On 02.08.2010 20:03, Ian Clarke wrote: > On Mon, Aug 2, 2010 at 11:20 AM, Arne Babenhauserheide<arne_bab at web.de> > wrote: >> On Sunday 01 August 2010 12:14:51 Ximin Luo wrote: >>> So yes we should just >> drop "physical security". To do it properly we'll >>> have to fuck with parts >> of people's machines we really shouldn't be >>> fucking with; and if they are >> that paranoid (I am) they should just >>> encrypt their entire disks, which >> will cover non-freenet stuff too. >> >> For me that would take away one of the >> main strengths of freenet: People need only install one program and have >> anonymous and mostly secure communication right away. >> >> Why throw away one >> of the strength freenet already has? >> >> Freenet can only attain the goal of >> spreading uncensorable information, if it is really easy to use. Else it can >> only reach the geek part of the population. > > I agree. The unix philosophy of "one tool for one task" is all very > well for the typical unix user who is comfortable stringing multiple > tools together, but that isn't our target audience. > > Installing and running Freenet shouldn't require that a user install a > bunch of other tools and do a load of configuration, because the > reality is that most people won't bother. > > If we can encrypt on-disk data with relative ease, and Matthew tells > me we can, then we should.
Extra security is not a bad thing. And in the case of storing encrypted temp files I agree with Matthew as well, but like I said in my other E-Mail, freenet will never be able to protect the user from local attacks. And I think it is worse to keep the user in the false pretence that he is secure, because freenet stores it temp file sencrypted, than telling him: ?Hey, freenet helps you to publish and get information anonymously, but from the point it reaches your system (Browser, Adobe Reader, Image / Video viewer,..) it is out of the scope of freenet. So if you want to be protected when your system is sized, install a full disk encryption like TrueCrypt.? Otherwise the user will need a very big handbook, where he can look up what configurations he has to do in his Browser, which actions are save to do, what he should not do,.. And this is far more complicated for the user than just installing a disk encryption software. So if freenet can help to strengthen local security, with little performance drawbars and not to much effort in the part of development, go for it. But I think the focus should be placed on other parts of freeent.
