💾 Archived View for gemini.complete.org › encrypted captured on 2024-12-17 at 09:54:36. Gemini links have been rewritten to link to archived content

View Raw

More Information

⬅️ Previous capture (2024-07-09)

-=-=-=-=-=-=-

Encrypted

Anything that uses encryption to keep content away from spying eyes.

End-to-end encryption is the best, because there need be no trusted intermediary.

Some software projects are always fully end-to-end encrypted. Examples include NNCP[1], Syncthing[2], Yggdrasil[3], and Gemini[4].

1: /nncp/

2: /syncthing/

3: /yggdrasil/

4: /gemini/

For more on encryption, see:

* GnuPG (GPG)[5]

* Sequoia PGP[6]

5: /gnupg-gpg/

6: /sequoia-pgp/

7: /age-encryption/

8: /signify/

--------------------------------------------------------------------------------

Links to this note

9: /easily-accessing-all-your-stuff-with-a-zero-trust-mesh-vpn/

Probably everyone is familiar with a regular VPN. The traditional use case is to connect to a corporate or home network from a remote location, and access services as if you were there.

10: /using-yggdrasil-as-an-automatic-mesh-fabric-to-connect-all-your-docker-containers-vms-and-servers/

*An older version of this is also available on my blog[11].*

11: https://changelog.complete.org/archives/10461-using-yggdrasil-as-an-automatic-mesh-fabric-to-connect-all-your-docker-containers-vms-and-servers

12: /building-an-asynchronous-internet-optional-instant-messaging-system/

I loaded up this title with buzzwords. The basic idea is that IM systems shouldn't have to only use the Internet. Why not let them be carried across LoRa radios, USB sticks, local Wifi networks, and yes, the Internet? I'll first discuss how, and then why.

13: /dar/

dar is a Backup[14] and archiving tool. You can think of it as as more modern tar. It supports both streaming and random-access modes, supports correct incrementals (unlike GNU tar's incremental mode), Encryption[15], various forms of compression, even integrated rdiff deltas.

14: /backups/

15: /encrypted/

16: /gnupg-gpg/

GnuPG (also known by its command name, gpg) is a tool primarily for public key Encryption[17] and cryptographic authentication.

17: /encrypted/

18: /introduction-to-filespooler/

It seems that lately I've written several shell implementations of a simple queue that enforces ordered execution of jobs that may arrive out of order. After writing this for the nth time in bash, I decided it was time to do it properly. But first, a word on the *why* of it all.

19: /encrypting-filespooler-jobs-with-age/

Like the process described in Encrypting Filespooler Jobs with GPG[20], Filespooler[21] can handle packets Encrypted[22] with Age (Encryption)[23]. Age may be easier than GnuPG in a number of cases, particularly because it can use a person's existing SSH keypairs for encryption.

20: /encrypting-filespooler-jobs-with-gpg/

21: /filespooler/

22: /encrypted/

23: /age-encryption/

24: /encrypting-filespooler-jobs-with-gpg/

Thanks to Filespooler[25]'s support for decoders, data for filespooler can be Encrypted[26] at rest and only decrypted when Filespooler needs to scan or process a queue.

25: /filespooler/

26: /encrypted/

27: /using-filespooler-over-nncp/

NNCP[28] is a powerful tool for building Asynchronous Communication[29] networks. It features end-to-end Encryption[30] as well as all sorts of other features; see my NNCP Concepts[31] page for some more ideas.

28: /nncp/

29: /asynchronous-communication/

30: /encrypted/

31: /nncp-concepts/

32: /filespooler/

Filespooler lets you request the remote execution of programs, including stdin and environment. It can use tools such as S3, Dropbox, Syncthing[33], NNCP[34], ssh, UUCP[35], USB drives, CDs, etc. as transport; basically, a filesystem is the network for Filespooler.
Filespooler is particularly suited to distributed and Asynchronous Communication[36].

33: /syncthing/

34: /nncp/

35: /uucp/

36: /asynchronous-communication/

37: /computer-security/

Keeping your (digital) bits secure.

38: /tools-for-communicating-offline-and-in-difficult-circumstances/

When things are difficult -- maybe there's been a disaster, or an invasion (this page is being written in 2022 just after Russia invaded Ukraine), or maybe you're just backpacking off the grid -- there are tools that can help you keep in touch, or move your data around. This page aims to survey some of them, roughly in order from easiest to more complex.

39: /interesting-topics/

Here are some (potentially) interesting topics you can find here:

40: /privacy/

"Privacy is the ability of an individual or group to seclude themselves or information about themselves, and thereby express themselves selectively." - Wikipedia

41: /yggdrasil/

Yggdrasil is a Mesh Network[42] that is fully Encrypted[43] and provides an IPv6 IP on the network to anyone.

42: /mesh-network/

43: /encrypted/

44: /meshtastic/

Meshtastic is a Mesh Network[45] consisting of low-power, long-range (many miles/km), small communicators. These are little battery-powered boxes that can optionally link to a phone with Bluetooth or Wifi. The communicators form an automatic mesh and can share text messages or GPS coordinates. All traffic on meshtastic is end-to-end Encrypted[46].

45: /mesh-network/

46: /encrypted/

47: /quux-org-nncp-public-relay/

According to the NNCP documentation[48], NNCP[49] is intended to help build up small size ad-hoc friend-to-friend (F2F) statically routed darknet delay-tolerant[50] networks for fire-and-forget secure reliable files, file requests, Internet Email[51] and commands transmission. All packets are integrity checked, end-to-end Encrypted[52], explicitly authenticated by known participants public keys. Onion encryption is applied to relayed packets. Each node acts both as a client and server, can use push and poll behaviour model. Also there is multicasting area support.

48: https://nncp.mirrors.quux.org/

49: /nncp/

50: /asynchronous-communication/

51: /email/

52: /encrypted/

53: /nncp/

NNCP lets you securely send files, or request remote execution, between systems. It uses asynchronous communication[54], so the source and destination need never be online simultaneously. NNCP can route requests via intermediate devices -- other NNCP nodes, USB sticks, tapes, radios, phones, cloud services, whatever -- leading to a network that is highly resilient and flexible. NNCP makes it much easier to communicate with devices that lack Internet connectivity, or have poor Internet.

54: /asynchronous-communication/

More on www.complete.org

Homepage

Interesting Topics

How This Site is Built

About John Goerzen

Web version of this site

(c) 2022-2024 John Goerzen