4 See also this page @ref{Сценарии, on russian}.
7 * Occasional connection to mail server: UsecaseMail.
8 * Lightweight fast POP3/IMAP4 replacement: UsecasePOP.
9 * Unreliable/expensive communication link: UsecaseUnreliable.
10 * Slow/expensive link for high-volume data, bad QoS: UsecaseQoS.
11 * Extreme terrestrial environments, no link: UsecaseNoLink.
12 * Private, isolated MitM/Sybil-resistant networks: UsecaseF2F.
13 * Highly secure isolated air-gap computers: UsecaseAirgap.
14 * Network censorship bypassing, health: UsecaseCensor.
15 * Reconnaissance, spying, intelligence, covert agents: UsecaseSpy.
19 @section Occasional connection to mail server
21 Assume that you have got your own @url{http://www.postfix.org/, Postfix}
22 SMTP server connected to the Internet. But you read and write emails on
23 your notebook, that is connected to it just from time to time. How can
24 you flush buffered mail queues when your notebook is connected?
26 One possibility is to log in and run something like @command{postqueue
27 -f}, but by default you have got only several days so and sender will
28 receive notification emails that his messages still are not delivered
29 yet. Also you must have secure link (SSH, VPN, etc).
31 Another possibility is to use POP3/IMAP4 servers, but this is too
32 overcomplicated and bloated for the simple task. Not an option.
33 @url{https://en.wikipedia.org/wiki/KISS_principle, KISS}!
35 Just tell both of your Postfixes (on the server and notebook) to drop
36 email as a mail via NNCP (@ref{nncp-mail}) to specified node. This is
37 done similarly as with UUCP and as written in
38 @url{http://www.postfix.org/UUCP_README.html, Postfix documentation}.
40 Look @ref{Postfix, here} for further information. All mail will be
41 stored in NNCP @ref{Spool, spool}, that after exchanging and tossing
42 will call local @command{sendmail} command to deliver them just like
43 that happened on the same machine.
46 @section Lightweight fast POP3/IMAP4 replacement
48 @ref{nncp-daemon} can be connected with @ref{nncp-caller} for a long
49 time -- it can create TCP connection that lasts for many hours. When
50 SMTP server receives mail, it will call @ref{nncp-mail} creating an
51 outbound encrypted packet. Daemon checks outbound directory each second
52 and immediately sends notification about undelivered packets to remote
53 side, that also downloads it at once.
55 There are only dozens of bytes notifying about incoming packets, dozens
56 of bytes telling to download those packets. Mail packets are compressed
57 (POP3 and IMAP4 as a rule do not). You have lightweight, compressed,
58 low-delay, reliable link for the mail with strong encryption and mutual
61 @node UsecaseUnreliable
62 @section Unreliable/expensive communication link
64 Assume that you have got slow modem/radio/cellular link that frequently
65 disconnects and causes TCP timeouts. Not all HTTP servers support file
66 download continuation. SMTP does not support resuming at all and heavy
67 messages is problematic to retrieve. Moreover, each disconnect leads to
68 the same data retransmission again, that can not be afforded sometimes.
70 Just send your @ref{nncp-mail, mail} and @ref{nncp-file, files} through
71 NNCP. You can use either offline delivery methods -- read about them in
72 the next section, or you can use included NNCP @ref{nncp-daemon, TCP
78 % nncp-file file_i_want_to_send bob:
79 % nncp-file another_file bob:movie.avi
82 will queue two files for sending to @emph{bob} node. Fire and forget!
83 Now this is daemon's job (or offline transfer) to send this files part
84 by part to remote system when it is available.
87 @section Slow/expensive link for high-volume data, bad QoS
89 Assume that you can give your relatively cheap 2 TiB removable hard
90 drive to someone each day at the morning (and take it back at the
91 evening). This equals to 185 Mbps good quality (without any speed
92 degradation) link in single direction. What about more and bigger hard
93 drives? This type of data exchange is called
94 @url{https://en.wikipedia.org/wiki/Sneakernet, sneakernet}/floppynet.
96 NNCP allows traffic @ref{Niceness, prioritizing}: each packet has
97 niceness level, that will guarantee that it will be processed earlier or
98 later than the other ones. Nearly all commands has corresponding option:
101 % nncp-file -nice 32 myfile node:dst
102 % nncp-xfer -nice 192 /mnt/shared
103 % nncp-call -nice 224 bob
107 Huge files could be split on smaller @ref{Chunked, chunks}, giving
108 possibility to transfer virtually any volumes using small capacity
112 @section Extreme terrestrial environments, no link
114 This is some kind of too slow link. Offline delivery methods is the only
115 choice. Just send files as shown in previous section, but use removable
116 media for transferring packets to other nodes.
118 Assume that you send two files to @emph{bob} node. Insert USB storage
119 device (SD is preferable!), mount it and run @ref{nncp-xfer}:
122 % nncp-xfer -node bob /media/usbstick
125 to copy all outbound packets related to @emph{bob}. Use @option{-mkdir}
126 option to create related directory on USB/SD storage if they are missing
127 (for example when running for the first time).
129 If you use single storage device to transfer data both to @emph{bob} and
130 @emph{alice}, then just omit @option{-node} option to copy all available
134 % nncp-xfer /media/usbstick
137 Unmount it and transfer storage to Bob and Alice. When they will insert
138 it in their computers, they will use exactly the same command:
141 % nncp-xfer /media/usbstick
144 to find all packets related to their node and copy them locally for
145 further processing. @command{nncp-xfer} is the only command used with
149 @section Private, isolated MitM/Sybil-resistant networks
151 All Internet connections can be eavesdropped and forged. You
152 @strong{have to} to use encryption and authentication for securing them.
153 But it is very hard to secure metadata, that leaks during each online
154 session. When you start your shiny new software server be sure that
155 there could be huge quantity of bogus peers trying to perform
156 @url{https://en.wikipedia.org/wiki/Sybil_attack, Sybil attack}. Opennet
157 peer-to-peer networking is dangerous thing to do.
159 The most popular cryptographic protocol in Internet is
160 @url{https://en.wikipedia.org/wiki/Transport_Layer_Security, TLS} that
161 is very hard to implement correctly and hard to configure for mutual
162 participants authentication. Not all TLS configurations and related
163 protocols provide @url{https://en.wikipedia.org/wiki/Forward_secrecy,
164 forward secrecy} property -- all previously intercepted packets could be
165 read if private keys are compromised.
167 Friend-to-friend networks, darknets can mitigate risks related to fake
168 and forged nodes. However they are harder to support and require more
169 time to be done right.
171 NNCP's @ref{nncp-daemon, TCP daemon} uses
172 @url{http://noiseprotocol.org/, Noise-IK} protocol to mutually
173 authenticate peers and provide effective (both participants send payload
174 in the very first packet) secure transport with forward secrecy
178 % nncp-daemon -bind [::]:5400
180 will start TCP daemon listening on all interfaces for incoming
186 will try to connect to @emph{bob}'s node known TCP addresses (taken from
187 configuration file) and send all related outbound packets and retrieve
188 those the Bob has. All interrupted transfers will be automatically
192 @section Highly secure isolated air-gap computers
194 If you worry much about security, then air-gapped computer could be the
195 only choice you can afford. Computer without any modems, wired and
196 wireless networks. Obviously the only possibility to exchange mail and
197 files is to use physically removable storage devices like CD-ROM, hard
198 drive, SD, tape and USB flash drives (@strong{worst} choice, due to
199 those devices complexity).
201 Presumably you have got another own hop before that computer: another
202 intermediate node which performs basic verification of retrieved storage
203 devices, possibly by rewriting the data from USB/hard drives to CD-RWs.
205 NNCP supports packets relying (transitioning) out-of-box.
212 lan: [fe80::5400%igb0]:5400
218 That @ref{Configuration, configuration file} tells that we have got two
219 known neighbours: @emph{bob} and @emph{bob-airgap}. @emph{bob} can be
220 reached via online connection using @emph{lan} address.
221 @emph{bob-airgap} can be reached by sending intermediate relay packet
222 through the @emph{bob}.
224 Any command like @command{nncp-file myfile bob-airgap:} will
225 automatically create an encapsulated packet: one for the destination
226 endpoint, and other carrying it for intermediate relaying node.
228 Pay attention that relaying node knows nothing about the packet inside,
229 but just its size and priority. Transition packets are encrypted too:
230 using well-known @url{https://en.wikipedia.org/wiki/Onion_routing, onion
231 routing} technology. @emph{bob} can not read @emph{bob-airgap}'s packets.
234 @section Network censorship bypassing, health
236 This is some kind of bad link too. Some governments tend to forbid
237 @strong{any} kind of private communication between people, allowing only
238 entertainment content delivering and popular social networks access
239 (that are already bloated with advertisements, locally executed
240 @url{https://www.gnu.org/philosophy/free-sw.html, proprietary}
241 JavaScript code (for spying on user activities, collect data on them),
242 shamelessly exploiting the very basic human need of communication).
244 This is their natural wish. But nobody forces you to obey huge
245 corporations like Apple, Google or Microsoft. It is your choice to
246 create an isolated friend-to-friend network with piles of harmless
247 content and private messaging. Only predators silently watch for their
248 victims in mammals world -- it harms your health being watched and
249 feeling that you are the victim that has already done something wrong.
252 @section Reconnaissance, spying, intelligence, covert agents
254 Those guys know how Internet is a dangerous place incompatible with
255 privacy. They require quick, fast dropping and picking of data. No
256 possibility of many round-trips -- just drop the data, fire-and-forget.
257 It could be either removable media again and/or
258 @url{https://en.wikipedia.org/wiki/USB_dead_drop, USB dead drops},
259 @url{https://en.wikipedia.org/wiki/PirateBox, PirateBox}es,
260 @url{https://en.wikipedia.org/wiki/Short-range_agent_communications, SRAC}.
261 Short lived short range networks like Bluetooth and WiFi can also
262 be pretty fast, allowing to quickly fire chunks of queued packets.
264 Very important property is that compromising of those dead drops and
265 storages must be neither fatal nor even dangerous. Packets sent through
266 the network and exchanged via those devices are end-to-end
267 @ref{Encrypted, encrypted} (but unfortunately lacking forward secrecy).
268 No filenames, mail recipients are seen.
270 All node communications are done with so-called @ref{Spool, spool} area:
271 directory containing only those unprocessed encrypted packets. After
272 packet transfer you still can not read any of them: you have to run
273 another stage: @ref{nncp-toss, tossing}, that involves your private
274 cryptographic keys. So even if your loose your computer, storage devices
275 and so on -- it is not so bad, because you are not carrying private keys
276 with it (don't you?), you do not "toss" those packets immediately on the
277 same device. Tossing (reading those encrypted packets and extracting
278 transferred files and mail messages) could and should be done on a
279 separate computer (@ref{nncp-cfgmin} command could help creating
280 configuration file without private keys for that purpose).