1.2 KiB
1.2 KiB
datadiode network driver
loose thoughts
- based on ethernet or lwl
- primarily to exchange data between virtualized hosts
- implements a driver which
- trust on unbound channel
- established a secure data transfer
- PSK as param, maximum receive size
- basically unicast , optionally simplex data + simplex status code(compile time)
- bpf based state machine firewall + logging
- inotify interrupt
- optional: steganographically resilient for timing attacks
- implements userland interface
- authenticate remote communication point
- transfer file, not files
- transfer text
- use well known security concepts
- ECC based asymmetric encryption + symmetric transfers
- maybe hardware token based signing
- technology combining of
- wireguard -> the light driver + encryption
- syncthing -> UI handling of sharing files
- warpinator -> idea of sharing files
- snapdrop/Airdrop
- age encryption
- benefits
- one piece of software for one specific job
- implementing a specific feature by design not by enforcing outer boundaries
- json based transfer format
- version
- type of content [0:text, 1:file]
- size of content [int64]
- encrypted content [2^48]