On Wed, Aug 4, 2010 at 4:24 AM, artur <artur at gmx.net> wrote: > Extra security is not a bad thing. And in the case of storing encrypted temp > files I agree with Matthew as well, but like I said in my other E-Mail, > freenet will never be able to protect the user from local attacks. > > And I think it is worse to keep the user in the false pretence that he is > secure, because freenet stores it temp file sencrypted, than telling him: > ?Hey, freenet helps you to publish and get information anonymously, but from > the point it reaches your system (Browser, Adobe Reader, Image / Video > viewer,..) it is out of the scope of freenet. So if you want to be protected > when your system is sized, install a full disk encryption like TrueCrypt.? [snip]
If you're concerned that telling a user about all the helpful but incomplete mechanisms that freenet uses to protect them might give them a false sense of security then simply don't tell them. E.g. if you're concerned that telling the user that freenet uses disk encryption will make them think they're immune to local attacks, continue to encrypt the disk as much as freenet can? because a collection of incomplete measures is still superior to no protection at all? but don't mention it except in the more technical documentation. It would be really nice if freenet could pin memory like all the other crypto applications do. Not just to protect users who are concerned about local attacks but because without it _every freenet user_ is more at risk of a local attack because it's pretty likely that taking a freenet user's computer will get you something useful. With Tor, on the other hand, taking a node will do you no good? so if you have any tor clue at all you won't even bother trying. Having your equipment compromised stinks even if you did have it all encrypted. Herd immunity has value here. It's nice to advise the user to use truecrypt but sadly people all too frequently underestimate their threat models. It would probably be better for the fproxy front page to run 'advertisements' for trucrypt (on windows) and dmcrypt (on Linux), continually reminding users that they ought to be using these things regardless of what they currently believe their threat model to be and to activate/offer to activate as much encryption as it can.
