diff options
author | Tobias Luther <tobias@bitratemag.cc> | 2014-06-29 21:07:42 +0200 |
---|---|---|
committer | Tobias Luther <tobias@bitratemag.cc> | 2014-06-29 21:07:42 +0200 |
commit | 1a118a08288fcf6f4a84f2996a0adf5b0b7d9aa5 (patch) | |
tree | a1ea256ef5966a6ff8191498dbbfdc3434c5ceea /doc/encryption.bb | |
parent | a47971aefd2bee45f4e57dd1fc3ea24bb370881f (diff) | |
download | volse-hubzilla-1a118a08288fcf6f4a84f2996a0adf5b0b7d9aa5.tar.gz volse-hubzilla-1a118a08288fcf6f4a84f2996a0adf5b0b7d9aa5.tar.bz2 volse-hubzilla-1a118a08288fcf6f4a84f2996a0adf5b0b7d9aa5.zip |
Tidied the folder from old backups
created new files for a quick explanation of the use of accounts, profiles, channels
added FAQ for users, admins and developers (the last one might not be exactly necessary?)
created a file to explain posting for new users
created new file to explain nomadic identities for users
modified main.bb
Diffstat (limited to 'doc/encryption.bb')
-rw-r--r-- | doc/encryption.bb | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/doc/encryption.bb b/doc/encryption.bb new file mode 100644 index 000000000..3eee7a452 --- /dev/null +++ b/doc/encryption.bb @@ -0,0 +1,16 @@ +[size=large]Builtin Automatic Encryption Plus Super-Safe Encryption[/size] + +Full disclosure: The encryption Red Matrix uses per default is not absolutely waterproof. There [i]are[/i] known procedures to circumvent it. [i]But[/i] this takes a lot of effort and needs to be done individually for each channel. And to make this clear: Other services store your messages in plaintext, therefore we regard this approach as a [i]significant[/i] improvement for your privacy. Plus you are always free to use further encryption and password protection if you so desire. + +To explain this in more detail: + +- each channel has its key pair +- every non-public post is automatically encrypted +- optional password protected super-safe encryption (needs to be enabled in settings) + +So what is the scope of security? Full disclosure: This might be great, but it is not perfect. +- every non-public post is automatically encrypted but persons who have access to the site's database and files [i]may[/i] be able to decrypt everything by usig these keys which obviously need to be stored on the server. To be clear: The encrypion keys are different for every channel and it is [i]quite an effort[/i] to do this. And again: Other services store your messages in plain text unencrypted. So this [i]is[/i] quite a significant win for your privacy. +So if you require super tight encryption enable ... and protect your posting with a password only you and the adressee(s) know. This way even people with access to the database and server ... + + +... needs to be written ... |