On Friday 14 December 2007 17:37, Colin Davis wrote: > Your Freenet node is only minimally protected. Your machine is currently > hiding from most people, but it's doing so by connecting to strangers.
No it isn't. > If you connect to friends you already know and trust, Freenet will be > better able to protect you. > > Please get some connections to people you trust, and add them to your > Friends page as soon as possible. > Once you have at least 10 Friends, turn on Secure mode and your node > will become invisible to the outside world. > > ---- > > This does a few things- We want to acknowledge that using Freenet, even > in opennet, is more secure than the public internet. Marginally! > Using words like > Insecure makes them think that they are now MORE vulnerable, which isn't > the right message for someone who just downloaded and installed this > software out of paranoia. Opennet is insecure. A false sense of security results in people doing things they wouldn't do otherwise because they think they ARE secure. > > We also want to encourage people to get their friends to install > Freenet, Social Networking style. This is the best way to increase > adoption of the network. Essentially, drive home the message that 'If > you get your friends to install freenet, you will be more safe'. It also > has the side-effect of being true ;) Of course. > > Additionally, I think it's best to "turn on" Secure mode, rather than > turning off opennet. It makes it seem like they are getting ADDITIONAL > security, not running dangerously unsafely now. Again, keep in mind the > user case. I had it like that before, I got complaints from some people that it implies that secure mode is an option, and the default is insecure mode. The counter-argument is that practically speaking darknet is the optional mode since it requires the user to *do something*. Input? > > "I want to publish this photograph that proves the Government of my city > is corrupt. How can I do it safely? " > <downloads and fires up freenet.> > "TRIVIAL for an attacker? That defeats the entire purpose!" > <Uninstalls, and shreds picture. Corruption wins> Or he might connect to some Friends. Okay, maybe "trivial for an attacker to find your node" is a bit strong. Maybe "trivial for an attacker to find out that you are running Freenet" ? But once they've found that out, it IS fairly easy for them to connect to you and attack you. What is harder is to find the origin of specific content - it takes time, it requires that the originator keeps inserting it. But we want to convey this in as few words as possible, and as clearly as possible... > > Versus > > "I want to publish this photograph that proves the Government of my city > is corrupt. How can I do it safely? " > <downloads and fires up freenet.> > "Hrmm.. Well, this is better than nothing. I better start small, and get > some of my other democracy-loving friends to join too." > "Once enough of us do, then it'll be safe enough to release my photo > showing the coverup." > <Keeps using freenet, and moves to Darkenet in a few days. Corruption loses> Seems unlikely on the basis of the current take-up of freenet. :| -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20071214/12592ac4/attachment.pgp>
