Slashdot Mirror

← Back to Stories (view on slashdot.org)

Opportunistic Encryption of IP traffic: FreeS/WAN 2.0

Posted by michael on from the fight-the-man dept.

Russ Nelson writes "Since 1996, John Gilmore has dreamed of an Internet where all traffic between cooperating sites is encrypted. He has supported the FreeS/WAN project which uses IPSEC to encrypt IP traffic on an opportunistic encrypting basis. The team has released Linux FreeS/WAN 2.00, their first release optimized for Opportunistic Encryption (OE). After installation, ZERO host configuration is required for OE! A Linux box running 2.00 will encrypt all IP packets to other OE capable boxes whenever possible, provided you publish a key and IPsec gateway information in DNS." Nice.

3 of 153 comments (clear)

  1. slow by Anonymous Coward · · Score: 0, Offtopic

    I've heard these systems are notoriously slow to encrypt the data depending on what is being encrypted. Is this true?

    PS. Where'd the icons for the front page stories go?

  2. Re: not sure you oppose govt. surveillance?? by King_TJ · · Score: 1, Offtopic

    Hey! You're never too old to realize trading freedom for security is a bad idea!

    I'm against terrorism as much as the next guy, but let's look at the facts here. Government is never going to release official documents giving true statistics on how often interception of secure communications resulted in capture of a terrorist.

    Say they invade the privacy of 50,000 individuals, and mistakenly go after 25 people from this information. Finally, they get 2 terrorists. What do you think the news is going to say? I'd wager it'll trump up how "2 suspected terrorists were captured today, thanks to interception of emails between them and known Al Queida leaders."

    It's not that you're receiving incorrect information/news. It's simply that it's filtered.

    In any case, I'm a firm believer in giving people the tools they need to accomplish a task, and letting them take charge of their own destinies. Opportunistic encryption is certainly a nice "tool" to add to the computer toolbox.

    Right now, the biggest problem we face with encryption tools is automatic suspicion we're doing "something bad/wrong" just because we use it. If it gets rolled into OS's as a default option, that silly argument vanishes.

  3. Re: IN DEMOCRATIQ IRAQ by Anonymous Coward · · Score: 0, Offtopic

    Opportunistic encr#!+"*ç+324 @¦#!!!