diff options
author | RedSwede <redswede@riseup.net> | 2015-01-17 00:19:22 +0100 |
---|---|---|
committer | RedSwede <redswede@riseup.net> | 2015-01-17 00:19:22 +0100 |
commit | 1d7bd0ba909241bc4a3b423dbae82ff64e928bd3 (patch) | |
tree | 339989866daad4ff4c66a88472351a22ad972a79 /doc | |
parent | d5c85ea1bcd8b610f3fce8660d82a9a1265fae67 (diff) | |
download | volse-hubzilla-1d7bd0ba909241bc4a3b423dbae82ff64e928bd3.tar.gz volse-hubzilla-1d7bd0ba909241bc4a3b423dbae82ff64e928bd3.tar.bz2 volse-hubzilla-1d7bd0ba909241bc4a3b423dbae82ff64e928bd3.zip |
Looked through the whole doc/-folder more or less. Added and commented a few things here and there.
One question:
* Is the crypto-js E2EE or not? If the devs agree that it is NOT then I propose
removing this from the help files and gui.
Diffstat (limited to 'doc')
-rw-r--r-- | doc/Remove-Account.md | 1 | ||||
-rw-r--r-- | doc/TermsOfService.md | 2 | ||||
-rw-r--r-- | doc/account_basics.bb | 5 | ||||
-rw-r--r-- | doc/encryption.bb | 10 | ||||
-rw-r--r-- | doc/extra_features.bb | 1 | ||||
-rw-r--r-- | doc/main.bb | 1 | ||||
-rw-r--r-- | doc/permissions.bb | 2 | ||||
-rw-r--r-- | doc/profiles.bb | 6 | ||||
-rw-r--r-- | doc/red2pi.bb | 5 | ||||
-rw-r--r-- | doc/remove_account.bb | 4 | ||||
-rw-r--r-- | doc/troubleshooting.bb | 2 |
11 files changed, 24 insertions, 15 deletions
diff --git a/doc/Remove-Account.md b/doc/Remove-Account.md index 322b95578..dc39a8cbd 100644 --- a/doc/Remove-Account.md +++ b/doc/Remove-Account.md @@ -1,3 +1,4 @@ +// this page is out of date... Remove Account ============== diff --git a/doc/TermsOfService.md b/doc/TermsOfService.md index 41e9c0de7..50fec64cf 100644 --- a/doc/TermsOfService.md +++ b/doc/TermsOfService.md @@ -1,4 +1,4 @@ Terms of Service ================ -#include doc/SiteTOS.md; +#include doc/SiteTOS.md; //error does not exist... diff --git a/doc/account_basics.bb b/doc/account_basics.bb index a8fd6e5fd..0a55d2f03 100644 --- a/doc/account_basics.bb +++ b/doc/account_basics.bb @@ -22,13 +22,16 @@ Once you have provided the necessary details, click the 'Register' button. Some [b]Create a Channel[/b]
-Next, you will be presented with the "Add a channel" screen. Normally, your first channel will be one that represents you - so using your own name (or psuedonym) as the channel name is a good idea. The channel name should be thought of as a title, or brief description of your channel. The "choose a short nickname" box is similar to a "username" field. We will use whatever you enter here to create a channel address, which other people will use to connect to you, and you will use to log in to other sites. This looks like an email address, and takes the form nickname@siteyouregisteredat.xyz
+Next, you will be presented with the "Add a channel" screen. Normally, your first channel will be one that represents you - so using your own name (or psuedonym) as the channel name is a good idea. The channel name should be thought of as a title, or brief description of your channel. The "choose a short nickname" box is similar to a "username" field. We will use whatever you enter here to create a channel address, which other people will use to connect to you, and you will use to log in to other sites. This looks like an email address, and takes the form nickname@siteyouregisteredat.xyz*
When your channel is created you will be taken straight to your settings page where you can define permissions, enable features, etc. All these things are covered in the appropriate section of the helpfiles.
+*Note: It is not possible to change this address after creating the channel.
+
See Also
[zrl=[baseurl]/help/permissions]Permissions[/zrl]
+[zrl=[baseurl]/help/privacy]Privacy[/zrl]
[zrl=[baseurl]/help/profiles]Profiles[/zrl]
[zrl=[baseurl]/help/remove_account]Remove Account[/zrl]
diff --git a/doc/encryption.bb b/doc/encryption.bb index 3eee7a452..427c5f96b 100644 --- a/doc/encryption.bb +++ b/doc/encryption.bb @@ -1,4 +1,4 @@ -[size=large]Builtin Automatic Encryption Plus Super-Safe Encryption[/size] +[size=large]Builtin Automatic Encryption[/size] Full disclosure: The encryption Red Matrix uses per default is not absolutely waterproof. There [i]are[/i] known procedures to circumvent it. [i]But[/i] this takes a lot of effort and needs to be done individually for each channel. And to make this clear: Other services store your messages in plaintext, therefore we regard this approach as a [i]significant[/i] improvement for your privacy. Plus you are always free to use further encryption and password protection if you so desire. @@ -6,11 +6,11 @@ To explain this in more detail: - each channel has its key pair - every non-public post is automatically encrypted -- optional password protected super-safe encryption (needs to be enabled in settings) +- optional password protect content via crypto-javascript browser-to-browser encryption (needs to be enabled in settings) Full disclosure: A rogue hub admin could injects malicious javascript-code (e.g. keylogging-abilities) into the code. Encrypt our stuff out of band with GPG, become a hub administrator yourself or use other means of communication if this worries you. So what is the scope of security? Full disclosure: This might be great, but it is not perfect. -- every non-public post is automatically encrypted but persons who have access to the site's database and files [i]may[/i] be able to decrypt everything by usig these keys which obviously need to be stored on the server. To be clear: The encrypion keys are different for every channel and it is [i]quite an effort[/i] to do this. And again: Other services store your messages in plain text unencrypted. So this [i]is[/i] quite a significant win for your privacy. -So if you require super tight encryption enable ... and protect your posting with a password only you and the adressee(s) know. This way even people with access to the database and server ... +- every non-public post is automatically encrypted but persons who have access to the site's database and files [i]may[/i] be able to decrypt everything by using these keys which obviously need to be stored on the server. To be clear: The encrypion keys are different for every channel and it is [i]quite an effort[/i] to do this. And again: Other services store your messages in plain text unencrypted. So this [i]is[/i] quite a significant win for your privacy. +We believe that the NSA-level dragnet plaintext extracting mass surveillance is probably not possible due to the design of the zot protocol. Dedicated attacks including hacking into one hub to obtain the server logs and database only partly reveal what is going on between people communication between different hubs. We believe that this makes it much more expensive for state-level attackers to access your content in Red Matrix. -... needs to be written ... +We gladly accept help improving the security of the system and auditing it as well. diff --git a/doc/extra_features.bb b/doc/extra_features.bb index 2e877375e..be14fdb5b 100644 --- a/doc/extra_features.bb +++ b/doc/extra_features.bb @@ -1,3 +1,4 @@ +// multiple of these have been enabled by default. should we note this here somewhere, move it or remove them from this file?
[b]Features[/b]
The default interface of the Red Matrix was designed to be uncluttered. There are a huge number of extra features (some of which are extremely useful) which you can turn on and get the most of the application. These are found under the Extra Features link of your Settings page.
diff --git a/doc/main.bb b/doc/main.bb index 224e3f6b8..acb39f63f 100644 --- a/doc/main.bb +++ b/doc/main.bb @@ -83,3 +83,4 @@ Zot is the great new communicaton protocol invented especially for the RedMatrix [size=large][b]About This RedMatrix Hub[/b][/size]
[zrl=[baseurl]/help/TermsOfService]Terms of Service For This Hub[/zrl]
[zrl=[baseurl]/siteinfo]Hub Information (/siteinfo)[/zrl]
+[zrl=[baseurl]/siteinfo_json]Detailed Technical Hub Information (/siteinfo_json)[/zrl]
diff --git a/doc/permissions.bb b/doc/permissions.bb index 7ba8cb7a6..b4facde39 100644 --- a/doc/permissions.bb +++ b/doc/permissions.bb @@ -6,7 +6,7 @@ Permissions in the Red Matrix are more complete than you may be used to. This al On your settings page, you will find a list of default permissions. These permissions are automatically applied to everybody unless you specify otherwise. The scope of these permissions varies from "Only me" to "Everybody" - though some scopes may not be available for some permissions. For example, you can't allow "anybody on the internet" to send you private messages, because we'd have no way to identify the sender, therefore no way to reply to them.
-We highly recommend that you use the "typical social network" settings when you first create your account, as it allows others to communicate with you and help you out if you have difficulty. You will find that these settings allow you as much privacy as you desire - when you desire it; but also allow you to communicate in public if you choose to. You are free to use much more private settings once you have learned your way around.
+We highly recommend that you use the "typical social network" settings when you create your first channel, as it allows others to communicate with you and help you out if you have difficulty. You will find that these settings allow you as much privacy as you desire - when you desire it; but also allow you to communicate in public if you choose to. You are free to use much more private settings once you have learned your way around.
Be aware that altering the scope of who can see your "public" items is a more or less [b]permanent[/b] change. Your public items have no identified permissions attached to them - they are public. If you restrict who can see these items, there is no way of making any single item public ever again - without allowing access to every public item you ever created. You are certainly free to do this, but beware of the consequences.
diff --git a/doc/profiles.bb b/doc/profiles.bb index 5fcf5245a..1bf37b13b 100644 --- a/doc/profiles.bb +++ b/doc/profiles.bb @@ -10,8 +10,6 @@ That said, if you want other friends to be able to find you, it helps to have th [*]A photo of you
[*]Your location on the planet, at least to a country level.[/ul]
-Without this basic information, you could get very lonely here. Most people (even your best friends) will not try and connect with somebody that has a fake name or doesn't contain a real photo.
-
In addition, if you'd like to meet people that share some general interests with you, please take a moment and add some "Keywords" to your profile. Such as "music, linux, photography" or whatever. You can add as many keywords as you like.
To create an alternate profile, first go to [zrl=[baseurl]/settings/features]Settings > Additional Features[/zrl] and enable "Multiple Profiles" there, otherwise you won't have the ability to use more than just your default profile.
@@ -32,4 +30,8 @@ On the directory page, you may search for people with published profiles. Curren On your Connnections page and in the directory there is a link to "Suggestions" or "Channel Suggestions", respectively. This will find channels who have matching and/or similar keywords. The more keywords you provide, the more relevant the search results that are returned. These are sorted by relevance.
+See Also
+
+[zrl=[baseurl]/help/AdvancedSearch]Advanced Searching[/zrl]
+
#include doc/macros/main_footer.bb;
diff --git a/doc/red2pi.bb b/doc/red2pi.bb index 48b7f6d38..03e05aa99 100644 --- a/doc/red2pi.bb +++ b/doc/red2pi.bb @@ -9,6 +9,7 @@ Then this page is for you! You will: [*] Register a free domain (dynamic DNS) and use it for your RED hub
[*] Install the RED Matrix
[*] Keep your Raspberry Pi and your Redmatrix up-to-date
+[*] TODO Setting up SSL
[*] TODO Running Friendica with SSL
[*] TODO Make the webserver less vulnarable to attacks
[/list]
@@ -199,7 +200,7 @@ And add the following contains in it replacing the actual values: --background
--dyndns_system default@freedns.afraid.org
--syslog
-[/code]
+ [/code]
[b]Step 5[/b]
@@ -302,7 +303,7 @@ Set up a cron job to run the poller once every 15 minutes in order to perform ba - pi@pi /var/www $ which php
Make sure you are in the document root directory of the webserver
- pi@pi /var/www $ cd /var/www/
-Try to execute the poller in oder to make sure it works
+Try to execute the poller in order to make sure it works
- pi@pi /var/www $ /usr/bin/php include/poller.php
Create the cronjob
- pi@pi /var/www $ crontab -e
diff --git a/doc/remove_account.bb b/doc/remove_account.bb index feb3f249a..704f0b94c 100644 --- a/doc/remove_account.bb +++ b/doc/remove_account.bb @@ -10,7 +10,7 @@ You will need to confirm your password and the channel you are currently logged This is irreversible.
-If you have identity clones on other sites this only removes by default the channel instance which exists on this site.
+If you have identity clones on other hubs this only removes by default the channel instance which exists on this hub.
[b]Remove Account[/b]
@@ -22,6 +22,6 @@ You will need to confirm your password and the account you are currently logged This is irreversible.
-All your channels will be deleted. If you have identity clones on other sites this only removes by default the channels instances which exists on this site.
+All your channels will be deleted. If you have identity clones on other hubs this only removes by default the channels instances which exists on this hub.
#include doc/macros/main_footer.bb;
diff --git a/doc/troubleshooting.bb b/doc/troubleshooting.bb index d5e1a29dc..35ecd3546 100644 --- a/doc/troubleshooting.bb +++ b/doc/troubleshooting.bb @@ -1,6 +1,6 @@ [b]Troubleshooting[/b]
-[li][zrl=[baseurl]/help/technical_faq]Technical FAQ[/zrl][/li]
+[li][zrl=[baseurl]/help/technical_faq]Technical FAQ[/zrl][/li] // error does not exist
[li][zrl=[baseurl]/help/problems-following-an-update]Problems following an update[/zrl][/li]
#include doc/macros/troubleshooting_footer.bb;
|