Switzerland Privacy Notes

From the Switzerland Version 0 README file:

In this release, a switzerland server publishes the IP addresses of all connected clients.

Your client is designed to only summarize traffic exchanged with other switzerland clients, and should not tell the server anything about communications with computers that are not switzerland clients.

Summary information uses cryptographic hashes of packets, so it's hard to reconstruct the contents of your packets from what you send to switzerland. However, when it detects forged packets, the switzerland server may ask your computer for full copies of packets sent around the time that the forgery was received. Therefore it is likely that running switzerland will result in portions of your unencrypted communications being logged at the server. By default, switzerland clients will use a server run by the EFF, but you have the option of running your own server and telling your clients to connect to that instead.

In this release, traffic between switzerland clients and the server is unencrypted, so it's possible for an eavesdropper near the server to see information about what kind of connections you have open with which other switzerland clients, and how frequently you're exchanging data (an evesdropper near you could probably see most of this information regardless of whether you were running Switzerland).

Later releases will reduce some of these privacy issues and add more options for fine-grained privacy control. For now though, treat any traffic travelling between switzerland clients as "public record" information.

Related Issues

Stay in Touch

NSA Spying

EFF is leading the fight against the NSA's illegal mass surveillance program. Learn more about what the program is, how it works, and what you can do.

Follow EFF

In a blow to universal access, the EU Court of Justice OKs locking open wireless networks behind a registration wall https://www.eff.org/deeplinks...

Sep 26 @ 4:40pm

Congress approved bonuses for federal staffers who properly declassify records. Problem is nobody's getting the cash https://www.eff.org/deeplinks...

Sep 26 @ 12:06pm

Join us in telling HP to make amends for its recent Officejet debacle. https://www.eff.org/deeplinks...

Sep 26 @ 10:30am
JavaScript license information