Turtle F2F
From Wikipedia, the free encyclopedia
| Image:Turtle-logo.png | |
|---|---|
| Maintainer: | Petr Matejka Bogdan Popescu |
| Stable release: | 1.0.0 (Sept. 2006) [+/-] |
| Preview release: | 1.0.0 (Sept. 2006) [+/-] |
| OS: | Linux |
| Use: | Anonymous p2p / friend-to-friend |
| License: | GPL |
| Website: | www.turtle4privacy.org |
Turtle is a new tool for facilitating free speech by combining encryption with peer-to-peer (P2P) technology. Turtle users can exchange information deemed controversial or risky (for example whistleblowers exposing government or corporate abuse) without being exposed to legal or economic pressure from parties that may want to censor or suppress this information. Such users are likely to be found in countries where the government routinely snoops on citizens' communications. It will also be attractive to people in all countries who value their privacy.
[edit] Architecture
Technically, Turtle is a friend-to-friend (F2F) network - a special type of peer-to-peer network in which all your communication goes only to your friends, and then to their friends, and so on, to the ultimate destination.
The basic idea behind Turtle is to build a (P2P) overlay on top of pre-existing trust relationships among Turtle users. Each user acts as node in the overlay by running a copy of the Turtle client software. Unlike existing (P2P) networks, Turtle does not allow arbitrary nodes to connect and exchange information. Instead, each user establishes secure and authenticated channels with a limited number of other nodes controlled by people he or she trusts (friends). In the Turtle overlay, both queries and results move hop by hop; the net result is that information is only exchanged between people that trust each other and is always encrypted. Consequently, a snooper or adversary has no way to determine who is requesting/providing information, and what that information is. Given this design, a Turtle network offers a number of useful security properties, such as confined damage in case of node compromise, and resilience against denial of service attacks.
