$Id: WARNING,v 1.6 2003/05/02 07:18:47 blackh Exp $

------------------------------------------------------------------------------
Stephen Blackheath  27 March 2003             http://www.grapevineproject.org/


The README document contains some VERY GOOD REASONS to use this software.
But here we must give you some reasons not to...


TECHNICAL RISKS

The Grapevine's architecture is such that it downloads its "firmware" from the
web, and if it passes a signature test, it runs it in a sandboxed environment.
This allows us to use the real network as a development platform, but it does
entail some risk to you.

Please be aware of the following risks:

  * Our keys could potentially be stolen, and malicious code could cause your
    machine to generate malicious network traffic for which you might be
    blamed.

  * The sandboxing means that the code cannot read or write any information to
    your disk, apart from a single file called 'grapevine.dbm'.  Malicious
    code could, however, fill this file up with junk and give you a full disk.

  * While we have been careful in implementing this code, the sandboxing could
    potentially have faults.  This means that there exists a remote possibility
    that malicious Grapevine firmware could introduce a virus onto your system.

  * The Grapevine is a peer-to-peer network.  This means that the nodes on the
    network collectively contain enough information to reach all computers
    that are part of the network.  This in itself is a risk, because this
    information could be used by an Internet worm in a similar way to the way
    in which email viruses use the victim's email address book.  Such a worm
    cannot exist unless there is an exploitable security hole in your system.
    Unless you are on a security mailing list and patch your system when
    necessary, you are at risk.

If you are helping us test, then please check our website regularly for
announcements, and consider joining one of our mailing lists.


LEGAL RISKS

Disclaimer:  I Am Not A Lawyer

The Grapevine protects you from accusations of information crimes by
encrypting the data it stores on your disk.  The software cannot prevent
someone proving that a certain part of a certain file was sent from, or was
stored on your machine (though it does make it as difficult as possible).
However, you can truthfully and plausibly argue that you did not know it was
there.  This principle is called "plausible deniability", and it may or may
not protect you legally.

In many countries, you are legally required to hand all your encryption keys
to the authorities on demand.  The Grapevine does not make these keys
available to you, so it becomes impossible for you to comply.  In many
countries (the United Kingdom included) this is no defence, and you can be
prosecuted.

** THE USE OF THIS SOFTWARE MAY BE ILLEGAL IN YOUR COUNTRY.  YOU HAVE BEEN
WARNED. **  


We sincerely hope that we have proven our honesty rather than put you off, and
that you will give us the help we need to make this project a success.

Please type "yes" if you have understood these risks and you want to install
the Grapevine Project software.

