5 * Occasional connection to mail server: UsecaseMail.
6 * Lightweight fast POP3/IMAP4 replacement: UsecasePOP.
7 * Unreliable/expensive communication link: UsecaseUnreliable.
8 * Slow/expensive link for high-volume data, bad QoS: UsecaseQoS.
9 * Extreme terrestrial environments, no link: UsecaseNoLink.
10 * Private, isolated MitM/Sybil-resistant networks: UsecaseF2F.
11 * Highly secure isolated air-gap computers: UsecaseAirgap.
12 * Network censorship bypassing, health: UsecaseCensor.
13 * Reconnaissance, spying, intelligence, covert agents: UsecaseSpy.
17 @section Occasional connection to mail server
19 Assume that you have got your own @url{http://www.postfix.org/, Postfix}
20 SMTP server connected to the Internet. But you read and write emails on
21 your notebook, that is connected to it just from time to time. How can
22 you flush buffered mail queues when your notebook is connected?
24 One possibility is to log in and run something like @command{postqueue
25 -f}, but by default you have got only several days so and sender will
26 receive notification emails that his messages still are not delivered
27 yet. Also you must have secure link (SSH, VPN, etc).
29 Another possibility is to use POP3/IMAP4 servers, but this is too
30 overcomplicated and bloated for the simple task. Not an option.
31 @url{https://en.wikipedia.org/wiki/KISS_principle, KISS}!
33 Just tell both of your Postfixes (on the server and notebook) to drop
34 email as a mail via NNCP (@ref{nncp-mail}) to specified node. This is
35 done similarly as with UUCP and as written in
36 @url{http://www.postfix.org/UUCP_README.html, Postfix documentation}.
38 Look @ref{Postfix, here} for further information. All mail will be
39 stored in NNCP @ref{Spool, spool}, that after exchanging and tossing
40 will call local @command{sendmail} command to deliver them just like
41 that happened on the same machine.
44 @section Lightweight fast POP3/IMAP4 replacement
46 @ref{nncp-daemon} can be connected with @ref{nncp-caller} for a long
47 time -- it can create TCP connection that lasts for many hours. When
48 SMTP server receives mail, it will call @ref{nncp-mail} creating an
49 outbound encrypted packet. Daemon checks outbound directory each second
50 and immediately sends notification about undelivered packets to remote
51 side, that also downloads it at once.
53 There are only dozens of bytes notifying about incoming packets, dozens
54 of bytes telling to download those packets. Mail packets are compressed
55 (POP3 and IMAP4 as a rule do not). You have lightweight, compressed,
56 low-delay, reliable link for the mail with strong encryption and mutual
59 @node UsecaseUnreliable
60 @section Unreliable/expensive communication link
62 Assume that you have got slow modem/radio/cellular link that frequently
63 disconnects and causes TCP timeouts. Not all HTTP servers support file
64 download continuation. SMTP does not support resuming at all and heavy
65 messages is problematic to retrieve. Moreover, each disconnect leads to
66 the same data retransmission again, that can not be afforded sometimes.
68 Just send your @ref{nncp-mail, mail} and @ref{nncp-file, files} through
69 NNCP. You can use either offline delivery methods -- read about them in
70 the next section, or you can use included NNCP @ref{nncp-daemon, TCP
76 % nncp-file file_i_want_to_send bob:
77 % nncp-file another_file bob:movie.avi
80 will queue two files for sending to @emph{bob} node. Fire and forget!
81 Now this is daemon's job (or offline transfer) to send this files part
82 by part to remote system when it is available.
85 @section Slow/expensive link for high-volume data, bad QoS
87 Assume that you can give your relatively cheap 2 TiB removable hard
88 drive to someone each day at the morning (and take it back at the
89 evening). This equals to 185 Mbps good quality (without any speed
90 degradation) link in single direction. What about more and bigger hard
91 drives? This type of data exchange is called
92 @url{https://en.wikipedia.org/wiki/Sneakernet, sneakernet}/floppynet.
94 NNCP allows traffic @ref{Niceness, prioritizing}: each packet has
95 niceness level, that will guarantee that it will be processed earlier or
96 later than the other ones. Nearly all commands has corresponding option:
99 % nncp-file -nice 32 myfile node:dst
100 % nncp-xfer -nice 192 /mnt/shared
101 % nncp-call -nice 224 bob
106 @section Extreme terrestrial environments, no link
108 This is some kind of too slow link. Offline delivery methods is the only
109 choice. Just send files as shown in previous section, but use removable
110 media for transferring packets to other nodes.
112 Assume that you send two files to @emph{bob} node. Insert USB storage
113 device, mount it and run @ref{nncp-xfer}:
116 % nncp-xfer -node bob /media/usbstick
119 to copy all outbound packets related to @emph{bob}. Use @option{-mkdir}
120 option to create related directory on USB storage if they are missing
121 (for example when running for the first time).
123 If you use single storage device to transfer data both to @emph{bob} and
124 @emph{alice}, then just omit @option{-node} option to copy all available
128 % nncp-xfer /media/usbstick
131 Unmount it and transfer storage to Bob and Alice. When they will insert
132 it in their computers, they will use exactly the same command:
135 % nncp-xfer /media/usbstick
138 to find all packets related to their node and copy them locally for
139 further processing. @command{nncp-xfer} is the only command used with
143 @section Private, isolated MitM/Sybil-resistant networks
145 All Internet connections can be eavesdropped and forged. You
146 @strong{have to} to use encryption and authentication for securing them.
147 But it is very hard to secure metadata, that leaks during each online
148 session. When you start your shiny new software server be sure that
149 there could be huge quantity of bogus peers trying to perform
150 @url{https://en.wikipedia.org/wiki/Sybil_attack, Sybil attack}. Opennet
151 peer-to-peer networking is dangerous thing to do.
153 The most popular cryptographic protocol in Internet is
154 @url{https://en.wikipedia.org/wiki/Transport_Layer_Security, TLS} that
155 is very hard to implement correctly and hard to configure for mutual
156 participants authentication. Not all TLS configurations and related
157 protocols provide @url{https://en.wikipedia.org/wiki/Forward_secrecy,
158 forward secrecy} property -- all previously intercepted packets could be
159 read if private keys are compromised.
161 Friend-to-friend networks, darknets can mitigate risks related to fake
162 and forged nodes. However they are harder to support and require more
163 time to be done right.
165 NNCP's @ref{nncp-daemon, TCP daemon} uses
166 @url{http://noiseprotocol.org/, Noise-IK} protocol to mutually
167 authenticate peers and provide effective (both participants send payload
168 in the very first packet) secure transport with forward secrecy
172 % nncp-daemon -bind [::]:5400
174 will start TCP daemon listening on all interfaces for incoming
180 will try to connect to @emph{bob}'s node known TCP addresses (taken from
181 configuration file) and send all related outbound packets and retrieve
182 those the Bob has. All interrupted transfers will be automatically
186 @section Highly secure isolated air-gap computers
188 If you worry much about security, then air-gapped computer could be the
189 only choice you can afford. Computer without any modems, wired and
190 wireless networks. Obviously the only possibility to exchange mail and
191 files is to use physically removable storage devices like CD-ROM, hard
192 drive, tape and USB flash drives (worst choice, due to those devices
195 Presumably you have got another own hop before that computer: another
196 intermediate node which performs basic verification of retrieved storage
197 devices, possibly by rewriting the data from USB/hard drives to CD-RWs.
199 NNCP supports packets relying (transitioning) out-of-box.
206 lan: [fe80::5400%igb0]:5400
212 That @ref{Configuration, configuration file} tells that we have got two
213 known neighbours: @emph{bob} and @emph{bob-airgap}. @emph{bob} can be
214 reached via online connection using @emph{lan} address.
215 @emph{bob-airgap} can be reached by sending intermediate relay packet
216 through the @emph{bob}.
218 Any command like @command{nncp-file myfile bob-airgap:} will
219 automatically create an encapsulated packet: one for the destination
220 endpoint, and other carrying it for intermediate relaying node.
222 Pay attention that relaying node knows nothing about the packet inside,
223 but just its size and priority. Transition packets are encrypted too:
224 using well-known @url{https://en.wikipedia.org/wiki/Onion_routing, onion
225 routing} technology. @emph{bob} can not read @emph{bob-airgap}'s packets.
228 @section Network censorship bypassing, health
230 This is some kind of bad link too. Some governments tend to forbid
231 @strong{any} kind of private communication between people, allowing only
232 entertainment content delivering and popular social networks access
233 (that are already bloated with advertisements, locally executed
234 @url{https://www.gnu.org/philosophy/free-sw.html, proprietary}
235 JavaScript code (for spying on user activities, collect data on them),
236 shamelessly exploiting the very basic human need of communication).
238 This is their natural wish. But nobody forces you to obey huge
239 corporations like Apple, Google or Microsoft. It is your choice to
240 create an isolated friend-to-friend network with piles of harmless
241 content and private messaging. Only predators silently watch for their
242 victims in mammals world -- it harms your health being watched and
243 feeling that you are the victim that has already done something wrong.
246 @section Reconnaissance, spying, intelligence, covert agents
248 Those guys know how Internet is a dangerous place incompatible with
249 privacy. They require quick, fast dropping and picking of data. No
250 possibility of many round-trips -- just drop the data, fire-and-forget.
251 It could be either removable media again and/or
252 @url{https://en.wikipedia.org/wiki/USB_dead_drop, USB dead drops},
253 @url{https://en.wikipedia.org/wiki/PirateBox, PirateBox}es,
254 @url{https://en.wikipedia.org/wiki/Short-range_agent_communications, SRAC}.
255 Short lived short range networks like Bluetooth and WiFi can also
256 be pretty fast, allowing to quickly fire chunks of queued packets.
258 Very important property is that compromising of those dead drops and
259 storages must be neither fatal nor even dangerous. Packets sent through
260 the network and exchanged via those devices are end-to-end
261 @ref{Encrypted, encrypted} (but unfortunately lacking forward secrecy).
262 No filenames, mail recipients are seen.
264 All node communications are done with so-called @ref{Spool, spool} area:
265 directory containing only those unprocessed encrypted packets. After
266 packet transfer you still can not read any of them: you have to run
267 another stage: @ref{nncp-toss, tossing}, that involves your private
268 cryptographic keys. So even if your loose your computer, storage devices
269 and so on -- it is not so bad, because you are not carrying private keys
270 with it (don't you?), you do not "toss" those packets immediately on the
271 same device. Tossing (reading those encrypted packets and extracting
272 transferred files and mail messages) could and should be done on a
273 separate computer (@ref{nncp-mincfg} command could help creating
274 configuration file without private keys for that purpose).