On 30/11/15 23:58, Arne Babenhauserheide wrote: > For my personal threat model hybrid works. Whistleblowers definitely > need darknet with FOAF. > > What security properties would you assume for someone who has a > darknet connection with FOAF (explicitly: routing over all darknet > peers of the darknet peer) when the darknet peer has 5 other darknet > friends? Would that suffice for a whistleblower who logs into Freenet > 5 times, communicates over Freemail and logs off after less than an > hour? (the journalist-whistleblower workflow)
Whistleblowers need a public service they can connect to from a cafe that still provides reasonable protection and isn't blocked. They probably don't have existing darknet connections. My opennet proposal actually provides this: Opennet with tunnels, but enough scarcity that it can't be easily subverted. Having said that, a centralised solution may be simpler - provided it isn't blocked. Also they need a plane ticket to Ecuador. You will be found out, you have to plan on the assumption that your whole life will be permanently altered. The days of Deep Throat remaining embedded and leaking information over a period are long gone. Freenet probably can't change this. So really all they need technically is GPG, or the dropbox systems we're starting to see. >> If not, what needs implementing to get it there? > For whistleblowers: Darknet invitations, Darknet FOAF, transport > plugins (to hide the connections from ISP-level monitoring), WoT with > faster bootstrapping (getting the initial IDs). Transport plugins to hide connections? Transport plugins can't prevent blocking, even of darknet, because of traffic flow analysis. Freenet in general won't prevent targeted surveillance. If WoT bootstrapping becomes the bottleneck in connecting to whistleblowers then it will be DoS'ed. This could be done very cheaply (although not for free). Freenet will only work for whistleblowers when everyone else is using it too.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
