On 02.08.2010 20:03, Ian Clarke wrote:
On Mon, Aug 2, 2010 at 11:20 AM, Arne Babenhauserheide<[email protected]> wrote:
On Sunday 01 August 2010 12:14:51 Ximin Luo wrote:
So yes we should just
drop "physical security". To do it properly we'll
have to fuck with parts
of people's machines we really shouldn't be
fucking with; and if they are
that paranoid (I am) they should just
encrypt their entire disks, which
will cover non-freenet stuff too.
For me that would take away one of the
main strengths of freenet: People need only install one program and have
anonymous and mostly secure communication right away.
Why throw away one
of the strength freenet already has?
Freenet can only attain the goal of
spreading uncensorable information, if it is really easy to use. Else it can
only reach the geek part of the population.
I agree. The unix philosophy of "one tool for one task" is all very
well for the typical unix user who is comfortable stringing multiple
tools together, but that isn't our target audience.
Installing and running Freenet shouldn't require that a user install a
bunch of other tools and do a load of configuration, because the
reality is that most people won't bother.
If we can encrypt on-disk data with relative ease, and Matthew tells
me we can, then we should.
Extra security is not a bad thing. And in the case of storing encrypted
temp files I agree with Matthew as well, but like I said in my other
E-Mail, freenet will never be able to protect the user from local attacks.
And I think it is worse to keep the user in the false pretence that he
is secure, because freenet stores it temp file sencrypted, than telling
him: “Hey, freenet helps you to publish and get information anonymously,
but from the point it reaches your system (Browser, Adobe Reader, Image
/ Video viewer,..) it is out of the scope of freenet. So if you want to
be protected when your system is sized, install a full disk encryption
like TrueCrypt.”
Otherwise the user will need a very big handbook, where he can look up
what configurations he has to do in his Browser, which actions are save
to do, what he should not do,.. And this is far more complicated for
the user than just installing a disk encryption software.
So if freenet can help to strengthen local security, with little
performance drawbars and not to much effort in the part of development,
go for it. But I think the focus should be placed on other parts of freeent.
_______________________________________________
Devl mailing list
[email protected]
http://freenetproject.org/cgi-bin/mailman/listinfo/devl
