Okay, thank you for the feedback! I feel this a good discussion that is taking place and that it is necessary to nail down exactly what questions will be asked and why.
But, as steve said: " This project has lots of ideas - it also needs people that can _implement_ ideas! " I would love to start, err or continue, developing the interactions for the security-setup; but, I am confused. >From Matthew's first message, I understood that the Freenet devs are looking for a set-up that asks questions and then shows potential security options based on the answers to those questions. However, from Steve's first message, in this conversation, I believe he is saying that the answers to the questions will result in only one security option and since there is only one, there is no need for it to be selected or unselected so it will be automatically chosen. So, I am confused on which implementation Freenet is looking for: 1.) Questions that result in options or 2.) Questions that result in only one-option that is automatically chosen. But then the user has to entre their security preferences in the form that appears. Please let me know, which option is most popular. Personally and with my experience, I think the first option is better. That is, because I can see the user being confused when they see the security option chosen without them having chosen it. But, it is the rest of the dev team's call. Also, what questions and how many questions are to be asked. I think we should keep it under 5 if possible. On 12 March 2013 13:11, Matthew Toseland <[email protected]> wrote: > On Tuesday 12 Mar 2013 13:41:05 Steve Dougherty wrote: > > On 03/11/2013 03:24 PM, Matthew Toseland wrote: > > [snip] > > >> 3) I prefer extreme network security at the expense of even more > > >> speed. > > >> > > >> Freenet shares network information with other computers it > > >> connects with to improve performance. Even though this > > >> information is limited and almost always safe to share, in > > >> extreme cases you may want to not share it to gain more network > > >> security at a significant cost in performance. > > >> > > >> (Maximum network security. Requires #1. How best to show this? > > >> Does it appear under #1 only when #1 is checked?) > > > > > > I don't see why we need to ask about maximum. We don't at the > > > moment, unless you choose custom. > > > > Good point. Is there no need for that question then? My intent is to > > replicate the current setup in a series of carefully explained > > questions, in the hope that it will be easier to think about one's > > security considerations. > > > > For detailed setup there could be a link to the current setup/wizard, > > hopefully to be replaced by an AJAXy equivalent as time permits. > > > > >> 4) I use full-disk encryption. > > >> > > >> Network security does not mean that if your computer is taken > > >> that your information is protected. Full-disk encryption > > >> encrypts all information on your hard disk, including operating > > >> system files, and requires that some kind of credentials be > > >> provided when the computer is turned on. The Freenet Project > > >> strongly recommends you use full-disk encryption, but can provide > > >> some encryption of its own. > > >> > > >> ("None" physical security.) > > > > > > I have my doubts about whether we should ask about this. I guess > > > it's a usability vs performance tradeoff. How much of a cost is > > > always encrypting temp files? > > > > I have no numbers on this. Do you have any suggestions for how to go > > about benchmarking? > > > > Then again Fred should encourage full-disk encryption anyway. If someone > > is using it, it seems silly to use additional on-disk encryption. Does > > using no encryption in Fred not allow transparent migration to higher > > levels of physical security? > > No. We can't quickly change from no encryption to encryption. That is, you > can change the seclevel, but stuff that's already on disk won't be modified. > > >> > > >> 5) I am very concerned that my computer may be seized. > > >> > > >> As an extreme measure, Freenet can keep all information in > > >> temporary memory (though it cannot guarantee that the operating > > >> system will not write it to disk) in the hope that if the > > >> computer is turned off any compromising information will be > > >> lost. > > >> > > >> (Maximum physical security.) > > > > > > Currently we only ask about physical security if the user selects > > > HIGH initially. It's a simple LOW/HIGH choice. We need to keep it > > > as simple as possible, but not so simple that people don't > > > understand. > > > > If the wizard is being replaced with this series of questions, how > > else to establish this? Would it be preferable to have sections with > > radio buttons that more closely map to the current wizard then? Is > > maximum physical security something that can be available only in the > > detailed/custom setup? > > So the question really is do we want to always, regardless of other > settings, ask the user whether they have full disk encryption? This is > probably sensible - seizure is the most likely attack in the real world. > > Also, as I've said a thousand times: Full disk encryption does not solve > the problem of temp files. With (block-level) full disk encryption, if the > attacker can capture the disk intact, not only can he read your current > temp files, and your persistent temp files, he can also read your > *PREVIOUS* temp files. This is why we delete temp files thoroughly, with > multiple rewrites - but that is not a reliable way to expunge data. The > only reliable way to be sure that old temp files are unrecoverable is to > encrypt them in the first place. > > Obviously fred-level encryption has its limits, especially if the swapfile > isn't encrypted... But life is not as simple as everyone assumes. > > > > I forgot a question: > > > > 6) I have a monthly bandwidth cap. > > > > (When this is selected, there has to be a way to enter the limit, so I > > propose that _______ GiB/month slide out from under the question.) > > > > If your connection has a monthly bandwidth cap, Freenet can attempt to > > stay under it, though it may be very slow when doing so. > > There is already such a question. How do you want to change it? > > _______________________________________________ > Devl mailing list > [email protected] > https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl > -- Regards, Irfan Mir.
_______________________________________________ Devl mailing list [email protected] https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
