>This is futile. Any well known forum will instantly have requests for >everything in the presence of an attacker.
people will know how to protect their boards with privkey/publkey. but even if an attacker has gathered a huge amount of announced files and now requests them one after another, the worst things that can happen are: - network flooding by inserting request indications and file download every node has the ability to flood the network. just use frost, let it update all boards and download some files, use fproxy to view some image galleries or insert your favourite collection of random numbers. all the attacker would archive is his node going overloaded, his network pipe full or helping routing of the other nodes. - overloading the content provider the FRUIT server software running at the provider can insert the data at any rate the provider machine ot the user allows, so the attack impact to the data source is adjustable. - filling datastores and forcing drop of valuable data this could also be archived more easily by inserting your RNG output. in fact, FRUIT helps to prevent unnecessary uploads; as long as not every file announced gets requested is helps preserving space. if every file is requested, it is just the same as inserting the files outright, so nothing is lost. - request of files which get uploaded and erode with time so others will have a harder time fishing for chunks later this one is of course somewhat nasty, as every data can (in the current approach) be only requested once. OTOH it can get not badder than inserting a file outright which will also get lost with time. but this attack it might speed up downloads which are started by normal users later, as all data chunks then have already been inserted, ready for retrieval without waiting for the provider to upload the file. or do you have a specific attack in mind i did not cover? have you read the other mail my me regarding this topic? _______________________________________________ Devl mailing list [EMAIL PROTECTED] http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/devl
