Frequently asked questions
Contents
- 1 Why isn't Demonsaw 4 open source?
- 2 If its not open source how can I trust it?
- 3 Why do some people have a check on their the public/default router?
- 4 Are verified users admins?
- 5 Do Demonsaw routers have admins?
- 6 If verified users aren't any different, why even have them?
- 7 Can verified users see my IP address?
- 8 Can router admins see my IP address?
- 9 How is Demonsaw anonymous if my IP is visible to the router?
- 10 Can another client see my IP address?
Why isn't Demonsaw 4 open source?
Short answer: Eijah didn't make it open source.. yet. Long answer: Demonsaw 1 through 3 are open sourced and available on github, Demonsaw 4 was opted not to be open source at this time.
If its not open source how can I trust it?
Trusting an application simply because its opensource may not be as safe as you think. Many encrypted communication services that open source, open source just the client applications. You don't get to see the server source code, or even run your own server. Supposing for a moment the client is completely secure, there's no telling what kind of meta-data is being collected by the vendor when you use that software. With Demonsaw you have complete control of the environment. You can run the router, and direct clients to the official download links. You can monitor your environment for suspicious activity or better, block connections to/from untrusted sources. With that level of control over all facets of the infrastructure, you can decide for yourself if you trust the software since you can monitor all of it.
This point can be argued indefinitely, its a matter of choice. If you only trust open source software, than Demonsaw 4 may not be a solution for you at this time. Please try out Demonsaw 3 and build your own router and client from source.
Why do some people have a check on their the public/default router?
The check mark just means verified. Verified users have a bit of crypto in their configuration files and the router validates them. This is similar to the technology used by the Groups in Demonsaw 4, but instead of another client validating it (by matching it and being in the same group), the router validates it and puts a check next to their name. On the public/default Demonsaw 4 router, verified users are people trusted by Eijah to support the community.
Are verified users admins?
Verified users are not admins. They cannot ban/kick/block/global mute or anything more than a normal user can do. They have no additional access to the routers and there are no additional features at all. There is no functional difference between a user and a verified user.
Do Demonsaw routers have admins?
Demonsaw routers don't have any admin functions, but there is an infrastructure administrator for the Demonsaw public network. The public router is slightly different than the router that you can run on your own. Due to excessive trolling in previous Demonsaw versions there spawned a need for the public router to associate sessions to client names and IP addresses to facilitate in banning abusive users. Demonsaw is a free product, and the public routers cost Eijah money to operate. This free service has one hidden cost, and that is if you are in the public lobby on the public router, the infrastructure admin can see your IP address associated to your client name and IP address. If you are abusive, or otherwise disturbing the community, you will be banned. Users in private groups on the public router are not exposed in this manner. The public lobby on the public router is designed as a free service to help welcome you to Demonsaw as its primary function. Its use is a privilege, not a right. Demonsaw provides you a router binary and clients to create your own network. Running your own network, or at least being in a group on the public router is where you see Demonsaw flourish in anonymity and privacy.
If verified users aren't any different, why even have them?
Verification allows for a reasonable assurance that the user you are communicating with is the same person from session to session. On the public/default router, the verified users are people that participated in the Demonsaw 4 Alpha/Beta program. They have shown consistent contribution to the community and are trusted by Eijah to support and help the community prosper.
Can verified users see my IP address?
No, your IP address is only visible at the router level. Verified users do not have access to the router.
Can router admins see my IP address?
Yes, because of the way the internet works, client connecting to Demonsaw (any version) routers, will expose their IP address.
How is Demonsaw anonymous if my IP is visible to the router?
The router can only see a connected IP address. Routers don't readily associate a client session hash to an IP at a human-readable level, so associating routers to people is not a trivial exercise. Even if this were done, the routers are ignorant to the data they forward as communications are end-to-end encrypted.
Can another client see my IP address?
No, all communications are client-server. You never make a direct connection to the client. When you join a Demonsaw router, the router creates a human-obfuscated session hash for that client. This is only retained in memory and not logged. This session hash also has a group entropy hash linked to it. If you set up a group entropy, its based on that, otherwise the default is used. When a message is sent from a client, the router gets that message and sends it -- encrypted at the client level by the local entropy -- to the other client sessions matching the entropy hash. The router cannot decrypt these messages, and since a client's only communication is with the router, no client is ever exposed to your IP address.