Open gerardo-junior opened 5 years ago
HelloZeroNet
commented
5 years ago I think encrypting on application level vs filesystem level makes no difference. It could be possible to create a plugin that stores files in database that would make the content not accessible from file system level and possible would be faster in some cases: https://www.sqlite.org/fasterthanfs.html
gerardo-junior
commented
5 years ago yes, only obfuscating this data at the application level solve the problem and can be done with plug-ins but the idea of breaking files in blocks to not save files accessible to disk and only have networked connected is more complicated.
I think break to small blocks would solve the problem of slow nodes but would need for more connections.
What do you think of this idea of file.part ?
HelloZeroNet
commented
5 years ago actually putting it to a database would create one huge file instead of many small one. Breaking it into more pieces would hurt the performance even more.
trenta3
commented
5 years ago I would only like to add that, if implemented, we should store the blobs encrypted with a password that only the user knows and that he inserts at program start. The program uses this password to decrypt the files stored locally (this is also kind of helpful to protect against malware trying to steal one's sites privatekeys).
The other suggested way of having a password per site à la Freenet that the users send each other simply (in my opinion) does not protect oneself against incrimination for illegal content since the password is available to each one that asks for it from other peers (and so also is available to the controlling authorities that can decrypt the content by themselves).
This option should also be at least opt-out since in some countries even encrypting something can be dangerous and/or there are consequences if one refuses to give the encryption passphrase to authorities when asked to.
gerardo-junior
commented
5 years ago as I added in the thread on zerotalk, I am fan of the idea of associating a password with zeroid and to start the router need this password
but the idea is not protecting nobody, is to prevent someone from being incriminated.
if a ip enter in disgusting sites that stay the log, the problem is if on a normal site someone hide crap.
kevinsmia1939
commented
5 years ago I am not expert in this topic, but are you talking about encrypting the "data" folder? If so, I'm all for this ! ! ! As OP mention, each country have there own weird laws.
gerardo-junior
commented
5 years ago @kevinsmia1939 because of the law (https://en.wikipedia.org/wiki/Key_disclosure_law) in some countries, that alone is not enough, it is necessary to make the data inaccessible individually in my vision
but I'm studying the zeronet code to develop a good solution, I intend to make a PR soon and create a plugin to encrypt the /data associated with zeroid and a password
kevinsmia1939
commented
5 years ago That's great, keep us update on this.
styromaniac
commented
5 years ago Don't work for public relations if you're going to use CP with no mention of accidental downloading as an example. Or just don't. LOL
It shines a very bad light.
kevinsmia1939
commented
5 years ago Don't work for public relations if you're going to use CP with no mention of accidental downloading as an example. Or just don't. LOL
It shines a very bad light.
So encryption is only for cp now?? There are other content that are illegal of possession. Even a short comment can be illegal. https://en.wikipedia.org/wiki/L%C3%A8se_majest%C3%A9_in_Thailand
gerardo-junior
commented
5 years ago Don't work for public relations if you're going to use CP with no mention of accidental downloading as an example. Or just don't. LOL
It shines a very bad light.
What is "CP"?
gerardo-junior
commented
5 years ago I discovered what it is ...
a problem of zeronet we do not have guarantee of what is being saved on our disk
who search of this content should answer judicially yes.
styromaniac
commented
5 years ago So encryption is only for cp now??
Jumping to a conclusion and forgetting what OP said exclusively is not necessary.
That was their only example without mention of accidental download.
I think zeronet should break the files in blocks, never save a complete file and encrypt. because in some countries, having some types of content written on the disk is a crime. such as content of child pornography or piracy and prevent malware written in the system
even if you encrypt this data, in some countries there are laws that you require the keys. (https://en.wikipedia.org/wiki/Key_disclosure_law) and this data may be in system without user's knowledge if the peer enters a website unintentionally or someone to post something in some forum.
http://127.0.0.1:43110/Talk.ZeroNetwork.bit/?Topic:1544706846_1GHXQ3vMtadfHFjTwS3roqYe8LUsyDqN8f
sorry for my bad English