Switzerland Privacy Notes

From the Switzerland Version 0 README file:

In this release, a switzerland server publishes the IP addresses of all connected clients.

Your client is designed to only summarize traffic exchanged with other switzerland clients, and should not tell the server anything about communications with computers that are not switzerland clients.

Summary information uses cryptographic hashes of packets, so it's hard to reconstruct the contents of your packets from what you send to switzerland. However, when it detects forged packets, the switzerland server may ask your computer for full copies of packets sent around the time that the forgery was received. Therefore it is likely that running switzerland will result in portions of your unencrypted communications being logged at the server. By default, switzerland clients will use a server run by the EFF, but you have the option of running your own server and telling your clients to connect to that instead.

In this release, traffic between switzerland clients and the server is unencrypted, so it's possible for an eavesdropper near the server to see information about what kind of connections you have open with which other switzerland clients, and how frequently you're exchanging data (an evesdropper near you could probably see most of this information regardless of whether you were running Switzerland).

Later releases will reduce some of these privacy issues and add more options for fine-grained privacy control. For now though, treat any traffic travelling between switzerland clients as "public record" information.

Related Issues

Stay in Touch

NSA Spying

EFF is leading the fight against the NSA's illegal mass surveillance program. Learn more about what the program is, how it works, and what you can do.

Follow EFF

Hundreds attend EFA launch events in 9 cities across the U.S. this month: https://www.eff.org/deeplinks...

Apr 30 @ 7:12pm

Voicemail-to-text services have been around since at least 2001. Why was a patent for them issued in 2006? https://www.eff.org/deeplinks...

Apr 30 @ 9:12am

Learn about Rule 41, the scary new route the government could use to hack your computer: https://www.eff.org/deeplinks...

Apr 30 @ 8:48am
JavaScript license information