From 1a118a08288fcf6f4a84f2996a0adf5b0b7d9aa5 Mon Sep 17 00:00:00 2001 From: Tobias Luther Date: Sun, 29 Jun 2014 21:07:42 +0200 Subject: Tidied the folder from old backups created new files for a quick explanation of the use of accounts, profiles, channels added FAQ for users, admins and developers (the last one might not be exactly necessary?) created a file to explain posting for new users created new file to explain nomadic identities for users modified main.bb --- doc/encryption.bb | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) create mode 100644 doc/encryption.bb (limited to 'doc/encryption.bb') diff --git a/doc/encryption.bb b/doc/encryption.bb new file mode 100644 index 000000000..3eee7a452 --- /dev/null +++ b/doc/encryption.bb @@ -0,0 +1,16 @@ +[size=large]Builtin Automatic Encryption Plus Super-Safe Encryption[/size] + +Full disclosure: The encryption Red Matrix uses per default is not absolutely waterproof. There [i]are[/i] known procedures to circumvent it. [i]But[/i] this takes a lot of effort and needs to be done individually for each channel. And to make this clear: Other services store your messages in plaintext, therefore we regard this approach as a [i]significant[/i] improvement for your privacy. Plus you are always free to use further encryption and password protection if you so desire. + +To explain this in more detail: + +- each channel has its key pair +- every non-public post is automatically encrypted +- optional password protected super-safe encryption (needs to be enabled in settings) + +So what is the scope of security? Full disclosure: This might be great, but it is not perfect. +- every non-public post is automatically encrypted but persons who have access to the site's database and files [i]may[/i] be able to decrypt everything by usig these keys which obviously need to be stored on the server. To be clear: The encrypion keys are different for every channel and it is [i]quite an effort[/i] to do this. And again: Other services store your messages in plain text unencrypted. So this [i]is[/i] quite a significant win for your privacy. +So if you require super tight encryption enable ... and protect your posting with a password only you and the adressee(s) know. This way even people with access to the database and server ... + + +... needs to be written ... -- cgit v1.2.3