Right now the situation on Freenet is that: - Your peers can see what you are doing. On either opennet or darknet! - On opennet, anonymous identities can be traced by e.g. connecting to every node. - On darknet, tracing anonymous identities is very hard. - It is possible to write a plugin to identify a large proportion of what your friends are doing, and would not be all that difficult; the database of keys would be the most resource-intensive part. - Per-friend trust levels control how much data is shared with a friend node but even low friend trust does not solve the basic problem of requests being visible.
IMHO at a minimum we need to: - Tell the user in the first-time wizard. We are pretty close to this now, it probably makes sense to elaborate very slightly, see the other thread. - Make darknet a lot easier to use with invites, FOAF connections etc. - Be careful what claims we make in public or on the website. - Consider a change of terminology to emphasise darknet - "social darknet" ? The point is your friends are a) your gateway to the network and b) assumed to be non-hostile, and the attacker is assumed not to be one of your friends but a distant entity such as a corporate or (not too annoyed / well funded!) government agency. Ideally we would provide an option which would provide adequate protection against a single malicious friend, albeit at a significant performance cost. IMHO most users won't need this, at least most of the time, because e.g. filesharers tend to connect to filesharers. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 197 bytes Desc: This is a digitally signed message part. URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20110101/6e8ae27e/attachment.pgp>
