Anonymous writes: >> ? Do you want your potential future employer to know everything we talk >> about and use that to screen applications? To you tell all your >> colleagues and family about every hobby you have? When you talk about >> it in the open, it.s just one security breakage of your online service >> from being public. > > Reply would be: you're just too paranoia. Got nothing to hide.
“Didn’t you ever lose a chance, because a co-worker got a grudge against you because you hold a different opinion on something? Or got into problems for a careless comment?” >> You only need to trust the other to not modify his/her node to spy on >> you. Since most people don.t have the skills to do that, the trust >> requirement isn.t that high. > > It's indeed not, if my trust in the other would be enough. But it > is not. You actually assume that all your friends at the same time have the skills to modify Freenet and would do that to spy on you? >> That.s exactly what you should not do. Or rather: You create one ID per >> shared secret and keep these separate. > > This is what I do--inside Freenet. I use more than one ID, keeping > them separate. > The main reason is to diffuse the profile of the person I am. Yepp — you separate them. No need to tell the people you connect to about all your IDs. > As it looks now, LE can ID files w/in FN, track what is downloaded > or uploaded > but not yet prove w/o doubt what one node does. > It can be made 'likely' but not proven. It’s the same for darknet friends. > Every IP running FN is logged, each file inside FN is registered. > Still, there is no way identities can be linked to IP's. For opennet “no way” is putting it too high. It’s hard, but if they can take over all your opennet connections, they know what you insert, and that means they could know your IDs. Taking over all your connections is possible in Opennet. In darknet, they would have to corrupt most of your friends without you noticing. That’s extremely hard and needs actual people to get active, which raises the cost for the attack enormeously. Even having some darknet peers as well as opennet gives you protection against that attack. > I am not convinced darknet is useful to me, I do see opennet as > what I need. > > My real person must not have anything to do with the person, ID I > am inside Freenet, this is a definitive must. That’s what you get with Darknet, but not with Opennet. > I do not want anyone to know what I do inside Freenet. I even don't > want anyone to know I run a node. > My ISP may know, LE knows, but both must not know what I do inside > FN or what my ID is inside. For the people you connect to the same is true. > I do want to communicate with, necessarily, complete strangers, in > a public way _inside Freenet_. > As an aside: it is this, the open, virtual community of virtual > ID's which makes Freenet useful to me. > I guess, this is what makes FN unique, its virtual community. That’s one of the big strengths of Freenet, yes: Pseudonymous communication. > Reversely, I do not want anyone inside FN to get a hint of who I am > in real life. > The two worlds must be separated, my security depends on it. For my security, that’s not that essential, but I want to provide that separation for people who really need it — and also for myself should I need it at some point. There might be things I want to share without connecting them to myself. I know that in school I had that need of not wanting to have my classmates know what I do in my free time. Or of not wanting some violent nutcrack or some violent sect to know my real identity and harass me or my family for something I said in Freenet. In Germany there are few anti-nazi activists who stopped their activity because their family got threatened, and in the US people get sent SWAT teams to their home. Sadly the nazi have connections into our equivalent to CIA/NSA, as evidenced by lots of documents about murder by nazis disappearing or being "accidently" destroyed just days before parliament should have received them. > I may trust an other ID in FN to, for example publish software I > can trust to run. > Just because over time, such an ID has proven to be worth this > trust. > But but this trust can't be extended to exchange noderefs with > her/him. That is exactly right. You can NEVER EVER exchange a noderef with someone you only know from Freenet using a non-public ID when you want to keep that ID separate from your real identity. Even if you know someone with your public ID, you should not exchange noderefs with him/her, because the chance to hit an attacker is much higher in Freenet than among your pre-existing real life friends and collegues. > Nor can I trust a rl person with the fact I run Freenet, both cross > the line of keeping my Freenet ID separate from my real ID. > It does not matter if I trust that person with all I got, this fact > I can not share. Why is that? The fact that you run Freenet does not expose which IDs you have. > I think it would be a good idea to be aware of how important the > security of people running Opennet is. > If Opennet is cracked, meaning: if it can be proven which FN ID > belongs to my IP, it means Freenet is broken. > This is independent of physical security Darknet provides, because > to use opennet, one of the darknet peers must run opennet. Opennet can never be made safe. No network which does not use friend-to-friend connections can be safe against an attacker with vastly more resources. > An attacker may see everything I do in FN, he may also see anything > the real me does in real life, he must not be able to make this > connection. > > Not Darknet is crucial, this is. To be able to guarantee this to a serious degree, you need Darknet. That’s why Darknet exists. That’s why major parts of Freenet got rewritten in 2006 and 2007: Darknet is the only way to provide this security. Best wishes, Arne -- Unpolitisch sein heißt politisch sein ohne es zu merken
signature.asc
Description: PGP signature
_______________________________________________ Support mailing list [email protected] http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[email protected]?subject=unsubscribe
