Story: once upon a time, I said to someone "Look, if you come up with a way for me to cache the containers locally without fucking up plausable deniability, I'll implent it". Anyhow, so he came up with an idea, which I spend the past few hours partially implenting, and figured that should be spoken about sometime before I send in a patch.
We all know the anonymity risks of local caching, so I will only mention them
again briefly here - if you can say, when you raid someone's house, that the
user requested a bit of data, that's one of the worse things that could ever
happen to freenet.
Hence, this feature should always be off by default.
Anyhow, to the implenetation. Basically, you have a local cache, obviously.
This entire file is encrypted with a key only held in memory, and is padded
with random data. Within this file, you store each piece of data, padded to
maxKeySize with random data, and each piece individually encrypted with
another key (one key per record, new key generated for each new piece of
data cached), again only stored in memory.
Obviously, storing in ram would be better, but you know, java memory limits :).
Data can leave the cache in one of two ways, either through LRU once the cache
is full, or by the last access being longer ago than localStoreTimeout (default
is zero, which means never store data - see above comment about 'off by default').
It does seem to significantly improve my browsing experience, as it were, but
do you guys see this as a useful thing? Is it even possible for it to be
impletned in a way we would consider "secure enough"?
-- jj
(side note: the implentation on my disk right now actually has a
'localStoreParanoia' setting, which you can set to 0, 1, or 2 - 0 does
no crypto, for testing, 1 stores each record in a random padded file in
store/temp, and 2 implents the above).
(side note #2: so i just spent about 48 hours offline again, which seems to
always happen when i implement network related code - first major outage
started the day i implented streamservlet, another two week outage when I
started writing a gnutella node, a major (a few weeks) outage
happened the day i sent the final containers patch, and so it is we
get to this week. I think there is a higher power trying to send me a
message about writing network related code :-p)
--
I'm sick and fucking tired of not getting people drunk.
-- blixco, http://www.kuro5hin.org/story/2003/8/20/105121/869
pgp00000.pgp
Description: PGP signature
_______________________________________________ Devl mailing list [EMAIL PROTECTED] http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/devl
