On Wed, Oct 02, 2002 at 01:10:48PM +0100, Roger Hayter wrote: > In message <[EMAIL PROTECTED]>, Ian Clarke > <[EMAIL PROTECTED]> writes > >On Tue, Oct 01, 2002 at 09:14:00PM +0100, Matthew Toseland wrote: > >>Shouldn't be necessary unless/until I implement encrypted native FS dirs > >>- there is a strong argument that we shouldn't concern ourselves with > >> this, leave it to the OS. > > > >After our previous bad experience with DIYing stuff that the OS (and > >specialized encrypted file-system softare) can handle, I think that this > >should be a very low priority. > > > >Anyone paranoid enough to need an encrypted datastore should already be > >familiar with encrypted file-systems. > > > >We may want to add a "README.PARANOID" document to the distribution > >which gives advice on further securing the Freenet experience (such as > >firewall modifications, encrypted/stego file systems, choice of > >web-browsers, modifications to web-browsers etc). > > > >For the moment, I would argue that we don't try to implement additional > >security measures ourselves when there is specialized software out-there > >which already does the same job. > > > >Ian. > > > > Have I misunderstood? Does this mean Freenet content cached by the node > appears as clear text? If so, the lack of OTB encryption would seem > very harmful to the plausible deniability aspect of relaying Freenet > content. Or are the individual Freenet items of content in themselves > encrypted unless requested from one's node for downloading? In some > (?most) jurisdictions, some Freenet content would be illegal to possess > knowingly. External encryption would not help, as it would involve a > deliberate external modification of the stored files, which would look > more like concealment than ignorance, and in many cases would be > transparently decrypted when the data store contents where examined by > the user interface. RTFD. Freenet never stores _anything_ as plain text. All keys are self-encrypted, and can only be decrypted by the client software which has the key (it's encoded into the URL), it is never decoded by the node. > > -- > Roger Hayter > > _______________________________________________ > devl mailing list > [EMAIL PROTECTED] > http://hawk.freenetproject.org/cgi-bin/mailman/listinfo/devl >
-- Matthew Toseland [EMAIL PROTECTED] [EMAIL PROTECTED] Freenet/Coldstore open source hacker. Employed full time by Freenet Project Inc. from 11/9/02 to 11/11/02.
msg04070/pgp00000.pgp
Description: PGP signature
