RetroShare

RetroShare
Initial release 2006 (2006)[1]
Preview release
0.6.4[2] / 13 March 2018 (2018-03-13)
Repository github.com/RetroShare
Written in C++
Operating system
Available in 38 languages[3]
List of languages
English, Arabic, Bulgarian, Catalan (Spain), Chinese (China), Chinese (Taiwan), Czech, Danish, Dutch, Estonian, Finnish, French, Galician, German, Greek, Hebrew, Hungarian, Indonesian, Italian, Japanese, Korean, Macedonian, Malayalam, Norwegian Bokmål, Occitan, Polish, Portuguese, Portuguese (Brazil), Portuguese (Portugal), Romanian, Russian, Serbian, Slovenian, Spanish, Swedish, Turkish, Ukrainian, Vietnamese
Type Anonymous P2P, friend-to-friend, chat, instant messaging, newsgroups, voice over IP, email client and BBS
License GNU General Public License
Website retroshare.net

RetroShare is a free and open-source peer-to-peer communication and file sharing app, based on a friend-to-friend network built on GNU Privacy Guard (GPG). Optionally, peers may communicate certificates and IP addresses from and to their friends.[4][5]

Retroshare creates encrypted connections to your friends, which reduces the likelihood of surveillance. Retroshare is completely decentralized. This means there are no central servers. Retroshare provides independence from corporate systems and centralized servers which might shut down or change their terms of services at any time.

RetroShare is built completely without any corporate or state sponsors. It is not dependant on funding, and thus is able to operate without outside influence.[6]

History

There has been an unofficial build for the single-board computer Raspberry Pi, named PiShare, since 2012.[7]

The web site 'PRISM Break' has recommended RetroShare for anonymous file sharing since 2013.[8]

On November 4, 2014, RetroShare scored 6 out of 7 points on the Electronic Frontier Foundation's secure messaging scorecard. It lost a point because there has not been a recent independent code audit.[9]

In August 2015, Retroshare repository was migrated from SourceForge to GitHub. [10]

Design

Retroshare is an instant messaging and file sharing network that uses a distributed hash table for address discovery. Users can communicate indirectly through mutual friends and request direct connections[11].

Retroshare are creates Mesh Network, specifically Partially Connected Network. They have no central server and each individual node is both client & server. When a node is under attack, the other parts of the network are still working without interruption. Each meshed nodes cooperate in the distribution of data in the network.

RetroShare networks tend to follow the rule of Small World Network, though there are lot of isolated island networks which build closed groups as darknets. A Small World Network is a type of mathematical graph in which most nodes are not neighbors of one another, but the neighbors of any given node are likely to be neighbors of each other and most nodes can be reached from every other node by a small number of hops or steps.

RetroShare is friend-to-friend (or F2F) computer network, a sub-type of peer-to-peer networks, in which users only make direct connections with people they know.

Features

Authentication and connectivity

After initial installation, the user generates a pair of (GPG) cryptographic keys with RetroShare.

After authentication and exchanging an asymmetric key, OpenSSL is used to establish a connection, and for end-to-end encryption. Friends of friends cannot connect by default, but they can see each other, if the users allow it.

IPv6 support is planned for the RetroShare 0.6 release branch with a possible release in 2016.

File sharing

It is possible to share folders between friends. File transfer is carried on using a multi-hop swarming system (inspired by the "Turtle Hopping" feature from the Turtle F2F project, but implemented differently). In essence, data is only exchanged between friends, although it is possible that the ultimate source and destination of a given transfer are multiple friends apart. A search function performing anonymous multi-hop search is another source of finding files in the network.

Files are represented by their SHA-1 hash value, and HTTP-compliant file and links may be exported, copied, and pasted into/out of RetroShare to publish their virtual location into the RetroShare network.

Communication

The services that RetroShare offers for communication are :

  • a private chat
  • a private mailing system allow secure communication between known friends and distant friends
  • public and private multi-user chat lobbies
  • a forum system allowing both anonymous and authenticated forums which distributes posts from friends to friends
  • a channel system offers the possibility to auto-download files posted in a given channel to every subscribed peer, similar to RSS feeds
  • a Posted links system, where links to important information can be shared
  • VoIP calls
  • Video calls (since version 0.6.0)
  • Tor and I2P networks support, for further anonymisation (since version 0.6.0).

User interface

The core of the RetroShare software is based on an offline library, to which two executables are plugged:

  • a command-line interface executable, that offers nearly no control, but it useful to run on a server 'headless'
  • a graphical user interface written in Qt 4, which is the one most users use. In addition to functions quite common to other file sharing software, such as a search tab and visualization of transfers, RetroShare gives users the potential to manage their network by collecting optional information about neighbour friends and visualizing it as a trust matrix or as a dynamic network graph. The appearance can be changed by choosing one of several available style sheets.

Anonymity

The friend-to-friend structure of the RetroShare network makes it difficult to intrude and hardly possible to monitor from an external point of view. The degree of anonymity may be improved further by deactivating the DHT and IP/certificate exchange services, making the RetroShare network a real Darknet.[12]

Friends of friends may not connect directly with each other; however, the possibility exists of anonymously sharing files with friends of friends, if enabled by the user. Search, access, and both uploading and downloading of these files is made by "routing" through a series of friends. This means that communications between the source of data (the uploader) and the destination of the data (the downloader) is indirect through mutual friends. Although the intermediary friends cannot determine the original source or ultimate destination, they can see their very next links in the communication chain (their friends). Since the data stream is encrypted, only original source and ultimate destination are able to see what data is transferred.

Caveats

When your file sharing is restricted to collaboration with people you know in real life, your choices of available content will be severely hampered in comparison to other more popular P2P services. In response, you will probably want to make “friends” with other individuals whom you only “know” online in an effort to enlarge the available pool of files. However, at this point the trust model employed from RetroShare starts to break down: how are you supposed to trust someone else who, as far as you are concerned, exists solely on the Internet? After all, it wouldn’t be too difficult to engage in social engineering to infiltrate a “secure” F2F network. Unless you know and trust someone in real life, there’s no way to vouch for the person on the other end of the RetroShare connection. The only way RetroShare will work as well as BitTorrent is when the circle of “friends” gets very wide indeed, and the wider this circle of trust gets, the more realistic the threat of infiltration becomes. The important point to remember is that while RetroShare’s encryption makes it virtually impossible for an ISP or another external observer to know what your are downloading or uploading, this limitation does not apply to members of your RetroShare circle of trust, and you could be at risk if you add the wrong people to it.[13]

In 2012, a German Court injunction against the user of RetroShare for sharing copyrighted music files. RetroShare derives its security from the fact that all transfers go through “trusted friends” who users themselves add. In this case, the defendant added the anti-piracy monitoring company as a friend, which allowed him to be “caught.”[14]

See also

References

  1. "RetroShare aims to be a private F2F social network | SourceForge Community Blog". Sourceforge.net. 2010-05-11. Retrieved 2016-12-04.
  2. https://retroshareteam.wordpress.com/2018/03/13/release-notes-for-v0-6-4/
  3. "RetroShare localization". Transifex.com. Retrieved 2016-12-04.
  4. "Anonymous, Decentralized and Uncensored File-Sharing is Booming". TorrentFreak. 2012-03-03. Retrieved 2016-12-04.
  5. "Handbook of Peer-to-Peer Networking | Xuemin (Sherman) Shen". Springer. Retrieved 2016-12-04.
  6. Community, RetroShare. "About - RetroShare Docs". retroshare.readthedocs.io. Retrieved 2018-01-28.
  7. "PiShare download". SourceForge.net. Retrieved 2016-12-04.
  8. Peng Zhong (2003-07-16). "Projects". PRISM Break. Retrieved 2016-12-04.
  9. "Secure Messaging Scorecard. Which apps and tools actually keep your messages safe?". Electronic Frontier Foundation. 2014-11-04.
  10. Community, RetroShare. "History - RetroShare Docs". retroshare.readthedocs.io. Retrieved 2018-01-28.
  11. M, Rogers,; S, Bhatti, (2007). "How to Disappear Completely: A Survey of Private Peer-to-Peer Networks". discovery.ucl.ac.uk. Retrieved 2018-01-28.
  12. "Anonymous, Decentralized and Uncensored File-Sharing is Booming - TorrentFreak". TorrentFreak. 2012-03-03. Retrieved 2018-01-28.
  13. "Increase online privacy with RetroShare". Doug Vitale Tech Blog. 2013-07-29. Retrieved 2018-01-28.
  14. ""Anonymous" File-Sharing Darknet Ruled Illegal by German Court - TorrentFreak". TorrentFreak. 2012-11-23. Retrieved 2018-01-28.
This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.