-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 03/11/2013 03:24 PM, Matthew Toseland wrote:
[snip]
>> 3) I prefer extreme network security at the expense of even more
>> speed.
>>
>> Freenet shares network information with other computers it
>> connects with to improve performance. Even though this
>> information is limited and almost always safe to share, in
>> extreme cases you may want to not share it to gain more network
>> security at a significant cost in performance.
>>
>> (Maximum network security. Requires #1. How best to show this?
>> Does it appear under #1 only when #1 is checked?)
>
> I don't see why we need to ask about maximum. We don't at the
> moment, unless you choose custom.
Good point. Is there no need for that question then? My intent is to
replicate the current setup in a series of carefully explained
questions, in the hope that it will be easier to think about one's
security considerations.
For detailed setup there could be a link to the current setup/wizard,
hopefully to be replaced by an AJAXy equivalent as time permits.
>>
>> 4) I use full-disk encryption.
>>
>> Network security does not mean that if your computer is taken
>> that your information is protected. Full-disk encryption
>> encrypts all information on your hard disk, including operating
>> system files, and requires that some kind of credentials be
>> provided when the computer is turned on. The Freenet Project
>> strongly recommends you use full-disk encryption, but can provide
>> some encryption of its own.
>>
>> ("None" physical security.)
>
> I have my doubts about whether we should ask about this. I guess
> it's a usability vs performance tradeoff. How much of a cost is
> always encrypting temp files?
I have no numbers on this. Do you have any suggestions for how to go
about benchmarking?
Then again Fred should encourage full-disk encryption anyway. If someone
is using it, it seems silly to use additional on-disk encryption. Does
using no encryption in Fred not allow transparent migration to higher
levels of physical security?
>>
>> 5) I am very concerned that my computer may be seized.
>>
>> As an extreme measure, Freenet can keep all information in
>> temporary memory (though it cannot guarantee that the operating
>> system will not write it to disk) in the hope that if the
>> computer is turned off any compromising information will be
>> lost.
>>
>> (Maximum physical security.)
>
> Currently we only ask about physical security if the user selects
> HIGH initially. It's a simple LOW/HIGH choice. We need to keep it
> as simple as possible, but not so simple that people don't
> understand.
If the wizard is being replaced with this series of questions, how
else to establish this? Would it be preferable to have sections with
radio buttons that more closely map to the current wizard then? Is
maximum physical security something that can be available only in the
detailed/custom setup?
I forgot a question:
6) I have a monthly bandwidth cap.
(When this is selected, there has to be a way to enter the limit, so I
propose that _______ GiB/month slide out from under the question.)
If your connection has a monthly bandwidth cap, Freenet can attempt to
stay under it, though it may be very slow when doing so.
Steve
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAEBAgAGBQJRPzBxAAoJECLJP19KqmFuQkAQAIuUY9S2/ZvJU4bRsbMqJIgp
Nclql/hx2VbSvnDJ+VdFZMnDxCC7G6enKA+bTeago95rQZxZ0P4FKE7PDyoSOMDy
EnYo45IsRieh3TrdXJ8JEyNwd9GtXms7h4yZ9XXyYLQtbT0nwxKfx4M3almXPDUa
G8Ush3e5DWPYrH+a22xOOlbi1fcMNvJi1EGKZHYYVO9aZOeL7frJAKTpUAhhUGo2
JSQbUULVZsuZLaBqfZHmm5KkFYBgaFkQ0p/oGEcm55q9rbhDlkIg2S4bpwWLyT8w
ql7l9XRIv+ATTcAyYyP9CW2pXVnAPRfRS+O2e+D9v+ww9lhuPFfETmu8/IhV9AyE
NI5EFtuf+VYq1v1e00obsA/SlfBh4aZgn5ji4FWPKqbYSoIpUmixTLqIvaIeaKl0
LefUcruzFzvOPuqK7TXcqvuT/V4nZtJ5K48Z4L3NxhcD94rosSWAxDQCrQZcEx/W
sBeTKNJ2qvV5U+J7Jbts6RoDQO6FtjFq1mHzxpSBJFXBEnaiGDZFv0uErL301grI
3vH8rcHWJWnr2xgCe2viGMrBGO3wEpJ8+1A0gSA5ToRoSLwWZ1WhgaaNC9PJpMr7
4yhd3/jsnwlx36f962eGrlbDyai++Fje4Pksi+2zh5DvazpsuECndDoFeQndDgmI
C2vaj4kdCH/3jFxqufj5
=sg8a
-----END PGP SIGNATURE-----
_______________________________________________
Devl mailing list
[email protected]
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
