[Freedombox-discuss] Santiago

Nick M. Daly nick.m.daly at gmail.com
Thu May 17 03:59:21 UTC 2012 

On Wed, 16 May 2012 19:41:57 -0700, Bill wrote:
> Does Santiago send messages between people's home computers without using
> an email server in between them?  This sounds great!

Hi Bill!  I think I've done a poor job explaining what Santiago is and
does.  So, hopefully, here comes a more useful explanation.  Forgive me
if I generalize things or make issues unnecessarily simple, I'm trying
to make this explanation more accessible than technically correct.

Also, Bill, I don't think Santiago does quite what you're looking for.
You might be more interested in a Jabber server [0] or perhaps
RetroShare [1].

Santiago is the old name for the FreedomBuddy system.  It's designed to
let users negotiate services without interference from third parties,
preventing man-in-the-middle attacks by using pre-shared keys.

First, a short history lesson in by way of explanation: A few years ago,
Comcast started blocking Lotus Notes for no apparent reason [2, 3].
Users were negotiating connections between their computers and Comcast
was censoring the messages.  To simplify things terribly, Alice would
try to send Bob some new notes.  Bob would tell Alice to send them along
but that acceptance would be censored: Alice never received Bob's reply
and notes were never exchanged.

Santiago avoids this issue by encrypting the messages that negotiate
connections: now, neither Comcast nor your nosy next-door neighbor will
know what services you're negotiating, keeping out the people who have
no business poking into your business.  Securing the connection process
allows you to set up an encrypted connection to your friend that other
services can use, making it still harder for third parties to interfere
in your communication.  If you use a Tor hidden service as your Santiago
service address, that can act as static IP address, allowing you to
negotiate with your friends even as you both move around and change IP
addresses.

This is no communication panacea, the folks in control of your internet
connection could still cut it off for exceeding your bandwidth cap, for
example.  However, it does make it significantly harder to determine
what services are being negotiated.  The pre-shared key bit might help
to reduce the technical density of the problem, making it more
accessible to grandmothers than, say, a custom VPN ethernet interface:
people understand identity much better than they understand technical
issues.  That's not to say that people even understand identity well.
But, without going deep into the philosophy, most folks seem to have an
intuitive understanding of the subject.

Nick

0: https://en.wikipedia.org/wiki/Comparison_of_XMPP_server_software

1: http://retroshare.sourceforge.net/

2: http://www.techdirt.com/articles/20071021/150541.shtml

3: https://en.wikipedia.org/wiki/Sandvine#Comcast_Controversy
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 835 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/freedombox-discuss/attachments/20120516/2354a880/attachment.pgp>

More information about the Freedombox-discuss mailing list