* Ian Clarke <ian.clarke at gmail.com> [2008-08-14 18:42:57]:
> On Thu, Aug 14, 2008 at 5:09 PM, Matthew Toseland
> <toad at amphibian.dyndns.org> wrote:
> > On Thursday 14 August 2008 20:01, Ian Clarke wrote:
> > What do you think of my changes?
> >
> > "We strongly recommend that you only use Freenet in darknet mode [are we
> > using
> > the term "darknet" consistently? we can't force darknet here, since that
> > would basically prevent them from using Freenet unless they know other
> > freenetters]."
> >
> > I disagree: If they set most-paranoid then opennet should not be available
> > until they change the threat level to somewhat-paranoid.
>
> What is the point in that? If they are intent on using Freenet, then
> forcing them to select an inappropriate option doesn't make them any
> more secure! The question isn't so much whether opennet is secure,
> the question is whether it is more secure than the next best option -
> which in many cases will probably be a HTTP proxy, which are trivial
> to monitor.
>
> > The UI should make
> > it easy to upgrade or downgrade the threat level, enable opennet etc, but
> > should make it clear what the ramifications are.
>
> Yes, but forcing them to pretend that they have a lower threat level
> than they do is pointless. The purpose of this mechanism must be to
> inform the user, not make some futile attempt to restrict their
> behavior.
>
The user has to be aware that it's always a matter of trade-offs...
We shouldn't speak about a "threat levels" but a "threat level per threat
model".
IMHO they are three major threat models:
- Treachery (how much I can trust my peers to be good guys)
* tunnels, ... FOAF and shared bloom-filters for fast remote lookup
- Network (should hide from ISP, risk of MITM, ...)
* JFK, ... Opennet, sensitivity to Sybil
- Local (should provide some resilience against a seizure)
* bucket encryption, double-datastore encryption, ... none of those
We could use that to our advantage when advertising Freenet: make a chart
comparing freenet and the security it provides against its alternatives.
It's something the gnunet guys have been doing since ages
(http://gnunet.org/faq.php3?xlang=English#compare)
NextGen$
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: Digital signature
URL:
<https://emu.freenetproject.org/pipermail/devl/attachments/20080815/c8b2ae01/attachment.pgp>
