On Saturday 16 Feb 2013 13:19:45 user1 wrote: > On 02/16/2013 12:58 PM, Dennis Nezic wrote: > > On Sat, 16 Feb 2013 08:18:03 -0000, dissiden...@tormail.org wrote: > >> Hello, everyone > >> Thank you for your efforts > >> I have several questions about freenet's security > >> First of all i would like to notice that there is a lack of > >> documentation on the site regarding cryptographic algorithms > >> implemented in freenet. I wasn't able to find anything about it in > >> the official FAQ > >> > >> What algorithms are in use ? How my traffic is encrypted ? Or it is > >> not encrypted at all ? > >> There is an SSL option in Freenet, what it is for ? Is it dangerous > >> to use freenet without it? > >> > >> As far as i understood, freenet using keys to get access to some > >> information. Each key contains a hash of the file and the decryption > >> key. So when i'm using freenet i'm requesting some file by its key. > >> So what will prevent my ISP to spy my keys and then grab an encrypted > >> file from my traffic ? After that he can use a key with a file and - > >> viola - he can view my information. > >> Is it possible or i'm not understand the scheme ? > > You're not understanding the scheme. Do you have access to > > https://freenetproject.org/faq.html#hash > > or > > http://en.wikipedia.org/wiki/Freenet > > ? > > > Lets say you are a group of 10 men and you want to communicate by > computer and nobody else must know.
You won't get far without a few women. ;) > You all have to install a fresh freenet on each or yours computers. > Then you must all 10 meet some place in real life (a bar or club) and > exchange nodes e.g. by exchanging nodes copied onto a cd. That means > each of you must bring 10 cd's with a copy of your node. Right. Though USB sticks might be more convenient. If you want everyone to connect to everyone, then you each need a copy of each friend's noderef. That's this file: http://127.0.0.1:8888/addfriend/myref.fref It's probably most secure to exchange these files in person, but you could email them etc, if you are careful (e.g. if you already communicate by gpg etc). > Nobody else must know what you are doing. > Then you have a darknet. > To keep a darknet private you must not mix up with any opennet nodes. > I just try to explain the principle of how you could run darknet in a > simple way. > Please correct me if I am wrong? Sounds fine. However you can have some opennet nodes, provided they are outside the hostile environment. So ideally it should look like this: (I've picked Iran at random here, if you are actually in Iran be damn careful, they might try to detect it at the protocol layer / block UDP / etc, and they certainly throttle connections) Iranian darknet - friend-to-friend only -> darknet links Cautious friends of Iranian darknet - friend-to-friend only (so the bad guys don't know about these) -> darknet links More friends - both darknet and opennet (bad guys can find these, but it doesn't matter) -> opennet Then you have access to the wider Freenet, without revealing those inside the dodgy country. Which is good because it means your data should be more widely distributed / more reliable. Also, Freenet needs some special configuration if it's a really small network. On the other hand if you're inserting stuff from inside Iran, it might be risky in that they could trace it to the third layer friends. There are things you can do about that but it depends what you want Freenet for e.g. having a group outside that reinserts stuff.
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Support mailing list Support@freenetproject.org http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:support-requ...@freenetproject.org?subject=unsubscribe
