
Retroshare – Secure communication for everyone - fosap
http://retroshare.sourceforge.net/
======
nickpsecurity
I haven't done a thorough review of it by stand by my at-a-glance review from
2014 on Schneier's blog:

"And it's written in a risky language using shoddy libraries on platforms NSA
etc. have 0-days and automated attack systems for. I'm sure that this
combination will be "really hard" for NSA to penetrate. ;)"

Goes for any strong attackers. Yet, with better interface and more security
review, an app like it might protect from the lesser attackers or snoops that
are still worth stopping (see "who uses Tor?"). Moreover, might be a better
baseline than existing apps providing similar functionality. The main thing
that will continually kill this app's security, also similar ones, is it's so
complex that describing functionality and errors states is already quite a
chore. Making a security argument... more so or impossible.

The best bet is probably a system like Freenet: asynchronous, low response
time requirements, and F2F. So much easier to protect such systems. Already
has a lot of services built on it. The approach would be a thorough, no-hold-
barred review of the protocol by pro's as we've seen with Tor. Whatever
survives the review is implemented in a native language with strong assurance
activities for implementation and interfaces, including covert channel
analysis. Mutually-distrusting, geographically-diverse, and ideologically-
loving-privacy types to be the early nodes in public network for
bootstrapping. Might even implement it on top of Tor or I2P.

Anyway, there's not much hope for strong anonymity or security if the app is
complex and uses high-risk components/platforms. Just isn't happening.
Sacrifices must be made. Both software market and FOSS communities have almost
all shown they're not willing to make them. So, it will remain a niche with
few solutions that are any good.

~~~
mdekkers
Any good alternatives for easy to use software that enables secure emailing
for the average joe?

------
explorigin
Time for this good project to get off of sourceforge as well.

~~~
thomaslutz
[https://github.com/RetroShare/RetroShare](https://github.com/RetroShare/RetroShare)

------
junto
I tried this out with friends. Great idea but awful interface.

~~~
nota_bene
That's the sad part - we sacrifice what people like Snowden tried to save (by
giving up their perfect lives) for eye candy.

~~~
jvdh
that's exactly the wrong way to think about this. If we want everybody else to
use these kinds of tools, they have to look good, and be easy to use.

~~~
nickpsecurity
Easy to use, sure, but I've only known four GUI systems to be built to high
assurance standard: simple components, small TCB, and clear interactions.
Mainstream OS's don't use them. People adding beauty to their apps on such
OS's also add attack surface in most cases. So, people wanting easy-to-use,
secure communications must accept simpler interfaces or maybe text-interfaces
depending on their threat profile.

I'll agree the interface needs to be easy to use regardless of how it's
implemented. Most tools that aren't got that way due to lack of solid effort
into UX. They can certainly do better. Yet, the result might look like a
console IRC client or an old Win32 GUI app if it uses simplest stuff for
security. Will users embrace that? Unlikely & didn't for many commercial
products in this space. It's why the person you replied to is right: they
won't make the smallest sacrifices to solve their greatest problems.

Has always been the case. Intel has lost over a billion dollars the few times
they tried to market something more reliable and secure. It wasn't backwards
compatible with crud X or support risk Y. So, market killed it off to buy
stuff that causes problems. Trend repeats in all areas with few exceptions.
It's why high security & reliability, even inexpensive offers, stay a niche
market.

------
HashThis
I agree. Please get security software off of sourceforge.

