Skip to content

The state of Zeronet security #993

Description

@HulaHoopWhonix

I was very excited about Zeronet until I read this: https://news.ycombinator.com/item?id=14041077

As a security/privacy distro integrator I really care about the safety of the underlying cryptolibs. We recommend tools for people in potentially life-threatening situations. Using outdated code (by a couple of years) that has known vulnerablities just doesn't cut it. I was sad to see these problems brushed off and shut down by the core devs. If you want to avoid breakage while maintaining security than I advise you to develop on Debian stable where security fixes are backported while avoiding unstable code churn. Its also good for code reproducibility which will be a requirement in Debian stable-next.


The second point is not really your fault but its smart to avoid. Namecoin hashing power has sunk to a level where a single miner is dominating it. Domain squatting is becoming a serious problem. I recommend moving to a Tor related solution for human memorable and secure addresses still under development.

https://github.com/Jesse-V/OnioNS-client

cc/ @adrelanos

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions