Retroshare
This article has multiple issues.Please helpimprove itor discuss these issues on thetalk page.(Learn how and when to remove these messages)
|
Original author(s) | Robert Fernie |
---|---|
Developer(s) |
|
Initial release | 2006[1] |
Stable release | 0.6.7[2]
/ 30 November 2023 |
Repository | github |
Written in | C++ |
Operating system | Linux,Windows,macOS,Android,FreeBSD,OpenBSD,NetBSD,Haiku |
Platform | Cross-platform |
Available in | 38 languages[3] |
List of languages English, Arabic, Bulgarian, Catalan (Spain), Chinese (China), Chinese (Taiwan), Czech, Danish, Dutch, Estonian, Finnish, French, Galician (Spain), German, Greek, Hebrew, Hungarian, Indonesian, Italian, Japanese, Korean, Macedonian, Malayalam, Norwegian Bokmål, Occitan, Polish, Portuguese, Portuguese (Brazil), Portuguese (Portugal), Romanian, Russian, Serbian, Slovenian, Spanish, Swedish, Turkish, Ukrainian, Vietnamese | |
Type | Anonymous P2P,friend-to-friend,chat,instant messaging,newsgroups,voice over IP,email clientandBBS |
License | GNU General Public License |
Website | retroshare |
Part ofa serieson |
File sharing |
---|
Retroshareis afree and open-sourcepeer-to-peercommunication andfile sharingapp based on afriend-to-friendnetwork built byGNU Privacy Guard(GPG).[4]Optionally peers may exchangecertificatesandIP addressesto their friends and vice versa.[5][6]
History
[edit]Retroshare was founded in 2004 by Mark Fernie.[7]An unofficialbuildfor thesingle-board computerRaspberry Pi,named PiShare, was available since 2012.[8]
On 4 November 2014, Retroshare scored 6 out of 7 points on theElectronic Frontier Foundation'ssecure messagingscorecard, which is now out-of-date. It lost a point because there had not been a recent independentcode audit.[9]
In August 2015, Retrosharerepositorywas migrated fromSourceForgetoGitHub.[10]In 2016,Linux Magazinereviewed security gaps in Retroshare and described it as "a brave effort, but in the end, an ineffective one."[11]
Design
[edit]Retroshare is aninstant messagingandfile-sharingnetwork that uses adistributed hash tablefor address discovery. Users can communicate indirectly through mutual friends and request direct connections.[12]
Features
[edit]This sectioncontains content that is written likean advertisement.(September 2022) |
Authentication and connectivity
[edit]After initial installation, the user generates a pair of (GPG)cryptographic keyswith Retroshare. Afterauthenticationand exchanging anasymmetric key,OpenSSLis used to establish a connection, and forend-to-end encryption.Friends of friends cannot connect by default, but they can see each other, if the users allow it.IPv6was released in November of 2018.
File sharing
[edit]It is possible to share folders between friends.[13]File transfer is carried on using a multi-hop swarming system (inspired by the "Turtle Hopping" feature from theTurtle F2Fproject, but implemented differently). In essence, data is only exchanged between friends, although it is possible that the ultimate source and destination of a given transfer are multiple friends apart. A search function performing anonymous multi-hopsearch is another source of finding files in the network.
Files are represented by theirSHA-1hashvalue, andHTTP-compliant file and links may be exported, copied, and pasted into/out of Retroshare to publish their virtual location into the Retroshare network.
Communication
[edit]Retroshare offers the following services for communication:
- a privatechat;
- a private mailing system that allows secure communication between known friends and distant friends;
- public and private multi-user chat lobbies;
- aforumsystem allowing both anonymous and authenticated forums, which distributes posts from friends to friends;
- a channel system offers the possibility to auto-download files posted in a given channel to every subscribed peer, similar toRSSfeeds;
- a posted links system, where links to important information can be shared;
- VoIPcalls;
- Video calls(since version 0.6.0);
- TorandI2Pnetworks support, for furtheranonymisation(since version 0.6.0).
User interface
[edit]The core of the Retroshare software is based on an offline library, into which two executables are plugged:
- acommand-line interfaceexecutable which offers nearly no control, but it is useful to run "headless" on aserver
- agraphical user interfacewritten inQtis the one most users use. In addition to functions quite common to other file-sharing software, such as a search tab and visualization of transfers, Retroshare gives users the potential to manage their network by collecting optional information about neighbouring friends and visualizing it as a trust matrix or as a dynamic network graph. The appearance can be changed by choosing one of several available style sheets.
Anonymity
[edit]Thefriend-to-friendstructure of the Retroshare network makes it difficult to intrude and hardly possible to monitor from an external point of view.[citation needed][14]The degree of anonymity may be improved further by deactivating theDHTand IP/certificateexchange services, making the Retroshare network a real dark net.[15]
Friends of friends may not connect directly with each other; however, a user may enable the anonymous sharing of files with friends of friends. Search, access, and both upload and download of these files are made by "routing" through a series of friends. This means that communication between the source of data (the up-loader) and the destination of the data (the down-loader) is indirect through mutual friends. Although the intermediary friends cannot determine the original source or ultimate destination, they can see their very next links in the communication chain (their friends). Since the data stream is encrypted, only the original source and ultimate destination are able to see what data is transferred.
Caveats
[edit]While Retroshare's encryption makes it virtually impossible for anISPor another external observer to know what one is downloading or uploading, this limitation does not apply to members of the user's Retroshare circle of trust; adding untrusted people to it may be a potential risk.[16][better source needed]
In 2012, a German Court granted an injunction against a user of Retroshare for sharing copyrighted music files. Retroshare derives its security from the fact that all transfers should go through “trusted friends” whom users add. In this case, the defendant added the anti-piracy monitoring company as a friend, which allowed him to be traced through aggregation of badOpsec.[17]
See also
[edit]References
[edit]- ^"Retroshare aims to be a private F2F social network | SourceForge Community Blog".Sourceforge.net.11 May 2010.Retrieved4 December2016.
- ^"Release 0.6.7".30 November 2023.Retrieved30 November2023.
- ^"Retroshare localization".Transifex.Retrieved4 December2016.
- ^Amato, Alba, Beniamino Di Martino, Marco Scialdone, and Salvatore Venticinque. "A negotiation solution for smart grid using a fully decentralized, P2P approach".Ninth International Conference on Complex.
{{cite journal}}
:CS1 maint: multiple names: authors list (link) - ^"Anonymous, Decentralized and Uncensored File-Sharing is Booming".TorrentFreak. 3 March 2012.Retrieved4 December2016.
- ^Shen, Xuemin; Yu, Heather; Buford, John; Akon, Mursalin, eds. (2010).Handbook of Peer-to-Peer Networking | Xuemin (Sherman) Shen.Springer.doi:10.1007/978-0-387-09751-0.ISBN978-0-387-09750-3.S2CID60783890.Retrieved4 December2016.
- ^Alkhulaiwi, Rakan; Sabur, Abdulhakim; Aldughayem, Khalid; Almanna, Osama (December 2016)."Survey of secure anonymous peer to peer Instant Messaging protocols".2016 14th Annual Conference on Privacy, Security and Trust (PST).IEEE. pp. 294–300.doi:10.1109/pst.2016.7906977.ISBN978-1-5090-4379-8.S2CID15496391.
- ^"PiShare download".SourceForge.net.15 January 2014.Retrieved4 December2016.
- ^"Secure Messaging Scorecard. Which apps and tools actually keep your messages safe?".Electronic Frontier Foundation. 4 November 2014.
- ^Community, Retroshare."History - Retroshare Docs".retroshare.readthedocs.io.Retrieved28 January2018.
- ^Byfield, Bruce (24 February 2016)."Is a private network useful for privacy and security?".Linux Magazine.Retrieved4 September2022.
- ^M, Rogers; S, Bhatti (2007)."How to Disappear Completely: A Survey of Private Peer-to-Peer Networks".discovery.ucl.ac.uk.Retrieved28 January2018.[permanent dead link]
- ^Alkhulaiwi, Rakan, Abdulhakim Sabur, Khalid Aldughayem, and Osama Almanna. "Survey of secure anonymous peer to peer Instant Messaging protocols".14th Annual Conference on Privacy, Security and Trust.
{{cite journal}}
:CS1 maint: multiple names: authors list (link) - ^Alkhulaiwi, Rakan, Abdulhakim Sabur, Khalid Aldughayem, and Osama Almanna (2016). "Survey of secure anonymous peer to peer Instant Messaging protocols".2016 14th Annual Conference on Privacy, Security and Trust (PST).pp. 294–300.doi:10.1109/PST.2016.7906977.ISBN978-1-5090-4379-8.S2CID15496391.
{{cite book}}
:CS1 maint: multiple names: authors list (link) - ^"Anonymous, Decentralized and Uncensored File-Sharing is Booming - TorrentFreak".TorrentFreak.3 March 2012.Retrieved28 January2018.
- ^"Increase online privacy with Retroshare".Doug Vitale Tech Blog.29 July 2013.Retrieved28 January2018.
- ^""Anonymous" File-Sharing Darknet Ruled Illegal by German Court - TorrentFreak ".TorrentFreak.23 November 2012.Retrieved28 January2018.
External links
[edit]- 2006 software
- Anonymous file sharing networks
- Cross-platform free software
- Cryptographic software
- Free file sharing software
- Free file transfer software
- Free instant messaging clients
- Free Internet forum software
- Free software programmed in C++
- Instant messaging clients that use Qt
- Internet privacy software
- MacOS instant messaging clients
- Peer-to-peer file sharing
- Peer-to-peer software
- Secure communication
- Unix instant messaging clients