FREQUENTLY ASKED QUESTIONS -
STREEMBIT
See below a list of our most frequently asked questions
Streembit is a decentralised communication network for humans and machines. You can send messages, make audio and video calls, send files, and even share your screen with another user.
If you wear clothes, use passwords, close doors, use envelopes, or sometimes speak softly, then you do have something to hide; you’re just having trouble understanding that you already do care about privacy. Here are some references to help you understand why everyone, especially honest hard-working people, needs privacy. (source: REDDIT http://bit.ly/2n8530J)
- TechRepublic – Why ‘Nothing to Hide’ misrepresents online privacy – A legal research professor explains to Michael P. Kassner why we should think long and hard before subscribing to the “Nothing to Hide” defense of surveillance and data-gathering.
- MSNBC – Surveillance: You may have ‘nothing to hide’–but you still have something to fear – At first blush, this argument might seem sound—after all, if the government is merely conducting anti-terrorism surveillance, non-terrorists shouldn’t be affected, right? But if you look more closely, you’ll see this idea is full of holes.
- Wired.com – Why ‘I Have Nothing to Hide’ Is the Wrong Way to Think About Surveillance
- ZDNet – Privacy is innately flawed: ‘Nothing to hide’ does not exist – There is no such thing as “I have nothing to hide”. Everyone has something to hide, and there will be someone out there who will pay to see what it is.
- Mashable – NSA Snooping Matters, Even If You Have ‘Nothing to Hide’ –
- Techdirt – If You’ve Got Nothing To Hide, You’ve Actually Got Plenty To Hide – The line “if you’ve got nothing to hide, you have nothing to worry about” is used all too often in defending surveillance overreach. It’s been debunked countless times in the past, but with the line being trotted out frequently in response to the NSA revelations, it’s time for yet another debunking, and there are two good ones that were recently published.
- WashingtonExaminer – Even law-abiding people should oppose surveillance – In other words, why should law-abiding citizens mind federal surveillance?
- The Chronicle – Why Privacy Matters Even if You Have ‘Nothing to Hide’ – A long and thorough article on many, many different reasons why the NTHNTF argument is basically invalid.
- Mail Online – If we have nothing to hide, then why should we have to prove it? – Those who have nothing to hide have nothing to fear. Every time the State wants to extend its powers, this trite phrase is wheeled out.
- PRISM: Why You Should Care, Even If You “Have Nothing To Hide” – And, no, most of us don’t have anything to hide. In fact, the vast majority of us will never do anything the government cares about. But that’s not why you should care about your privacy.
- Reason.com – 3 Reasons the ‘Nothing to Hide’ Crowd Should Be Worried About Government Surveillance – Most people think the federal government would have no interest in them, but many discover to their horror how wrong they are
- The Phoenix – Debunking ‘nothing to hide’ – ‘No secrets’ doesn’t mean ‘no problem’
- ID Folly: Those with nothing to hide have nothing to fear?? – Everybody else, it is claimed, will be able to enjoy a new sense of security and safety from ideologically inspired violence, fraud and other criminal acts. The statement that only those with something to hide will have something to fear, is nothing more than a thoughtless and foolish mantra repeated by those who prefer platitudes to the demands of careful and rational thinking.
- Watch this snippet but the whole talk is informative.
- Read this and this for explanations of why you should care.
- Visit this and this website for different side of privacy on the web and its importance.
- In depth article about advertiser tracking at The Atlantic and when all this data is combined at CIO.
- Watch this video on why Privacy matters
- This non-technical explanation of why privacy matters uses literary references.
There is no middleman. Every message goes directly to its intended recepient, and to no one else. Your data is not stored on a central server as it is in many current communication platforms such and Skype and Snapchat.
Yes! You can use it to communicate with devices as well. Streembit is built to bring the Internet-of-Things to life.
Yup. There will never be advertisements. It is also open source, meaning that the code is available to anyone to review or even use.
Nothing, no personal information, no email, no secret questions, all you need is a username and a password.
Incredibly. The combination of a decentralised network and unbreakable cryptography makes communicating through Streembit not only secure, but private. The basic premises of the Streembit security are
- Human users and Internet of Things devices use public/private key (PPK) infrastructure and PPK cryptography functions to secure messages.
- The system uses elliptic curve Diffie Hellman (ECDH) key exchange algorithms to facilitate the exchange of session keys.
- Each actor of the system must generate a public/private key pair. (Typically keys are generated prior to configuring the device and will be burned into the devices’ firmware).
- The device or user publishes the public key to other users of the system. We mitigate Sybil attacks with cryptographically secure identity management (i.e. the contacts know each other’s public key).
- The data integrity and authenticity of the messages is guaranteed with PPK signatures and embedded in JWT, JWS and JWE data structures.
- Each session between users is secured with strong symmetric cryptography keys.
- All messages between users are secured with 256-bit AES symmetric encryption/decryption.
A. DDoS attacks: Denial of service attacks are effective against centralized servers because only a small amount of servers are responsible for providing a service for their users. These servers can be flooded with requests from a large amount of computers/bots, making it impossible for them to do their job. On a decentralized peer-to-peer network, instead of a small amount of servers, you have a large amount of nodes doing this job. The bigger the decentralized network, the more uneconomical the DDoS attack would be. A perfect example of this is Bitcoin, since it’s inception it hasn’t experienced a single network outage. To even further prevent a DDoS attack, the IP address and port of Streembit nodes are encrypted. Centralized server vulnerabilities: With central servers, you never know what you are going to get. Do they encrypt your data that they store? Are they up to date on the latest security standards? Do their employees be careful when giving up user information, and watch out for social engineering attacks? Fortunately with Streembit none of these problems will concern you, your data isn’t stored on a server and due to the nature of public key cryptography nobody even needs to know what your password (private key) is in order to verify that you are you.
Streembit uses public key cryptography in order to make sure that only white-listed accounts have access to your devices, and a Kademlia DHT for user/device discovery to connect you directly to your device.
Yes, once you have initialized your account by connecting to the Streembit public network, you will need to backup your account incase your computer crashes, or if you want to communicate from another computer or device. For your own privacy the network does not store your account information, so if you lose your account data it will be irretrievable. It is always a good idea to have a few backups.
Click on the Actions/Restore account menu item or the “Restore Account” button to start restoring the account from a backup file.
Yes, you can make a network that only allows users and devices you approve to join. The applications of a private network include businesses, your home, and even military operations.
Streembit uses a Kademlia DHT (distributed hash table) for user discovery and any distributed storage needs of the network. Contact information of each node is encrypted and stored in the DHT, as well as undelivered messages. Streembit will be able to fulfill other distributed storage needs of future applications built on the network.
Hiding metadata is practically impossible with the way the internet works. We don’t hide metadata, but instead use well implemented cryptography to keep your communications private. This approach mathematically allows you to be absolutely certain your communications are private, rather than just hoping that your metadata is hidden.
When you create an offline contact offer you encode your public key, account name, and network connection details. You can then send this encoded text to who you wish to communicate with, and they can send you their offline contact offer. You can send this text in a letter, an online channel, or even HAM radio. How secure you want to be with it is up to you. Exchanging information this way eliminates the possibility of a man in the middle attack because you are not using central servers to exchange contact information.
Streembit aims to comply with open security and communication standards. The compliance is verifiable via peer review of the Streembit open source system. Streembit is built on FIPS, IETF and W3C security; data and communication standards such as JWT, JWS, WebRTC, as well as the latest planned and actual standards from W3C Web of Things initiative. The system uses recommended curves for the ECDSA and ECDH elliptic curve cryptography functions. Our developers take an active role in the W3C Web of Things Initiative (https://github.com/w3c/web-of-things-framework) and mirror all WoT standards in the Streembit codebase.
Aside from always improving Streembit, we are working on integrating streaming, smart contracts, an application marketplace, and a cryptocurrency. We are currently developing Streembit mobile applications for Android and iOS.
To use signal you need to give your phone number in order to register. Streembit registration requires no personal information, only a username to publish to the network. A key difference is that Signal is a centralised solution. All communication goes through the Signal server. That enables collection of metadata, never mind the requirement to comply with legislations such as the UK Investigatory Powers Act. Key disclosure laws are already enforced in many countries and it is safe to assume more will come. https://en.wikipedia.org/wiki/Key_disclosure_law Streembit is a peer-to-peer application, meaning users communicate directly without using a centralised service provider. Streembit users are not subject to key disclosure legislations.
No, but it is recommended. At the moment you must forward your port to fully utilize Streembit, but if that is not an option you can use our WebSocket server to communicate. Opening your port will allow you to connect directly to who you are communicating with, meaning a server will not facilitate your connection. The Streembit P2P desktop application tries to open the port using UPnP. Don’t worry though, if you don’t want to open your port your data will still be encrypted, the WebSocket server will not be able to read your messages or other data.
Join our Gitter here: https://gitter.im/streembit/home We will be available to assist you, as well as many other community members.