On Tuesday 18 Dec 2012 18:01:41 Arne Babenhauserheide wrote: > Am Dienstag, 18. Dezember 2012, 13:26:20 schrieb Matthew Toseland: > > > I don’t think that this is strictly necessary. If your friend runs a > > > corrupted build, you have a problem anyway. Another layer of security > > > might be nice, anyway, though: Don’t make it too easy for people to > > > infiltrate freenet… > > The problem is you can make your corrupt version spread "virally" as people > > are invited each time distributing your bogus installer, and get a > > significant number of corrupted nodes. > > That’s what I meant with not making it too easy :) > > > > And we can provide the sha1 hash of the files along with IP:Port:password, > > > so GNU/Linux users can easily check for manipulations. > > > > We could, although it'd be more work for the user. > > It would be additional *optional* work. > > Those who care could check the hashes. > > > > In that case, the QR-code would simply save the typing of the text from a > > > custom business-card. > > > > Is that really an improvement in practice? > > I don’t know, and I would not focus too much on QR-codes. They are optional > maybe-nice-to-haves. > > > > Also people running freenet might not want to use their email address to > > > send the data: don’t leave a data trail between the two people (which is > > > too easy to follow). > > > > You should only add darknet friends if you don't care about there being a > > trail between them. You should connect to people that you know. This is the > > same as "people the bad guys already know are connected to you from your > > phone records etc". > > The question is which trail. E-Mails are open to global surveillance. > Connections not necessarily (they are much more work to track all the time).
If you are targeted as an individual, they can tell who your friends are, that you run Freenet, who your darknet peers are etc. Our threat model assumes that you're not a suspect to start with: All they know is you use Freenet, and your anonymous identity. So in terms of our general threat model, it doesn't matter. However, in the common case "what happens if they bust me", especially if it's only for running Freenet, we need the list of darknet peers to be similar to the set of people you communicate with anyway. NOT your secret revolutionary friends (you should use Freemail to talk to them!). This is an additional requirement, above our general threat model (which is concerned with *hiding*) but IMHO it reflects real-world concerns. > > > > One more option: Only provide your FOAF connections, NOT your own IP. > > > > Huh? > > The usecase of only giving the FOASs would be, that you don’t want to leave > the trail that you met that other person personally. > > You give him a freenet-card and he can get freenet and connect to some > people. > There will only be a second-level connection between them and you, though. > > And in case we get connections over tor running, the connection might not > actually be traceable easily. Still not sure I follow. Who are they a darknet peer of? > > > Your friends do not have to be perfectly trustworthy > > Jepp. Rules for friends: > > * Don’t crack your freenet > * Don’t let someone else tamper with your computer without warning me first. It's not even a matter of "I'm sure this person won't try to surveil me". Remember the alternative is opennet. It's "it's less likely that they will try to surveil me than that [the bad guys my flog is gonna piss off] will try to surveil me" (and succeed, on opennet!). Or something close to that.
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
