This is the bit where I like the Gnutella system a little better.
The problem with centralization, even when a couple of seed nodes are doing
the job, is that you can easily block this by IP number. So keeping freenet
out of China is very feasible.
The way Gnutella works is that you find an web-site containing the seed node
information. You download this and use it. Advantage is a very decentralized
distribution method - practically unstoppable because anyone can put up a
list with this information. How would you find such a list? Well, simply by
using Google. If China wanted to block this at their borders, they would
need to block everything outside their borders, and even then there is a
great chance a Chinese guy would be able to find such a list.
So if we can find a list of seed nodes, using a search engine, what are Mr
Evil's chances? My guess is that if somebody would come on a site of mr
Evil, he'd just have bad luck, but there are many more alternative lists, so
if one fails, he'd could try another.
Frank
----- Original Message -----
From: "Ian Clarke" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, July 02, 2001 9:30 AM
Subject: [freenet-devl] What replaces inform.php in 0.4 (if anything)?
>So an interesting debate arose between myself and Oskar today on IRC
>regarding how nodes find out about each-other in 0.4.
>
>As you know, we will have a nifty new announcement protocol which will
>reduce the reliance on inform.php and should improve the overall health
>of the network, but you still need to bootstrap your node by giving it
>the address of at least one other node in the network. The question is:
>how does your node get such an address?
>
>The simplest solution would be to keep using the current inform.php
>script, a node connects to it on startup, and gets a list of other node
>addresses. The problem here is that it would be trivial to fill up
>inform.php with references to nodes controlled by Mr Evil. Any user
>which connected to this script would unwittingly join a network of nodes
>controlled by Mr Evil who would then be able to do evil things (as Mr
>Evil is known to do).
>
>A more sophisticated solution would be to have one or more central
>"trusted" nodes, which can be used to send announcement messages to,
>which will be forwarded on into the rest of the network. One attack on
>this would be for Mr Evil to flood these nodes with announcement
>messages thus ensuring that all references in their datastore point to
>evil nodes, thus suffering from the same problem as described in the
>previous paragraph. To avoid this, the trusted node could just forward
>on announcement messages without making changes to its own datastore.
>
>The problem is that it might be possible to compromise even this
>arrangement (oskar made some vague suggestions although I am not yet
>convinced that it would be particularly easy, or couldn't be countered
>with one or two additional modifications). I am sure he will correct me
>if there is any inaccuracy, however Oskar's view was that each user
>should be responsible for securely finding out the address of another
>node in the network, without relying on any public list of trusted
>nodes.
>
>The problem here is obvious, the vast majority of Freenet users will not
>have the ability to do this (hell, I would have trouble finding such a
>node address without asking this mailing list, and if everyone needed to
>do that we would have 10,000 emails a day just requesting node
>addresses!). The most likely (and scariest) scenario is that someone
>(perhaps Mr Evil in disguise) would provide a widely known node which
>the vast majority of people would use out of convenience with
>disasterous consequences. Sure, we could sit in our ivory tower and
>tut-tut about idiot newbies, but that really doesn't help Freenet's
>users.
>
>So what is the solution? I propose that each distribution site for
>Freenet also provides one or more seed nodes (since the place where you
>downloaded Freenet already knows your IP address this doesn't really
>have a big impact on privacy). These seed nodes should have
>configuration options (such as just forwarding announcement messages
>with no datastore modification) which would make it much more difficult
>for a malicious node to hijack them. Paranoid users are encouraged to
>find a node address through secure out-of-band means.
>
>Oierw apparently has another suggested solution which I have asked him
>to post to this list, keep an eye out for it.
>
>Thoughts?
>Ian.
_______________________________________________
Devl mailing list
[EMAIL PROTECTED]
http://lists.freenetproject.org/mailman/listinfo/devl
