm is activated and all sensitive data inside the server is securely deleted. To make the tamper detection mesh itself hard to tamper with, this mesh is spinning at around the speed of a washing machine during its spin cycle.

Trusting and Un-trusting

In computer security terms, what we are doing with IHSMs is that we are “untrusting” the server’s physical environment. Computer security has a rather remarkable definition of trust that is pretty much the opposite of all the others. In computer security, trust is a de-facto property of something that we rely on as being good. In computer security, something trusted should be trustworthy (but does not have to be). Contrast that to the common-sense meaning, where something trustworthy should be trusted (but does not have to be).

Untrusting the data center gives us the chance to decouple software security from physical security. Using an IHSM, a comparably small organization such as the HIIG, the Chaos Computer Club, or a small company can operate software on a physical foundation that is as secure as that of the large cloud companies. With the benefit that no one but themselves holds the keys to the data.

Examples for applications where this increased security matters are group chats, cloud photo storages, and calendar and contact synchronization systems. All of these already encrypt the network connection between their user’s phone or laptop and the server, but only rarely encrypt the actual data stored on these servers.

Digital autonomy through your own secure servers

We envision a world where small organizations can gain digital autonomy by building their own secure servers that even a hostile secret service will not be able to compromise physically. As a first step towards this world, our paper is open access, and we have applied the principles of open-source hardware. All of our code and CAD models are available through git.


Our full paper introducing Inertial Hardware security Modules has been published at TCHES 22’1. You can download it for free here at the publisher’s website.

This post represents the view of the author and does not necessarily represent the view of the institute itself. For more information about the topics of these articles and associated research projects, please contact info@hiig.de.

Jan Sebastian Götte

Former Associated Researcher: Data, Actors, Infrastructure

Sign up for HIIG's Monthly Digest

HIIG-Newsletter-Header

You will receive our latest blog articles once a month in a newsletter.

Explore Research issue in focus

Du siehst eine Tastatur auf der eine Taste rot gefärbt ist und auf der „Control“ steht. Eine bildliche Metapher für die Regulierung von digitalen Plattformen im Internet und Data Governance. You see a keyboard on which one key is coloured red and says "Control". A figurative metaphor for the regulation of digital platforms on the internet and data governance.

Data governance

We develop robust data governance frameworks and models to provide practical solutions for good data governance policies.

Further articles

Three groups of icons representing people have shapes travelling between them and a page in the middle of the image. The page is a simple rectangle with straight lines representing data used for people analytics. The shapes traveling towards the page are irregular and in squiggly bands.

Empowering workers with data

As workplaces become data-driven, can workers use people analytics to advocate for their rights? This article explores how data empowers workers and unions.

A stylised illustration featuring a large "X" in a minimalist font, with a dry branch and faded leaves on one side, and a vibrant blue bird in flight on the other. The image symbolises transition, with the bird representing the former Twitter logo and the "X" symbolising the platform's rebranding and policy changes under Elon Musk.

Two years after the takeover: Four key policy changes of X under Musk

This article outlines four key policy changes of X since Musk’s 2022 takeover, highlighting how the platform's approach to content moderation has evolved.

The picture shows a tractor cultivating a field from above. One side of the field is covered in green, the other is dry and earthy. This is intended to show that although sustainable AI can be useful in the fight against climate change, it also comes at a high ecological cost.

Between vision and reality: Discourses about Sustainable AI in Germany

This article explores Sustainable AI and Germany's shift from optimism to concern about its environmental impact. Can AI really combat climate change?