Switzerland Privacy Notes

From the Switzerland Version 0 README file:

In this release, a switzerland server publishes the IP addresses of all connected clients.

Your client is designed to only summarize traffic exchanged with other switzerland clients, and should not tell the server anything about communications with computers that are not switzerland clients.

Summary information uses cryptographic hashes of packets, so it's hard to reconstruct the contents of your packets from what you send to switzerland. However, when it detects forged packets, the switzerland server may ask your computer for full copies of packets sent around the time that the forgery was received. Therefore it is likely that running switzerland will result in portions of your unencrypted communications being logged at the server. By default, switzerland clients will use a server run by the EFF, but you have the option of running your own server and telling your clients to connect to that instead.

In this release, traffic between switzerland clients and the server is unencrypted, so it's possible for an eavesdropper near the server to see information about what kind of connections you have open with which other switzerland clients, and how frequently you're exchanging data (an evesdropper near you could probably see most of this information regardless of whether you were running Switzerland).

Later releases will reduce some of these privacy issues and add more options for fine-grained privacy control. For now though, treat any traffic travelling between switzerland clients as "public record" information.

Related Issues

Stay in Touch

NSA Spying

EFF is leading the fight against the NSA's illegal mass surveillance program. Learn more about what the program is, how it works, and what you can do.

Follow EFF

Exciting to spot @HTTPSEverywhere on Mr. Robot last night. We promise we won't let the fame go to our heads.

Aug 25 @ 5:21pm

If you have an iPhone, it's important that you upgrade iOS today. https://blog.lookout.com/blog...

Aug 25 @ 3:53pm

Microsoft made some mistakes with the Windows 10 rollout, but we don't think it's too late to correct them
https://eff.org/deeplinks/201...

Aug 25 @ 2:47pm
JavaScript license information