On Mon, Apr 23, 2001 at 11:29:41PM -0000, David Childers wrote:
>
> >Yes, but weakening the system for people who don't care at the expense of
> >those that do is never an option.
>
> The means of security is * not * knowing where the data is stored, in
> addition to the requester of the information being masked.
>
> If you analyze traffic flow through enough nodes at various points,
> you have a reasonably good map of the network. ( Port scanners and
> sniffers are a dime a dozen for any operating system. )
Maybe. With 0.4, we can do "silent bob" steganography, which makes portscanning
impossible, and with the basic code, you can't connect to a host you found in
a scan without the key, although you can get a pretty good idea that it's a node
because of the need to minimize latency. Sniffers require actual access to the
network; the software alone won't buy you much, you have to either be Them, or
compromize several ISPs somehow. Granted, traffic analysis can probably identify
freenet nodes, but you need quite sophisticated, custom written code, and actual
access to the network at least for passive wiretaps. I'm sure repressive
governments will do it though (it remains to be seen how many of these states
claim to be democracies respecting freedom of speech :).
>
> * IF * input or retrival of information through freenet is a security hazard
> - then what is the purpose of freenet again ?
What were you proposing again? Freenet's purpose is to provide anonymity for
producers and consumers of information (not necessarily for node runners).
--
Anarchists who refuse to learn the use of computer networks deserve to
live in slavery
-- with apologies to Leon Trotsky
_______________________________________________
Devl mailing list
[EMAIL PROTECTED]
http://lists.freenetproject.org/mailman/listinfo/devl
