On Friday 03 December 2010 19:15:22 Klaus Koch wrote: > > > It is a hard problem. But our traditional approach hasn't been terribly > > > honest IMHO. > > We were talking on #freenet on how to explain new users in a few words > (installer?) what freenet's security is all about and how to "warn" them of > the shortcomings of opennet. I came up with the following text: > > "Freenet's security and anonymity is based on the idea that users connect to > people they trust. Opennet mode (=LOW security level) is a convenience feature > for new users who don't have trusted peers yet and it's security is not as > strong as darknet (= MEDIUM/HIGH security level). Use this mode to befriend > people you think you can trust. Get the highest security out of freenet by > connection to your reallife friends!" > > somehow there's still missing that even connecting to a coworker is better > than a random stranger, but I still struggle to put it into one of the > sentences...
IMHO that is precisely what people misunderstand most frequently. How about: Generally on Freenet you are only vulnerable to the users your node is connected to. Do you want Freenet to connect only to your friends? YES (DARKNET MODE): If you have 5 or more friends who run Freenet, you should enable darknet mode, and add them on the Friends page. Freenet will send your traffic through them to their friends and the rest of the network. This greatly improves your security, because you choose who you connect to. You should only add people you know personally, online or offline. NO (OPENNET MODE): Freenet can connect to other users automatically, if you don't know anyone on Freenet. However, this is a convenience feature offering only minimal security against a determined attacker. In opennet mode, the bad guys can choose to connect to you, whereas in darknet mode, you choose who you connect to. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 197 bytes Desc: This is a digitally signed message part. URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20101207/eb2e6d75/attachment.pgp>
