Author: toad
Date: 2008-09-03 14:08:59 +0000 (Wed, 03 Sep 2008)
New Revision: 22365
Modified:
trunk/freenet/src/freenet/l10n/freenet.l10n.en.properties
trunk/freenet/src/freenet/node/SecurityLevels.java
Log:
We need 4 network threat levels; LOW, NORMAL, HIGH and MAXIMUM.
MAXIMUM will enable all paranoia options and be very slow!
We warn on setting MAXIMUM, aand don't warn on downgrading to HIGH.
Modified: trunk/freenet/src/freenet/l10n/freenet.l10n.en.properties
===================================================================
--- trunk/freenet/src/freenet/l10n/freenet.l10n.en.properties 2008-09-03
12:38:01 UTC (rev 22364)
+++ trunk/freenet/src/freenet/l10n/freenet.l10n.en.properties 2008-09-03
14:08:59 UTC (rev 22365)
@@ -1043,21 +1043,25 @@
SecurityLevels.tooltip=Configure the node's degree of security
SecurityLevels.networkThreatLevelShort=Protection against a stranger attacking
you over the Internet
SecurityLevels.networkThreatLevel=How much security do you need against
Internet providers, corporations, governments, bored kids etc attempting to
monitor your use of Freenet?
+SecurityLevels.networkThreatLevel.name.MAXIMUM=MAXIMUM
SecurityLevels.networkThreatLevel.name.HIGH=HIGH
SecurityLevels.networkThreatLevel.name.NORMAL=NORMAL
SecurityLevels.networkThreatLevel.name.LOW=LOW
-SecurityLevels.networkThreatLevel.desc.HIGH=I intend to access information
that could get me arrested, imprisoned, or worse. I am worried about my
government or ISP blocking Freenet. I understand that Freenet is experimental
and ${bold}cannot${/bold} ensure security against certain known attacks, but I
accept the risks compared to the alternatives. Freenet will not connect to
unknown nodes, so ${bold}I must have friends already using Freenet to select
this mode${/bold}.
+SecurityLevels.networkThreatLevel.desc.MAXIMUM=I intend to access information
that could get me arrested, imprisoned, or worse. I understand that Freenet is
experimental and cannot ensure security against certain known attacks, but I
accept the risks compared to the alternatives. Freenet will be
${bold}significantly${/bold} slower than in HIGH, and ${bold}you must have
friends running Freenet to select this mode${/bold}.
+SecurityLevels.networkThreatLevel.desc.HIGH=I would like to make it much more
difficult for others to monitor my communications, or I am worried about ISPs
trying to block Freenet. Freenet will only connect to your friends, so
${bold}you must have friends already using Freenet to select this mode${/bold}.
Freenet will be slow unless you add at least 5-10 friends, and won't work at
all if you don't have at least 1.
SecurityLevels.networkThreatLevel.desc.NORMAL=I live in a relatively free
country, but I would like to make it more difficult for others to monitor my
communications. Freenet will be reasonably careful to protect your anonymity,
at some performance cost. Freenet will automatically connect to unknown nodes.
We recommend that you add friends running Freenet and upgrade to HIGH.
SecurityLevels.networkThreatLevel.desc.LOW=I do not care about monitoring and
want maximum performance. It may be quite easy for others to discover my
identity.
-SecurityLevels.noFriendsWarning=You have not added any Friends. If you set the
network security level to high, you will be unable to connect to Freenet until
you have at least one connected Friend! Note that for there to be any
meaningful security benefit, these must be people you actually know and at
least marginally trust, and for good performance you will need at least 5-10 of
them connected at any time. Are you sure?
+SecurityLevels.noFriendsWarning=You have not added any Friends. If you set the
network security level to high or maximum, you will be unable to connect to
Freenet until you have at least one connected Friend! Note that for there to be
any meaningful security benefit, these must be people you actually know and at
least marginally trust, and for good performance you will need at least 5-10 of
them connected at any time. Are you sure?
SecurityLevels.noFriendsCheckbox=I am sure, enable high network security
level, I will add some Friends ASAP.
-SecurityLevels.noConnectedFriendsWarning=You do not have any connected
Friends, although you have added ${added} friends. If you set the network
security level to high, you will only be able to connect to Freenet when your
friends are online, which they are not at the moment. You should add additional
Friends, only use Freenet when your friends are connected, or not upgrade to
high security. Note that for there to be any meaningful security benefit, your
Friends must be people you actually know and at least marginally trust, and for
good performance you will need at least 5-10 of them connected at any time. Are
you sure?
+SecurityLevels.noConnectedFriendsWarning=You do not have any connected
Friends, although you have added ${added} friends. If you set the network
security level to high or maximum, you will only be able to connect to Freenet
when your friends are online, which they are not at the moment. You should add
additional Friends, only use Freenet when your friends are connected, or not
upgrade to high security. Note that for there to be any meaningful security
benefit, your Friends must be people you actually know and at least marginally
trust, and for good performance you will need at least 5-10 of them connected
at any time. Are you sure?
SecurityLevels.noConnectedFriendsCheckbox=I am sure, I will add more Friends
and/or I accept that Freenet will only be online when my existing Friends are
online.
-SecurityLevels.fewConnectedFriendsWarning=You only have ${connected} connected
Friends right now, and you have added ${added} friends in total. If you set the
network security level to high, Freenet will only connect to your Friends, so
your performance may be significantly reduced, and if all your Friends are
offline then it will not be able to connect at all. Note that Friends must be
people you know and at least marginally trust for there to be any real security
benefit, and you will need at least 5-10 connected Friends for good
performance. Are you sure?
+SecurityLevels.fewConnectedFriendsWarning=You only have ${connected} connected
Friends right now, and you have added ${added} friends in total. If you set the
network security level to high or maximum, Freenet will only connect to your
Friends, so your performance may be significantly reduced, and if all your
Friends are offline then it will not be able to connect at all. Note that
Friends must be people you know and at least marginally trust for there to be
any real security benefit, and you will need at least 5-10 connected Friends
for good performance. Are you sure?
SecurityLevels.fewConnectedFriendsCheckbox=I am sure, I will add more Friends
and/or I accept the performance cost and the fact that Freenet may not connect
when my Friends are offline.
SecurityLevels.networkThreatLevelLowWarning=You are about to downgrade your
node's network security level to low. This means that it will be easy for
strangers to attack your anonymity over the Internet. Are you sure?
SecurityLevels.networkThreatLevelLowCheckbox=I am sure, I want more speed and
I don't care who can tell what I'm doing with Freenet!
SecurityLevels.networkThreatLevelConfirmTitle=WARNING: Setting network
security level to ${mode}
+SecurityLevels.maximumNetworkThreatLevelWarning=${bold}WARNING:${/bold} You
are about to set the maximum network security level! This will
${bold}significantly${/bold} slow down Freenet for you! Please do not do this
unless you really need the security!
+SecurityLevels.maximumNetworkThreatLevelCheckbox=Yes I really want to enable
maximum security, I understand that Freenet is still experimental and it may
still be possible to trace me, and that this setting may dramatically reduce
Freenet's performance!
ShortOption.parseError=Cannot parse value as a string array: ${error}
ShortOption.parseError=The value specified can't be parsed as a 16-bit integer
: ${val}
SimpleToadletServer.advancedMode=Enable Advanced Mode?
Modified: trunk/freenet/src/freenet/node/SecurityLevels.java
===================================================================
--- trunk/freenet/src/freenet/node/SecurityLevels.java 2008-09-03 12:38:01 UTC
(rev 22364)
+++ trunk/freenet/src/freenet/node/SecurityLevels.java 2008-09-03 14:08:59 UTC
(rev 22365)
@@ -4,7 +4,6 @@
package freenet.node;
import java.util.ArrayList;
-import java.util.Arrays;
import freenet.config.EnumerableOptionCallback;
import freenet.config.InvalidConfigValueException;
@@ -32,20 +31,21 @@
private final Node node;
public enum NETWORK_THREAT_LEVEL {
- HIGH, // paranoid, darknet only
+ LOW, // turn off every performance impacting security measure
NORMAL, // normal setting, darknet/opennet hybrid
- LOW // turn off every performance impacting security measure
+ HIGH, // darknet only, normal settings otherwise
+ MAXIMUM, // paranoid - darknet only, turn off FOAF etc etc
}
public enum FRIENDS_THREAT_LEVEL {
+ LOW, // Friends are ultimately trusted
+ NORMAL, // Share some information
HIGH, // Share no/minimal information and take measures to
reduce harm if Friends are compromized
- NORMAL, // Share some information
- LOW // Friends are ultimately trusted
}
public enum PHYSICAL_THREAT_LEVEL {
+ LOW, // Don't encrypt temp files etc etc
NORMAL, // Encrypt temp files etc etc
- LOW // Don't encrypt temp files etc etc
}
NETWORK_THREAT_LEVEL networkThreatLevel;
@@ -234,23 +234,44 @@
if(newThreatLevel == networkThreatLevel)
return null; // Not going to be changed.
HTMLNode parent = new HTMLNode("div");
- if(newThreatLevel == NETWORK_THREAT_LEVEL.HIGH) {
+ if((newThreatLevel == NETWORK_THREAT_LEVEL.HIGH &&
networkThreatLevel != NETWORK_THREAT_LEVEL.MAXIMUM) ||
+ newThreatLevel == NETWORK_THREAT_LEVEL.MAXIMUM)
{
if(node.peers.getDarknetPeers().length == 0) {
parent.addChild("p", l10n("noFriendsWarning"));
+ if(newThreatLevel ==
NETWORK_THREAT_LEVEL.MAXIMUM) {
+ HTMLNode p = parent.addChild("p");
+ L10n.addL10nSubstitution(p,
"SecurityLevels.maximumNetworkThreatLevelWarning", new String[] { "bold",
"/bold" }, new String[] { "<b>", "</b>" });
+ }
parent.addChild("input", new String[] { "type",
"name", "value" }, new String[] { "checkbox", checkboxName, "off" },
l10n("noFriendsCheckbox"));
+ return parent;
} else if(node.peers.countConnectedDarknetPeers() == 0)
{
parent.addChild("p",
l10n("noConnectedFriendsWarning", "added",
Integer.toString(node.peers.getDarknetPeers().length)));
+ if(newThreatLevel ==
NETWORK_THREAT_LEVEL.MAXIMUM) {
+ HTMLNode p = parent.addChild("p");
+ L10n.addL10nSubstitution(p,
"SecurityLevels.maximumNetworkThreatLevelWarning", new String[] { "bold",
"/bold" }, new String[] { "<b>", "</b>" });
+ }
parent.addChild("input", new String[] { "type",
"name", "value" }, new String[] { "checkbox", checkboxName, "off" },
l10n("noConnectedFriendsCheckbox"));
+ return parent;
} else if(node.peers.countConnectedDarknetPeers() < 10)
{
parent.addChild("p",
l10n("fewConnectedFriendsWarning", new String[] { "connected", "added" }, new
String[] { Integer.toString(node.peers.countConnectedDarknetPeers()),
Integer.toString(node.peers.getDarknetPeers().length)}));
+ if(newThreatLevel ==
NETWORK_THREAT_LEVEL.MAXIMUM) {
+ HTMLNode p = parent.addChild("p");
+ L10n.addL10nSubstitution(p,
"SecurityLevels.maximumNetworkThreatLevelWarning", new String[] { "bold",
"/bold" }, new String[] { "<b>", "</b>" });
+ }
parent.addChild("input", new String[] { "type",
"name", "value" }, new String[] { "checkbox", checkboxName, "off" },
l10n("fewConnectedFriendsCheckbox"));
- } else return null;
- return parent;
+ return parent;
+ }
} else if(newThreatLevel == NETWORK_THREAT_LEVEL.LOW) {
parent.addChild("p",
l10n("networkThreatLevelLowWarning"));
parent.addChild("input", new String[] { "type", "name",
"value" }, new String[] { "checkbox", checkboxName, "off" },
l10n("networkThreatLevelLowCheckbox"));
return parent;
} // Don't warn on switching to NORMAL.
+ if(newThreatLevel == NETWORK_THREAT_LEVEL.MAXIMUM) {
+ HTMLNode p = parent.addChild("p");
+ L10n.addL10nSubstitution(p,
"SecurityLevels.maximumNetworkThreatLevelWarning", new String[] { "bold",
"/bold" }, new String[] { "<b>", "</b>" });
+ parent.addChild("input", new String[] { "type", "name",
"value" }, new String[] { "checkbox", checkboxName, "off" },
l10n("maximumNetworkThreatLevelCheckbox"));
+ return parent;
+ }
return null;
}
