Interoperable Serialization between C# Java and many other languages

Swagger Rest-Service

We know it all, everybody can consume it and requests GET, POST responses or requests PUT, DELETE operation with no data and only status code result.

https://petstore.swagger.io/?_gl=1*1jtj1ri*_gcl_au*NDYyNTc0Nzg2LjE3NDM3NjYyOTc.

While swagger will offer both XML & json serialization, the devil hides in detail, when exchanging and serializing / deserialzing data objets between languages and operating systems.

Serialization to exchange content via serialized data objects

Serialization of entities (data objects) across languages &  platforms

It's relative easy to find minimalistic data objects for the most common types, like file and images:

You see serializing / deserializing isn't completley language & OS / platform idependent!

JSON

Gson for Java: https://github.com/google/gson

Json for Java: https://github.com/stleary/JSON-java

Json for C#: https://github.com/JamesNK/Newtonsoft.Json

Json for Ruby: https://github.com/ruby/json 

Several gson json for C++: https://github.com/open-source-parsers

Another C++ json: https://github.com/nlohmann/json

Json Server. https://github.com/typicode/json-server

Node JS FastApi: https://github.com/fastapi/fastapi

XML

Java XStream https://github.com/x-stream/xstream

Java Jackson: https://github.com/FasterXML/jackson-dataformat-xml

PHP symfony/serializer xml & json serializer: https://github.com/symfony/serializer

C# .Net Extended Xml Serializer: https://github.com/ExtendedXmlSerializer/home

C# .Net Yet another xml serializer: https://github.com/YAXLib/YAXLib

XSerializer: https://github.com/bfriesen/XSerializer

You see serializing / deserializing isn't completley language & OS / platform idependent!

Just let's crypt

Famous and well known crypt libraries

https://bouncycastle.org/

https://www.gnutls.org/

https://git.lysator.liu.se/nettle/nettle

https://www.wolfssl.com/

https://www.cs.auckland.ac.nz/~pgut001/cryptlib/

https://gnupg.org/software/libgcrypt/

https://firefox-source-docs.mozilla.org/security/nss/index.html

https://nacl.cr.yp.to/box.html

NSA presents itself as a more official organization

https://code.nsa.gov/

https://ghidra-sre.org/

https://github.com/NationalSecurityAgency

https://github.com/orgs/NationalSecurityAgency/repositories

http://nationalsecurityagency.github.io/

cqrxs.eu will launch until 27nd march 2025

Implementiere bis 22.2.2025 eine cqrxs.eu Plattform, die einen Secure-Chat und sicheres einmaliges hinterlegen von Codes, Texten (kann auch IPv6 Endpoint 2 Endpoint / Peer2Peer ohne Server) beinhaltet.

Verschlüsselt wird mit einem 8-fachen AES mit folgenden Varianten des AES:
3DES, Blowfish, 2-Fish, 3-Fish, AES Golois fields, Camellia, Cast[56], Gost28147, Idea, RC[26], RC532, Seed, Serpent, Skipjack, Tea, Tnepres, XTea und einer eigenen sehrr schnellen, aber cryptographisch nicht so starken SymmCipher Variante "ZenMatrix".

https://area23-at.blogspot.com/2025/01/cqrxseu-will-launch-until-22nd-february.html

I will implement a cqrxs.eu platform until February 21st 2025,
that includes a secure chat (can also be IPv6 endpoint 2 endpoint / 

peer2peer without a server / or a chat over server proxy variant)
and secure one-time storage of codes and texts.

Encryption is done with an 8-fold AES with the following variants of AES:
3DES, Blowfish, 2-Fish, 3-Fish, AES Golois fields, Camellia, Cast[56], Gost28147, Idea, RC[26], RC532, Seed, Serpent, Skipjack, Tea, Tnepres, XTea and 

our own very fast, but cryptographically not so strong SymmCipher variant "ZenMatrix".

https://area23-at.blogspot.com/2024/04/making-symetric-chiffer-encryption.html

See prototype of WinForms chat client below,
that also can send / receive loopback.

CqrJd C# is a [MUST HAVE]

CqrJd Java is [OPTIONAL] <= started implementation & looks good
CqrJd in C/C++ is [OPTIONAL] <= there'll be at least a skeleton

IPv6 socket server in C under linux, C#, java

 

chat-ipv6

is same as a forking ipv6 server, but using clone(2) for posix threads instead of fork (copying entire process image).

currently only availible for linux / unix and gcc

build project

client6.s and server6_clone.s can be compiled and linked with GNU make utility by using existing Makefile.

change directory to source and Makefile containing directory server6-clone.

• cd server6-clone/

Now clean project to delete outdated binary executables or objects.

• make clean

  rm -f client6 client6.o server6_clone server6_clone.o
  

build client6

• make client6

  ggcc "-Wimplicit-function-declaration" -o client6.o -c  client6.c

  client6.c: In function ‘ping’:
  client6.c:42:27: warning: embedded ‘\0’ in format [-Wformat-contains-nul]
  42 |     sprintf(inbuf, "%s\r\n\0", msg); 
     |                           ^~
  client6.c:49:16: warning: function returns address of local variable [-Wreturn-local-addr]
  49 |         return &outbuf[0];
     |                ^~~~~~~~~~
  client6.c: In function ‘main’:
  client6.c:92:17: warning: implicit declaration of function ‘close’; did you mean ‘pclose’? [-Wimplicit-function-declaration]
  92 |                 close(sd);
     |                 ^~~~~
     |                 pclose
  gcc "-Wimplicit-function-declaration" -o client6 client6.o

build server6

• make server6_clone
  
  

  gcc  "-Wimplicit-function-declaration" -o server6.o -c server6.c
  gcc "-Wimplicit-function-declaration" -o server6 server6.o
  

start server at a custom tcpv6 port

• ./server6 "2600:1f18:7a3f:a700::6291" 7777
  

  ./server6 program started...
  server trys listening on address 2600:1f18:7a3f:a700::6291 port: 7777
  ./server6: cannot clone(2), trying to fork(2)./server6: offset: 1024,   pagesze_offet: 4095,    pa_offset: 0,
  sockets:        s_sd=3, c_sd=4
  ./server6: cannot clone(2), trying to fork(2)./server6: client request handled after sending/receiving 136 bytes total.
  ./server6       closed client socket descriptor 4 now, exiting in 1 secondchild pid: 231095child pid 231095 exited, status=0, done=1
  ^C
  zen@virginia:~/prog/chat-ipv6/c-server6$ sudo ./server6 "2600:1f18:7a3f:a700::6291" 7777
  ./server6 program started...
  server trys listening on address 2600:1f18:7a3f:a700::6291 port: 7777
  ./server6:      offset: 1024,   pagesze_offet: 4095,    pa_offset: 0,
  sockets:        s_sd=3, c_sd=4
  ./server6:      client request handled after sending/receiving 136 bytes total.
  child pid: 231102 child pid 231102 exited, status=0, done=1
  ./server6:      offset: 1024,   pagesze_offet: 4095,    pa_offset: 0,
  sockets:        s_sd=3, c_sd=5
  ./server6:      client request handled after sending/receiving 135 bytes total.
  child pid: 231107 child pid 231107 exited, status=0, done=1

java ipv4/ipv6 EchoServer & EchoClient

compile java sources with any javac compiler

Windows

• winmake

  winmake.bat
  > echo "building now EchoServer classes..."
  "building now EchoServer classes..."
  > javac EchoServer.java
  > echo "building now EchoClient class."
  "building now EchoClient class."
  > javac EchoClient.java
  > dir *.class
  Directory of C:\Users\heinr\source\chat-ipv6\java-server6
  10/12/2024  03:40             3.188 EchoClient.class
  10/12/2024  03:40             5.368 EchoServer.class
             2 File(s)          8.556 bytes

Linux

• make all

  zen@virginia:~/prog/chat-ipv6/java-server6$ make all
  rm -f *.class
  javac EchoServer.java
  javac EchoClient.java
  zen@virginia:~/prog/chat-ipv6/java-server6$ ls -al *.class
  -rw-r--r-- 1 zen mailers 3188 Dec 10 03:44 EchoClient.class
  -rw-r--r-- 1 zen mailers 5368 Dec 10 03:44 EchoServer.class
  zen@virginia:~/prog/chat-ipv6/java-server6$

starting java socket server with no args for both ipv4/6

• java EchoServer "172.31.20.156" "2a05:d012:209:ee00:a8ba:d6c4:bd60:bab5" 7777

zen@paris:~/prog/chat-ipv6/java-server6$ java EchoServer "172.31.20.156" "2a05:d012:209:ee00:a8ba:d6c4:bd60:bab5" 7777
server address set to 172.31.20.156
server address6 set to 2a05:d012:209:ee00:a8ba:d6c4:bd60:bab5
Simple TCP Echo Server started ...
Simple TCP Echo Server started ...
EchoServer is listening on address 2a05:d012:209:ee00:a8ba:d6c4:bd60:bab5 port 7777.
EchoServer is listening on address 172.31.20.156 port 7777.
Accepted connection to 2600:1f18:7a3f:a700:0:0:0:6291 (2600:1f18:7a3f:a700:0:0:0:6291) on port 58318.
Receiving from socket:
Finished, now sending back to socket:
2a05:d012:209:ee00:a8ba:d6c4:bd60:bab5 =>      2600:1f18:7a3f:a700:0:0:0:6291   uname -a : Linux ip-172-31-57-91 6.8.0-1019-aws #21-Ubuntu SMP Wed Nov  6 21:21:49 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux
client socket close()
Accepted connection to ec2-100-26-162-115.compute-1.amazonaws.com (100.26.162.115) on port 48304.
Receiving from socket:
Finished, now sending back to socket:
172.31.20.156  =>      ec2-100-26-162-115.compute-1.amazonaws.com/100.26.162.115       uname -a : Linux ip-172-31-57-91 6.8.0-1019-aws #21-Ubuntu SMP Wed Nov  6 21:21:49 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux
client socket close()

starting java echo client

• java EchoClient "2a05:d012:209:ee00:a8ba:d6c4:bd60:bab5" 7777 "uname -a : uname -a "

zen@virginia:~/prog/chat-ipv6/java-server6$ java EchoClient "2a05:d012:209:ee00:a8ba:d6c4:bd60:bab5"  7777 "uname -a : `uname -a` "
Receiving:
2a05:d012:209:ee00:a8ba:d6c4:bd60:bab5 =>      2600:1f18:7a3f:a700:0:0:0:6291   uname -a : Linux ip-172-31-57-91 6.8.0-1019-aws #21-Ubuntu SMP Wed Nov  6 21:21:49 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux
finished
zen@virginia:~/prog/chat-ipv6/java-server6$ java EchoClient "13.38.136.165"  7777 "uname -a : `uname -a` "
Receiving:
172.31.20.156  =>      ec2-100-26-162-115.compute-1.amazonaws.com/100.26.162.115       uname -a : Linux ip-172-31-57-91 6.8.0-1019-aws #21-Ubuntu SMP Wed Nov  6 21:21:49 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux
finished
^C

Windows file Date.Created, Date.Modified on File Copy, Move & Write

File.Copy

File.Copy, no matter if made with Windows Explorer, command copy, xcopy or programs, that use File.Copy Windows Api call, creates a new file or overwrites an existing file, where
Created Date = now,
Last Modified Date = Last modified DateTime of original file

File.Move

File.Move, no matter if made with Windows Explorer, Command move or programs, that use File.Move Windows Api call, creates a new file or overwrites an existing file, where
Created Date = created DateTime of original file
Last Modified Date = Last modified DateTime of original file

File.Write

File Write, no matter, if Console Application, Windows Application or Windows Service or what ever, creates a new or overwrites an existing file, where
Created Date = now
Last Modified Date = now

Simple C# Program 'gscopy.exe' to demonstrate

https://github.com/heinrichelsigan/cmdcopy [ releases ]

https://pastebin.com/Mw64xbqk

Fuzzy Logic: in memoriam Siegfried Gottwald † 20.9.2015

Siegfried Johannes Gottwald (* 30. 3. 1943 in Limbach; † 20. 9. 2015) war ein deutscher Mathematiker, Logiker und Wissenschaftshistoriker. Sein Hauptforschungsgebiet war Fuzzy Logic
https://www.researchgate.net/profile/Siegfried-Gottwald

Mein langjähriger Freund Bob (Robert Antonius Berezka) sah Anfang der 1990er in diesem Gebiet sehr großes Entwicklungspotential, das aber leider nicht genutzt wurde. ⁽¹⁾ 

Potential für Fuzzy Logik ∃ in binärer Logik + Mengentheorie.

Binäre Fuzzy Logik

Trigger für Einschalten von Erneuerbaren Energie Mini- / Hobby- Kraftwerken, erst ab gewisser naturgegebener Eingangsleistung.

Windrad Hobby-/ Mini-Kraftwerk

• Windgeschwindigkeit <  4m/s 
  bitte keine Windenergie speichern oder einspeisen
• Windgeschwindigkeit > 150m/s
  Orkan; Windrad auf Durchlauf, keine Stromgewinnung über zu hohem Grenzwert

Solaranlage Hobby-/ Mini-Kraftwerk

• Sonnenstunden / Tag < ¾ Sonnenstunde im Winter
  wir belasten unseren Wechselrichter besser nicht unnötig,
  denn  bei schwacher Eingangsleistung für < ¾h, wird kaum Wechselstrom Energie in einer relevanten Menge erzeugt werden können.

Fuzzy für unscharfe Mengen

Verwendung von unscharfer Mengen schien dort vielversprechend, wo wir heute in der Statisik disjunkte Mengen und eindeutige Werte Preferenzen verwenden.

Erfassung Erwerbsarbeit

Jemand wie ich war in den letzten 3 Jahren,

1. sowohl angestellt erwerbstätig,
2. als auch selbstständig erwerbstätig, davon
   a. als echter Kleinunternehmer mit soliden Auftragsarbeiten für KMU's
   b. prekär als Kleinstunternehmer (eher mehr NGO community based project)/li>
3. beim AMS arbeitslos gemeldet.

Ich bin sicher nicht der einzige, der in der Erwerbsarbeitsstatistik nicht eindeutig zuordenbar ist und hier liefert die bisherige Statistik kein passendes Bild über die Erwerbsrealität von Menschen.
Es gibt heute bereits mehr Menschen als früher, die weder als Dauerarbeitslose noch als fast durchgehend beschäftigt zuordenbar sind.

Wahlumfragen:

ÖVP		24%	(scharf)	22%	-	30%	(fuzzy)
SPÖ		20%	(scharf)	18%	-	24%	(fuzzy)
FPÖ		25%	(scharf)	23%	-	30%	(fuzzy)
Grüne		12%	(scharf)	8%	-	15%	(fuzzy)
Neos		10%	(scharf)	9%	-	12%	(fuzzy)
KPÖ		3%	(scharf)	1%	-	6%	(fuzzy)
Bier		5%	(scharf)	4%	-	8%	(fuzzy)

---

Normalerweise hat Bob oft den richtigen Riecher bezüglich langfristig technischer Trends,
wie z.B.  C/C++ wird noch lange weiter bestehen  C bleibt primäre Sprache zur Hardware und Betriebssystem nahen Programmierung
Bei Win3.11 mit sauberen Win32 API (statt Win16 und Dos16) beginnt die Zukunft. Es stimmt, Dos16 und Win16 sind inzwischen wirklich Geschichte, aber Win32 API (seit 1993) bleibt weiter bestehen.
Intel, AMD x86, x64 Architektur wird sich gegenüber Sun Sparc, MIPS, Motorola 680x0  auch  PowerPC PPC/MPC60x , DEC Alpha und anderen durchsetzen (es stimmte, sogar Apple verwendete irgendwann Intel für seine MacBooks)

if there is no huge sophisticated optimization in gcc or cross compile support in Micro$oft Visual Studio for a certain processor architecture => forget this architecture. When it become not so performant for all GNU or QT stuff, then think about, how effective will be the Java Runtime / SDK, .Net Runtime / SDK, how effective the build for script languages like perl, php, python, tcl.

I only believe in Intel, AMD, Arm, Micro$oft, Apple and the man with the Red Hat.

all other commerical Unix based systems (OS/2, AIX, HPUX, Solaris, Irix) were quiet good, but  all specialized file systems like XFS, ZFS, brtfs are ported to Linux, forget processor architecture, if no sophisticated optimization in gcc.

Making symmetric cipher encryption strong again [updated]

When students in the 2nd semester in year 1992 type on the laptop during the lecture or start talking, Professor Gerd Baron always repeated very loudly that's what's all about:

We have a universe here and 
it's all about of the number of arrangements in a finite set.

Professor Gerd Baron of Mathematics modified math lecture for computer scientists, where he claimed graph theory and combinatorics and weighted models (for traveling salesmen or ip routing) to understand better things we will need later (like equal costs => multipath).

Easiest way to scale up AES: combination & permutation

plain text ⟶ 3DES PBox → AES → 2blowfish ⟶ cipher text
cipher text ⟶ 2blowfish → AES → 3DES SBox ⟶ plain text

plain text ⟶ AES ⟶ 2blowfish ⟶ 3DES PBox (scrambled) ⟶ cipher text
cipher text ⟶ 3DES  SBox(scrambled) → 2blowfish → AES ⟶ plain text

you also can remix it per good random numbers like
3DES = 0x1
AES = 0x2
2Fish = 0x4
Serpent = 0x8

So 0xBC for encryption would mean 0xCB for decryption
plain ⟶ (3DES→AES→Serpent) ⟶ (2Fish→Serpent) ⟶ encrypted
encrypted ⟶ (Serpent→2Fish) ⟶ (Serpent→AES→3DES) ⟶ plain 

with 2 bytes strong keys (negoatiated randomized at handshake) you're quiet secure.

Multiple symmetric cipher encryption prototype

Try it out on area23: https://area23.at/net/Crypt/CoolCrypt.aspx
Github repository: github.com/heinrichelsigan/area23.at/

A simple matrix encryption algorithm by myself:

I found a simple matrix symmetric encryption algorithm, that works similiar to 3DES,
with NxN Matrix trans, after asking that question here on  math.stackexchange.com/questions/4915786/ 

R3 ➝ R3: v(3) x M(3,3) = v(3)

⎡ 1 ⎤    ⎡ 0 1 0 ⎤    ⎡ 2 ⎤ 
⎢ 2 ⎥ x  ⎢ 0 0 1 ⎥ =  ⎢ 3 ⎥  
⎣ 3 ⎦    ⎣ 1 0 0 ⎦    ⎣ 1 ⎦ 
The inverse matrix for reverse symmetric encryption would be:
⎡ 2 ⎤    ⎡ 0 0 1 ⎤    ⎡ 1 ⎤ 
⎢ 3 ⎥ x  ⎢ 1 0 0 ⎥ =  ⎢ 2 ⎥  
⎣ 1 ⎦    ⎣ 0 1 0 ⎦    ⎣ 3 ⎦ 

https://area23.at/net/Crypt/CoolCrypt.aspx

More symmetric cipher algos are now availible!

Area23.At.Mono already contained:

3DES, 2FISH, 3FISH, AES, Rijndael (same as AES), Serpent and new ZenMatrix.

The following symmetric cipher encryption / decryption algorirhms have now been added:

Camellia, Cast[56], Gost28147, Idea, RC[26], RC532, Seed, Skipjack, Tea, Tnepres, XTea.

Why I'm publishing this article?

Unfortunately, since I catched a schizoaffective disorder 2007, I have sometimes the tendency to talk loudly and am often paranoid about being wiretapped.

Existing even bigger companies, were I was employed, (I told them about my problem since 2007) meaned, that I didn't break the compliance in that case, because I can assume that we have not the GDR with Stasi here and loudly repeating fraud detection rules at home isn't a crime. Once I feeled very painful and a spoke out loudly my idea of better AES. To avoid, that only some people could get it, I wrote a simple prototype and then sended this article to old friends, who work at US companies.

How to enable ipv6 (inet6) in AWS EC2 VPCs, Subnets, Network interfaces and instances

This is a very quick and walk through documentation, how to enable ipv6 addresses and ipv6 networking in AWS (Amazon Web Services) E2C instances.

Ensure that virtual hardware is enabled for ipv6

In this section, we check if VPC, Subnets, Routing Tables and Network Interfaces are ready for ipv6.
It's a walkthroigh in form of (examine, check, enable ipv6 <= if not already enabled).

Great companies on alibaba with impressive solutions

Qingdao HenryD Wind Power Equipment Co., Ltd.

green renewable energy
https://hldwtg.en.alibaba.com/

Helios Technology Co., Ltd.

green renewable energy
https://evhelios.en.alibaba.com/

Guangzhou Sary Electronics Co., Ltd.

Master key systems, fingerprint sensors, elctomagnetic lock

https://sary.en.alibaba.com/

Shanghai Pinnxun Electric Motor Co., Ltd.

https://pinnxun.en.alibaba.com/

Fuchun Industry Development Company

hydro turbines (please check IP)

https://fuchunind.en.alibaba.com/

Shenzhen Qinda Electronics Co., Ltd.

electronic process automation

https://qindamodule.en.alibaba.com

Other subdomains:

https://geetiendrone.en.alibaba.com/

UTF-8 unicode cool symbol work already in many cases

area23.at/s/?🪠

area23.at/s/?🛧
area23.at/s/?🍁
area23.at/s/?🚲
area23.at/s/?🚴

area23.at/s/?🕁

system library:BIO_connect:Connection refused:../crypto/bio/bio_sock2.c

I got the strange error message 

system library:BIO_connect:Connection refused:../crypto/bio/bio_sock2.c

on executing 

openssl s_client -starttls smtp -connect mail.area23.at:587

when testing sendmail smtp tls with an Let's Encrypt SSL certificate.

If you got the same error message, ensure that

1. sendmail is running (on mail server / relay host)
   test it with init rc script 
     /etc/init.d/sendmail status
   or simple by process listing tools, like 
     pstree | grep sendmaail
     pidof sendmail-mta
     ps fauxwww | grep sendmail
   and network server socket is bound 
     netstat -avn 2>&1 |less
   or fuser and your sendmail port
     fuser -v -n tcp 25
   or various variants of lsof, like
     lsof -i TCP:25
   
   
2. sendmail is well configured (on mail server / relay host)
   this will take a little bit too long for that article
   in my case it was a wrong IPv6 address in sendmail.mc
   DAEMON_OPTIONS(`Family=inet6, Name=MTA-v6, Port=smtp, Addr=2600:1f14:1d6d:f202:8d53:fc57:c45d:6590')dnl
    
3. mail server is reachable from outside 
   test it with 
    telnet [mailserver] [port]
   or brutal way with a network scanner, like nmap
     nmap -p 25,465,587 [mailserver]
   
   if mailserver is not reachable from outside, 
   then you must lookup on server and on client firewall rules, e.g.
     iptables -t filter --list
     iptables -6 -t filter --list

You could also simply run strace to see, what happens:
  strace openssl s_client -starttls smtp -connect mail.area23.at:587

html uft-8 symbol generation shell script

I wrote tonight a short uft-8 html escapes generating shell script,
see script generated results here: https://area23.at/utf8/.

#!/bin/sh
# generates uft-8 symbol html reference

outtext=utf8_pre_sym2000.html

modHex=256
modFF=255
modZero=0
shx=1024

printf "<html>\n<head><title>utf-8 symbol></title></head>\n<body>\n\t<h1>UTF-8 Symbols</h1>\n\t<div><span>\n" > $outtext

while [ $shx -lt 16384 ] ; do

        modZero=$(echo "$shx % $modHex" | bc)
        if [ $modZero -eq 0 ] ; then
                printf "\n<h2>hex x%x ~ dec %d</h2>\n" $shx $shx >> $outtext
                printf "\n<pre>symbol\thex x%x \tdecimal %d \t.\n" $shx $shx >> $outtext
        fi

        printf "&#x%x;\t&#x%x;\t&#%d;\t.\n" $shx $shx $shx  >> $outtext

        modFF=$(echo "$shx % $modHex" | bc)
        if [ $modFF -eq 255 ] ; then
                printf "</pre>\n" >> $outtext
        fi

    shx=$(echo "$shx + 1" | bc);
done

printf "\n\t<hr />\n\t</span></div></body></html>\n" >> $outtext

---

see full script at pastebin.com/0aNumds1 

https://pastebin.com/0aNumds1

Danger of huge monopolisation and checks and balances to keep up a living strong democracy

(Draft)

Monolopy (Conspiracy theory warning)

In mercantilism owning and potentially using a monopoly was considered as tactical advantage. Think about it, that China soonly has a monopoly on a lot of industrial products, but most of China's hardware exoported have an american, south korean or japanse label. 

When there might be a common closed source smart phone. personal computer or smart phone with only one operating system with market dominance over 90%, then we might run into a trap.

If later then, disassembling, reversing engineering is punished with high penalties and international legal claims, then social credit program can be introduced step by step by backdoor.

If your social credit is negative, then you might not have all functions enabled (on your monopoly phone or monopoly personal computer) (THIS MIGHT BE VERY DANGEROUS)

Attention, Huawei, Chinas biggest smart-phone brand and ready to soonly be main player also in african markets, is still android and open based on open source linux and I don't claim, that China will use such practices. But there is no guarantee, that US or Chinese companies would develop or exrend their powers to collect more data or control more individuals in entire world by monitoring them permanently. 
In open system, you can choose a other os to install on every hardware. I remember, that Sony Playstation implemented an other OS bootloader, where you could run linux on it. The community demanded it. Today no one tries to recommand LineageOS compatbility on Smart-Phone hardware.

Balances & checks for free democracies

Freedom of media index

Multiple independant print & internet media or different media blocks. +1

Fact-Checking in more serious media. +0,5

Double Fact checking, interviewing all stakeholders. +0,5

Different TV stations and radio stations in country.. +1

Access to satellite tv or streamed news in internet +1

Access to different ISPs. foreign western Proxy Services, entire Internet and Tor Onion Router +1

Possibility to blog, moderate in blogs and internet media and not permanently censhorship (censorship, when hawkishing a little bit to much for hours until 1 week is OK). +1

Possibility to report over public events in blogs, media, internet media like X or Facebook, you need special permission and agreement from company, private person and NGO, when reporting inside over companies, NGOs, military and private persons private sphere (concerning e.g. product placement, innovations, sexuality or belief). +1

Tolerate whistleblowing like in the US, when reporting over complicated human rights violences of foreign troops in war. +0,5

Storry telling, conspiracy theories and narratives are marked with a recognizable symbole, e.g. +0,5

Civil & business & companies rights

9 basic points

The word church in follwoing could also mean shrine, temple, stone circle, lgbt community or any religious monoment or place.

Freedom of assembly (if missing -4)

• Right for workers to join a labor union or representation of employees.
• Right for companies to join a free foundation or trade guild.  

• Right to join a religious community or free church (no hierachically bottom up grassroot foundate non state church).

Freedom of speach, freedom of art and freedom of posts without state sanctions (exception national socialists content, radical djihadist content, stalinist content in some countries)   (if missing -4)

Right to work self choosen and startup again after phase of unemployment. Right to work no matter what in company, NGO as free artist, freelancer, whatever ... (for some non free profession, like medical doctor or train man you need a special prooved certificate or degree) (if missing -4)

Right to found, own, buy (part of) a company or poperty, right to own stock market values, money, gold, derivates, freedom to choose bank and payment provider and freedom of trade  (Excpet US patriot act or sanctions against countries as US ally) (if missing -5)

Right for worker to leave company (inside a certain time period, normally 0-3 months) when getting a better offer without extreme high penality for joining another company. Right for companies to hire & fire women & men inside a certain time period (normally 0-3 months). (if missing -4)

Right to vote, right to protest and right to access basic state services for every citizen. (if missing -4)

Freedom of operating system, freedom to choose between open & closed source and freedom to develop after a free choosen license, e.g. BSD, Apache, GNU, MIT, closed source). (if missing -4) 
(Standardized licenses for paying and billing closed source, 3-10 categories would be nice, like renting software as a service like office 365, paying a cloud provider on network and CPU and storage using, installing a software and paying for year a guaranteed support, ...)

Right on abortion, if both mother & father agree to it, because otherwise they would be slaves, owned by a landlord in law. Free citizens should have that right. Don't bring slavery back to US. (if missing -5)

Right to have a own sexuality, freedom for adults to have sex if both agree (maybe after rules of their church), right to marriage (maybe after rules of a church or federal state). (if missing -3)

Right to adopt non adult childs, if parents or next familiars (if parents death) of children agree to it and have a permanently visiting right at least all 2 weeks. Maybe a free NGO check is needed, that this is good too. (if missing -3)

Non discrimination rights and possibility to protest against it or go to an independant court. 
(In private companies I saw and experienced discrimination very rarley, but at civil services or police or public high schools, this is happening some times).  (if missing -2) 

Right of an independent and fair judgement (maybe right to have a second independant judge, if court is politically motivated).  Right of comparison between companies or private persons (both agree that one pays the other a fee of 100US$ of causing pain per day) (if missing -3) 

Right to wear waepons for veterans (who served at national army with locked and loaded waepons).  (if missing -1) 

Right for people over 16 to drive a car, ride a byke, bicycle (maybe a confirmed license is needed, horse, donkey, drink whiskey (of course not when riding or driving a vehicle) and smoking natural herbs, tobaco (but no opiods). (Maybe the right of your church doesn't allow some parts).  (if missing -2) 

Right to have a save and proper enviroment: State can ban bear, wolfes or elephant hunts or shutting birds or using animals for bio-nano technolgy experiments.  (if missing -2) 

Denied: Experiments with human beeings without their agreement (signed and 3rd party validated) (like milkram experiment) is forbidden. Long time studies of human beeings. (if missing -4) 

Right to access independent technology to scan your genom and verify children and parents, if they agree. (if missing -2) 

Social rights:

(For Europe, Great-Britain. Brazil and ???): Right of small social security (at least 1000US$ per month), if you get unemployed or need assistence.  (if missing -3) (State money transfer over 150.000 US$ per year without doing anything is strictly forbidden. Excluded: Fees from private companies as a free services for long employment, excellent performance or great innovation or great ad value).

Right for every cirtizen to access as citizen public libraries with internet access with a legitimated identifying card.

Right to repair wikipedia, right of elected assembly to transfer special money to some urgently needed NGO task forces, like open source foundation, wikipedia, ...

Right for jobless people to getting courses to be ready for a new job, where they are only 40% - 80% qualified and not enough fit 4 work.

To be continued ...