AllNet Project Privacy Policy

Own your network
Own your chat
Own your social network

AllNet Privacy

One major goal of the AllNet project is, by design, to provide users with privacy in their chat communications. All interpersonal (non-broadcast) communications are encrypted using a key generated on the device itself. The secret part of the key is never shared or transmitted in the clear by AllNet.

By design, the content of all communications is hidden from all but the sender and intended receiver(s). The only information available to other devices is fact that transmission is taking place, and addresses (and more generally, envelope information) carried with the message.

Known and Potential Weaknesses

The sender of a message is informed when that message has been acknowledged by the receiver's device. This can allow senders to guess when their contacts' devices are on and reachable.

All key material and all chat records are stored unencrypted on the device (they are in your home folder's .allnet folder). Depending on the security provided by your device, they may be available in backups or to anyone who gains access to your device.

Devices respond to trace messages with a randomly-selected ID. A new trace ID is selected every time allnet is started or re-started. This mechanism allows for short-term tracking of devices, which is useful for checking connectivity, for debugging, and for gathering statistics.

If there are errors (bugs) in the design or implementation of this software, the AllNet security goals may not be accomplished. If this happens, others may have access to your confidential information, including the contents of chat messages and they keys used to generate and read encrypted chat messages.

Encryption

Encryption is morally neutral, in that it can be put to good use by both moral and immoral people. Each user of AllNet is responsible for the use to which they put the software. The developers strongly prefer that AllNet only be used in ways that do not harm people .

Website Privacy

All accesses to this website are logged, recording the URL and the IP address of each request. Other than URL and IP address, this site does not use cookies or any other method of tracking visitors.