Hi there, Dnia niedziela, 17 listopada 2013 23:44:14 Cathal Garvey pisze:
Retroshare isn't "like tor", it's "the opposite of tor".
Tor establishes a network of mutual distrust (kinda; you still trust some aspects of the network such as the directory servers).
Retroshare establishes a network of mutual trust, although you can withhold certain details such as whether you or merely a friend known to you is sharing the files you make available (although as mentioned by another this is likely to be traceable with enough network data).
Right.
For high-security work, something like i2p or Tor is probably better. For an alternative to daily, casual internet traffic, Retroshare's *idea* is probably superior; by relying on existing relationships of trust, you can probably get better performance, and data that's relevant to your interests is likely to be nearby in the network because of social networking effects.
Aye.
However, the flipside is without existing relationships of trust, you're dead in the water; I tried Retroshare for a while but had no friends on it, so had no access to the "core network" through any trusted links.
Yeah, that's kinda where I am now. I am wondering if: - it's possible to use my already established PGP/GPG web-of-trust; - it's actually a good idea to do it.
Also, I get mixed signals about the developer attitude to some security aspects of the P2P side of things. For example, they use SHA1 for the distributed hash table, whereas in my opinion one should never use an even partially broken hash for a *hash table*; you never know what exploits are known privately that further break the hash, and should generally assume it's fully broken if your threat model includes adversaries like the NSA. If you're willing to compromise on the quality of the hash that underlies the entire P2P end of the system, I'm wary about your attitude to security overall.
Oh, this is important information, didn't have that. Thanks.
This wasn't such a big deal 'til I saw some anons advocating Retroshare as a "usable crypto" solution. Well, it is; if your adversary is a talent-starved rent-seeking quango like the RIAA. If your adversary is the world's biggest circle-jerk of military cryptographers, I wouldn't go there, personally.
Right.
Maybe I'm paranoid about SHA1? I'm eager for other opinions here. Crypto is an area where the Dunning Kruger only gets worse the deeper you go.
+1 on wanting to hear more about it. -- Pozdr rysiek