2 @section Reconnaissance, spying, intelligence, covert agents
4 Those guys know how Internet is a dangerous place incompatible with
5 privacy. They require quick, fast dropping and picking of data. No
6 possibility of many round-trips -- just drop the data, fire-and-forget.
7 It could be either removable media again and/or
8 @url{https://en.wikipedia.org/wiki/USB_dead_drop, USB dead drops},
9 @url{https://en.wikipedia.org/wiki/PirateBox, PirateBox}es,
10 @url{https://en.wikipedia.org/wiki/Short-range_agent_communications, SRAC}.
11 Short lived short range networks like Bluetooth and WiFi can also
12 be pretty fast, allowing to quickly fire chunks of queued packets.
14 Very important property is that compromising of those dead drops and
15 storages must be neither fatal nor even dangerous. Packets sent through
16 the network and exchanged via those devices are end-to-end
17 @ref{Encrypted, encrypted} (but unfortunately lacking forward secrecy).
18 No filenames, mail recipients are seen.
20 All node communications are done with so-called @ref{Spool, spool} area:
21 directory containing only those unprocessed encrypted packets. After
22 packet transfer you still can not read any of them: you have to run
23 another stage: @ref{nncp-toss, tossing}, that involves your private
24 cryptographic keys. So even if your loose your computer, storage devices
25 and so on -- it is not so bad, because you are not carrying private keys
26 with it (don't you?), you do not "toss" those packets immediately on the
27 same device. Tossing (reading those encrypted packets and extracting
28 transferred files and mail messages) could and should be done on a
29 separate computer (@ref{nncp-cfgmin} command could help creating
30 configuration file without private keys for that purpose).
32 If you really want to carry your private keys, then @ref{nncp-cfgenc}
33 command will be able to encrypt your configuration file. Passphrase you
34 enter is strengthened with both CPU and memory hard function.