aboutsummaryrefslogtreecommitdiffstats
path: root/doc/encryption.bb
diff options
context:
space:
mode:
authorredmatrix <redmatrix@redmatrix.me>2015-05-14 18:02:29 -0700
committerredmatrix <redmatrix@redmatrix.me>2015-05-14 18:02:29 -0700
commita6cb90c81c29663e96d4fd96acd43fde1c28ac15 (patch)
tree24d116fb5fe6b1e2687f833cee9685d6480a95eb /doc/encryption.bb
parentb467dc4f0055452b65fac842d1294ec9cc978445 (diff)
parent51b89f0ed8833004cf695de90791d8d0eec550b5 (diff)
downloadvolse-hubzilla-a6cb90c81c29663e96d4fd96acd43fde1c28ac15.tar.gz
volse-hubzilla-a6cb90c81c29663e96d4fd96acd43fde1c28ac15.tar.bz2
volse-hubzilla-a6cb90c81c29663e96d4fd96acd43fde1c28ac15.zip
Merge branch 'master' into tres
Conflicts: include/Import/refimport.php include/activities.php include/attach.php include/event.php include/externals.php include/identity.php include/items.php include/notifier.php include/photos.php include/taxonomy.php include/zot.php mod/channel.php mod/connedit.php mod/events.php mod/item.php mod/like.php mod/manage.php mod/mood.php mod/ping.php mod/poke.php mod/subthread.php mod/tagger.php mod/thing.php
Diffstat (limited to 'doc/encryption.bb')
-rw-r--r--doc/encryption.bb6
1 files changed, 4 insertions, 2 deletions
diff --git a/doc/encryption.bb b/doc/encryption.bb
index 427c5f96b..9985f4b33 100644
--- a/doc/encryption.bb
+++ b/doc/encryption.bb
@@ -1,6 +1,7 @@
[size=large]Builtin Automatic Encryption[/size]
-Full disclosure: The encryption Red Matrix uses per default is not absolutely waterproof. There [i]are[/i] known procedures to circumvent it. [i]But[/i] this takes a lot of effort and needs to be done individually for each channel. And to make this clear: Other services store your messages in plaintext, therefore we regard this approach as a [i]significant[/i] improvement for your privacy. Plus you are always free to use further encryption and password protection if you so desire.
+Full disclosure: The encryption $Projectname uses per default is not absolutely waterproof. There [i]are[/i] known procedures to circumvent it. [i]But[/i] this takes a lot of effort and needs to be done individually for each channel. And to make this clear: Other services store your messages in plaintext, therefore we regard this approach as a [i]significant[/i] improvement for your privacy. Plus you are always free to use further encryption and password protection if you so desire.
+
To explain this in more detail:
@@ -11,6 +12,7 @@ To explain this in more detail:
So what is the scope of security? Full disclosure: This might be great, but it is not perfect.
- every non-public post is automatically encrypted but persons who have access to the site's database and files [i]may[/i] be able to decrypt everything by using these keys which obviously need to be stored on the server. To be clear: The encrypion keys are different for every channel and it is [i]quite an effort[/i] to do this. And again: Other services store your messages in plain text unencrypted. So this [i]is[/i] quite a significant win for your privacy.
-We believe that the NSA-level dragnet plaintext extracting mass surveillance is probably not possible due to the design of the zot protocol. Dedicated attacks including hacking into one hub to obtain the server logs and database only partly reveal what is going on between people communication between different hubs. We believe that this makes it much more expensive for state-level attackers to access your content in Red Matrix.
+We believe that the NSA-level dragnet plaintext extracting mass surveillance is probably not possible due to the design of the zot protocol. Dedicated attacks including hacking into one hub to obtain the server logs and database only partly reveal what is going on between people communication between different hubs. We believe that this makes it much more expensive for state-level attackers to access your content in $Projectname.
+
We gladly accept help improving the security of the system and auditing it as well.