hydrus/help/privacy.html

61 lines
4.2 KiB
HTML
Executable File

<html>
<head>
<title>privacy</title>
<link href="hydrus.ico" rel="shortcut icon" />
<link href="style.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div class="content">
<h3>privacy</h3>
<p>Repositories do not ever know what you are searching for. The client synchronises (copies) the repository's entire file or mapping list to its internal database, and does its own searches over those internal caches, all on your hard drive. <span class="warning">It <i>never</i> sends search queries outside your own computer, nor does it log what you do look for</span>. Your searches are your business, and no-one else's.</p>
<p>Repositories know nothing more about your client than they can infer, and the software usually commands them to forget as much as possible as soon as possible. Specifically:</p>
<table cellpadding="5" cellspacing="2" border="1">
<tr>
<td />
<th colspan="2">tag repository</th>
<th colspan="2">file repository</th>
</tr>
<tr>
<td />
<th>upload mappings</th>
<th>download mappings</th>
<th>upload file</th>
<th>download file</th>
</tr>
<tr>
<th>Account is linked to action</th>
<td>Yes</td>
<td>No</td>
<td>Yes</td>
<td>No</td>
</tr>
<tr>
<th>IP address is remembered</th>
<td>No</td>
<td>No</td>
<td class="warning">Maybe</td>
<td>No</td>
</tr>
</table>
<p>i.e:</p>
<p>
<ul>
<li>If you download anything from any repository, your accessing it will not be recorded. A running total of your approximate bandwidth and number of queries made for the current month <i>is</i> kept so the respective administrator can combat leechers.</li>
<li>If you upload a mapping to a tag repository, your anonymous account is linked so the administrator can quickly revoke all of any rule-breaker's awful contributions. Your IP address is forgotten.</li>
<li>If you upload a file to a file repository, your anonymous account is linked so the administrator can quickly revoke all of any rule-breaker's awful contributions. Your IP <span class="warning">may</span> be recorded, depending on whether the repository's administrator has decided to enable ip upload-logging or not. This is a DMCA/child pornography issue.</li>
</ul>
</p>
<p>Furthermore:</p>
<p>
<ul>
<li>Administrators for a particular repository can see which accounts uploaded what. If IP addresses are available, they can discover which IP uploaded a particular file, and when.</li>
<li>Repositories do not talk to each other.</li>
<li>All accounts are anonymous. Repositories do not <i>know</i> any of their accounts' access keys, and cannot produce them on demand; they can determine whether a particular access key refers to a particular account, but the access keys themselves are all irreversibly hashed inside the repository database.</li>
</ul>
</p>
<p>There are of course some clever exceptions. If you tag a file three years before it surfaces on the internet, someone with enough knowledge will be able to infer it was most likely you who created it. If you set up a file repository for just a friend and yourself, it becomes trivial by elimination to guess who uploaded the NarutoXSonichu shota diaper fanon. If you sign up for a file repository that hosts only evil stuff and rack up a huge bandwidth record for the current month, anyone who knows that and also knows the account is yours alone will know you were up to no good.</p>
<p>Note also that the file repository code is freely available and entirely mutable. If someone wants to put the time in, they can create a file repository that looks from the outside like any other but nonetheless logs the IP and nature of every request. Just make sure you trust the person running the repository. (And make sure they suck at programming python!)</p>
<p><a href="http://en.wikipedia.org/wiki/AOL_search_data_leak">Even anonymised records can reveal personally identifying information.</a> Don't trust anyone who plans to release maps of accounts -> files or accounts -> mappings, even for some benevolent academic purpose.</p>
</div>
</body>
</html>