RetroShare settings option

By User 

adorable.wordpress.com

10 min

August 23, 2017

View Original

Here are the settings for the anonymous cryptographic platform RetroShare. The article is addressed to users of the dark web who have either minimal or average experience using the platform. Be sure to review the entire material! The bottom of the article shows how to correctly configure shared resources, which most often raises questions among inexperienced users.

The importance of settings is divided into three levels: very important, medium importance and low importance. If the last two types of settings, at least at the first start, can be skipped, then it is better to spend some time on the settings marked as “important” and set the required values.

Section “MAIN” - important settings, don’t skip them!

The importance of this settings window is determined, first of all, by the fact that two fundamental points are indicated here:

1. how the client will behave when the system starts;
2. what happens when the client starts.

The first is determined by the checkboxes in the “Run” group. The second is determined by the “Auto login” checkbox. From a security point of view, “Auto Login” should be disabled! Don’t be lazy, every time you start RetroShare, enter the password for the certificate, and therefore for all your identities, messages in forums, and channels. And, most importantly, this will eliminate the possibility of decrypting RetroShare system files if they are stolen.

The remaining settings are quite obvious, but if you do not understand the purpose of a particular checkbox, hover and hold the mouse cursor over the text next to it for a few seconds - a hint in Russian will appear there.

Section “NETWORK: network configuration” - important settings, do not skip!

Setting the client-server operating mode

At the initial stage, RetroShare should be switched to public mode, where DHT and discovery services will be enabled. The first service, DHT, or distributed hash table , will help your client-server find the current IP addresses of hosts from the open network. At the very beginning of getting to know the dark web, the help of DHT can be indispensable, since user certificates published in chats often contain false IP addresses, which makes it impossible to connect to such nodes. The second service - discovery - is an internal RetroShare service, also designed to facilitate the “connectivity” of nodes. However, it only starts working when you are already logged into the network, or, in other words, when there are already connected nodes in your environment.

As you build your personal environment (see the “Network” tab), the DHT service can be turned off, since this is the only window to the outside, and therefore unsafe, world. When you reach the coveted number of 15–30 nodes online, you can turn off the discovery service. This way you will become invisible even to other dark web participants who are not in your personal circle.

If you have a static IP address and transparent NAT, as indicated by the corresponding green circle in the program status bar, you can immediately switch to Darknet mode upon the first launch of the client-server.

Configuring NAT

The most worthy option is manual port assignment. In this case, you need to configure your router or modem and specify the required port there, and also ensure the translation of IP packets from the external network to the internal one. If you are not the most experienced user, try switching to automatic configuration mode - UPnP. Wait 5-10 minutes and make sure your NAT indicator turns green.

  Section “NETWORK: IP filters” - settings of medium importance, you can take a look

A very specific set of settings that appeared in RetroShare 0.6 after, in the wake of the popularity of the platform, the developers discovered attempts at man-in-the-middle attacks through the DHT network. If you have DHT disabled, you can forget about these settings. Otherwise, look here occasionally and check the situation to see if there are any blocked IP addresses there.

Section “NETWORK: setting up hidden services” - settings of medium importance, you can take a look

At first, the client-server setup is not so important, but in the future it will be quite useful. If your circles are gray, there is no cause for concern, you just won't be able to connect to a certain number of dark web nodes.

The easiest way to make the Tor circle turn green is by installing and running Tor Browser , not forgetting to change the port in the RetroShare settings from the standard 9050 to 9150 . A more elegant way of “greening” is indicated here (see paragraphs 1, 2, 4, 5; the last two lines in the torrc configuration file regarding hidden services should be excluded).

“Greening” an i2p mug is even easier. Download and run the current i2pd build .

Section “NETWORK: translators” - settings of low importance, can be skipped

A canvas of settings for those who want to help others connect or ask for help themselves. If you have an opaque NAT and you can’t make it transparent for one reason or another, then it won’t hurt to check the “Use Relay Servers” checkbox. Set the bandwidth values ​​below based on the bandwidth of your Internet connection.

Section “PARTICIPANTS” - important settings, don’t skip them!

The canvas is designated as important due to the fact that incorrect settings can lead to the fact that neither other people's messages will reach you, nor you will not broadcast these messages to nodes from your environment. The above figure shows the settings for the “liberalism” class, but you are free to set more brutal forms of fighting vandals.

1. Give a positive vote to everyone from my environment - each person signed by any user from your environment will automatically be entered into one positive vote in karma. It is useful when you are guaranteed to have sane users in your environment. Let us emphasize: we are talking only about signed personalities - pseudonyms, so you can tick the box without much risk. Few people would dare to vandalize on behalf of a signed identity, since in this case there is a possibility of being disconnected from the network and thus losing the entire node.
2. Difference in votes (+/–) to establish a positive rating - if a person receives more positive votes than negative ones, then his rating automatically switches from neutral to positive (according to the opinion of the participants from the environment). By default, a margin of one vote is enough to get an overall positive rating. However, you have the opportunity.
3. Difference in votes (+/-) to establish a negative rating - if any individual receives more negative votes than positive ones, then his rating automatically switches from neutral to negative (according to the opinion of the participants from the environment). By default, a margin of one vote is enough to get an overall negative rating. However, you have the opportunity.

The meaning of the remaining two ticks is quite obvious and does not require explanation. The instruction to the client-server to “ never delete a blocked identity ” (see the figure above) means that most often a hard-blocked user, after some time, deletes this identity and creates a new one. In this case, our client gives such a user 18 days to fix it. If during this time he does not leave on his own, then for some time we give him a chance and hope that his further communication activities will take more humanistic forms.

Section "CHATS: main" - settings of medium importance, you can take a look

As a rule, the average user here only changes the font and sending chat messages using the “Ctrl + Enter” key combination. The remaining settings are a matter of taste.

Section "CHATS: history" - settings of low importance, can be skipped

An obvious and uninteresting setting.

Section "CHATS: style" - settings of medium importance, you can take a look

We customize chats according to your personal understanding of beauty.

Section "MAIL" - settings of medium importance, you can take a look

As a rule, on this canvas you just need to set the automatic loading of images embedded in the body of the letter.

Section "FILES" - important settings, do not skip!

Here we pay special attention to the following points.

1. Automatically check shared folders every zzz minutes - the default time is too short, which can create a load on the hard drive if you constantly work with files - changing and moving them. It is recommended to set the value to about 1 hour.
2. The default download directory is almost the first value that should be set immediately after starting RetroShare.
3. Maximum number of simultaneous downloads – the default value is too small. A value between 10 and 30 is recommended.
4. The default method for selecting parts is to set it to “random”. In this case, when a single source of a popular distribution appears, the fragments of the file will be received by the client in random order, which will make the fragments more distributed throughout the dark web, and therefore, when the source disappears, the file will be more accessible.
5. Free disk space reserve - recommended from 800 MB to 8 GB, depending on the volume of the latter.
6. Maximum number of requests to establish an anonymous tunnel – set the maximum allowed value: 30.
7. End-to-end encryption – it is better to set it to “Require encryption”. The value shown in the figure is a simple desire to adapt to older clients who do not know how to implement end-to-end encryption. Every day there are fewer and fewer such clients, so don’t take risks.
8. Allow direct connection when downloading/uploading (Allow direct download - by the way, incorrect wording in English) is a subtle, but extremely important setting. We prohibit it, as this is not the best solution on the network, where security plays a key role. Anonymous tunnels in version 0.6 of RetroShare cope adequately with file sharing without establishing a direct connection. If you work on a local network, where “everyone is your own,” then it is not forbidden to set “Yes”.

Section "CHANNELS" - settings of medium importance, you can take a look

The same as in “Mail”: we set the automatic downloading of images embedded in the body of the message.

Section "FORUMS" - settings of medium importance, you can take a look

No comments. Amateur settings.

Section “LINKS (publications)” - settings of low importance, you can skip them

No comments.

Section “NOTIFICATIONS: channel” - settings of medium importance, you can take a look

We indicate everything that we want to see in the global “Journal” tab. We leave only the essentials, otherwise the magazine will become simply unreadable due to the abundance of unhelpful messages.

Section “NOTIFICATIONS: Pop-ups” - important settings, don’t miss it!

We only indicate what is very important to us. Pop-up windows can really interfere with your main work.

Section “NOTIFICATIONS: notification panel” - settings of medium importance, you can take a look

Customizing the icons that appear in the system tray: annoying for some, not bothersome for others, and even useful. A good replacement for pop-ups. The decision is yours.

Section “NOTIFICATIONS: chats” - settings of low importance, can be skipped

Specific, but not the most important settings regarding the flow of messages in chats.

Section “PLUGINS” - ​​settings of low importance, you can skip them

2 additional add-ons loaded. No comments.

Section “APPEARANCE” - settings of medium importance, you can take a look

A matter of taste.

“SOUND” section - important settings, don’t skip it!

The settings are given based on the consideration that sounds in any program are an interfering factor. Everything is disabled.

“PERMISSIONS” section – important settings, don’t touch anything!

Translating into the language of power electric power engineering, DO NOT INTEGRATE – YOU WILL KILL! In the comic slang of users of the RetroShare crypto-platform, this painting was lightly called “ the nightmare of a village electrician .” Fine-tuning of the core of the crypto platform is presented. Until you clearly understand what is what, it is better not to change anything.

Section "WEB INTERFACE" - settings of medium importance, you can take a look

Required for remote node management. The feature is very useful, but not for a novice dark web user.

Section “FeedReader – RSS aggregator” - settings of low importance, you can skip them

An add-on for reading RSS feeds from an external network for the purpose of broadcasting them to the dark web.

Section “VOIP” - settings of medium importance, you can take a look

Setting up an audio-video communication plugin.

Section “ABOUT THE PROGRAM” - you can take a look

---

CONFIGURING SHARED RESOURCES

Resources shared by a dark web user are configured by clicking on the global “Files” tab, then going to “My files → Configure shared folders.” Setting up personal files and folders available for download to network users looks approximately as shown in the picture below.

Let us indicate the purpose of three independent pictograms.

1. Flesh background : with a magnifying glass – the contents of the folder will be found through an intranet anonymous search by any user of the dark web; without a magnifying glass - the contents of the folder cannot be found through an intranet anonymous search.
2. Blue background : with mask – the contents of the folder are available for download by any anonymous network user; without mask – the contents of the folder are available for downloading only when a direct connection is established . (If this is prohibited by the client-server settings, downloading is prohibited in principle.)
3. Green background : with folder – a list of folders and files located in this folder will be available to all nodes or a specific group of nodes located in the personal environment; without folder – the list of folders and files is prohibited from being shared with anyone.

Let's look at four typical cases that may be useful in your anonymous file sharing practice.

CONFIGURATION 1: decryption

This folder contains content of a personal nature , so the names of the files will not be found in an intranet search by any network user, regardless of their affiliation/non-belonging to a personal environment. However, if an arbitrary dark web user has a link (or full hash) to a file located in such a folder, he will be able to download this file by establishing an anonymous tunnel with my node. But such a user can only receive a link to the file from me, manually. Nodes included in the “ Family ” environment are allowed to view the contents of this folder for the purpose of further downloading any file of interest.

CONFIGURATION 2: decryption

This folder contains content intended for all network users , so its contents are easily found using an intranet search service and are available for downloading through anonymous tunnels (we don’t have others, since we disabled the direct connection in the RetroShare settings). In addition, I allow nodes included in the Family environment to directly view the contents of this folder. This service is not available to other network users, because I don’t want them to know what is generally stored in this folder.

CONFIGURATION 3: decryption

This folder contains content intended for all network users , so its contents are easily found using an intranet search and are available for downloading through anonymous tunnels. However, I do not allow anyone to directly view the contents of the folder.

The difference between the 3rd option and the 2nd is that:

1. the folder contains special content that should not be tied to a specific node, exposing the contents to public view - or
2. the folder contains a huge number of files and viewing such a folder can cause the remote client to freeze.

CONFIGURATION 4: decryption

This folder contains content intended for all network users , so its contents are easily found using an intranet search and are available for downloading through anonymous tunnels. In addition, its contents are so harmless that I allow every node in my environment to directly view it . Of course, other users cannot see the contents of the folder. They only have the opportunity to find and download my harmless files.

We can also allow one curious case when we prohibit the possibility of anonymous downloading (2nd icon), but at the same time we open the contents of the folder for search and viewing by nodes. This mode can be called “greedy”: the environment sees what is in the folder, any user can find files through search, but no one can download content.

In conclusion, let us add that the number and names of groups to which the third icon can be attached are not limited in any way. You can create groups of nodes with the names “Distant relatives”, “Colleagues”, “I’m at work”, “Neighbor”, “Girlfriends”, “Fedor”, etc. Then, for each group, you can open a particular folder for review and/or download.

Просмотры: