aboutsummaryrefslogtreecommitdiffstats
path: root/doc/encryption.bb
diff options
context:
space:
mode:
authorTobias Luther <tobias@bitratemag.cc>2014-06-29 21:07:42 +0200
committerTobias Luther <tobias@bitratemag.cc>2014-06-29 21:07:42 +0200
commit1a118a08288fcf6f4a84f2996a0adf5b0b7d9aa5 (patch)
treea1ea256ef5966a6ff8191498dbbfdc3434c5ceea /doc/encryption.bb
parenta47971aefd2bee45f4e57dd1fc3ea24bb370881f (diff)
downloadvolse-hubzilla-1a118a08288fcf6f4a84f2996a0adf5b0b7d9aa5.tar.gz
volse-hubzilla-1a118a08288fcf6f4a84f2996a0adf5b0b7d9aa5.tar.bz2
volse-hubzilla-1a118a08288fcf6f4a84f2996a0adf5b0b7d9aa5.zip
Tidied the folder from old backups
created new files for a quick explanation of the use of accounts, profiles, channels added FAQ for users, admins and developers (the last one might not be exactly necessary?) created a file to explain posting for new users created new file to explain nomadic identities for users modified main.bb
Diffstat (limited to 'doc/encryption.bb')
-rw-r--r--doc/encryption.bb16
1 files changed, 16 insertions, 0 deletions
diff --git a/doc/encryption.bb b/doc/encryption.bb
new file mode 100644
index 000000000..3eee7a452
--- /dev/null
+++ b/doc/encryption.bb
@@ -0,0 +1,16 @@
+[size=large]Builtin Automatic Encryption Plus Super-Safe Encryption[/size]
+
+Full disclosure: The encryption Red Matrix uses per default is not absolutely waterproof. There [i]are[/i] known procedures to circumvent it. [i]But[/i] this takes a lot of effort and needs to be done individually for each channel. And to make this clear: Other services store your messages in plaintext, therefore we regard this approach as a [i]significant[/i] improvement for your privacy. Plus you are always free to use further encryption and password protection if you so desire.
+
+To explain this in more detail:
+
+- each channel has its key pair
+- every non-public post is automatically encrypted
+- optional password protected super-safe encryption (needs to be enabled in settings)
+
+So what is the scope of security? Full disclosure: This might be great, but it is not perfect.
+- every non-public post is automatically encrypted but persons who have access to the site's database and files [i]may[/i] be able to decrypt everything by usig these keys which obviously need to be stored on the server. To be clear: The encrypion keys are different for every channel and it is [i]quite an effort[/i] to do this. And again: Other services store your messages in plain text unencrypted. So this [i]is[/i] quite a significant win for your privacy.
+So if you require super tight encryption enable ... and protect your posting with a password only you and the adressee(s) know. This way even people with access to the database and server ...
+
+
+... needs to be written ...