On Sunday 09 November 2003 07:35 pm, Martin Stone Davis wrote: > Tom Kaitchuck wrote: > > On Sunday 09 November 2003 02:36 pm, Martin Stone Davis wrote: > >>Tom Kaitchuck wrote: > >>>>So, can negative trust work? > >>> > >>>Why even bother? Think about it like this. Suppose each node is limited > >>>to a certain number of connections or a certain amount of bandwidth or a > >>>certain number of queries by each node they connect to. There is ZERO > >>>incentive try to modify freenet to make multiple identities to get > >>> around this. WHY? Because those nodes that you are connecting to, are > >>> still limited in those same resources, so to a limited extent your > >>> different identities are compeating with each other. It would be better > >>> form a greedy clients perspective to simply connect to more nodes! It > >>> is VERY EASY to connect to more nodes, and as far as the network is > >>> concerned, that is legitimate. So what are we trying to thwart here? A > >>> REALLY crappy denial of service attack? > >> > >>We're talking about (not) modifying freenet in such a way that a "REALLY > >>crappy denial of service attack" would actually work. Yes, at the > >>moment, we are safe because we're not about to implement my crappy > >>"appointment" scheme which *relied* on negative trust. Negative trust > >>doesn't work when identity is free. > >> > >>And as it turns out, identity really *is* free (see the talk about > >>DHCP), so any negative-trust-dependant system will fail. > > > > What about this is so fscking hard to understand? > > You tell me.
> > Node A wants to request 1000 keys. Translation into retarded analogy: Patient A wants a 1000 appointments. > > Option A (or "the problem"): > > Node A connects to 10 nodes with 10 identities which each request 10 Translation into retarded analogy: Patient A contacts 10 doctors with 10 aliases and requests 10 appointments with each. > > keys. Result: node A has retrieved all 1000 keys at the expense of others > > trying to use those 10 nodes. Translation into retarded analogy: Patient A gets 1000 appointments and backs up the the schedule of those 10 doctors. > > Option B (on "Normal Behavior") > > Node A connects to 100 nodes with 1 identity and requests 10 keys form > > each of them. Translation into retarded analogy: Patient A contacts 100 doctors and requests 10 appointments with each. > > Result: node A gets all 1000 keys. No single node is DOSed and the > > network is fine. Translation into retarded analogy: Patient A gets 1000 appointments doesn't back up the the schedules. > > Why on earth would someone go out of their way to do A when B is both > > easier and faster. It's not even an issue of being selfish. It is obvious > > that the rest of the network does not care what you are doing, so A > > increases the load on those 10 nodes, so node A gets it's data SLOWER > > than it would have if it just did option B. > > > > So there is no incentive for anyone to do this. This is not an attack. If > > they wanted to DOS one node, they could much easier do it out of band, > > and if they wanted to attack the whole network, they aren't succeeding. > > So, who cares? > > You've completely missed the point... how does that relate to my > Doctor/Patient appointment scheme? OF COURSE, creating all those nodes > would neither be beneficial to the person doing it, nor harmful to the > network AS WE KNOW IT TODAY. > > The point of creating all those nodes would be to break a system that > depends on negative trust, SUCH AS THE (crappy) ONE I WAS PROPOSING. > The scheme to break the negative trust system would be like one customer > being able to use those coupons that say "one per customer" by just > re-entering the store again with a different disguise on. Don't get me wrong, I still think your proposal is a horrible idea. It's just that regardless of how we do this we don't need to worry about anyone creating multiple identifies to get more requests through. (it's easier to goto another store than to make a good disguise) > Go back and read my "Doctor/Patient appointment" scheme to see how the > negative trust system was supposed to work there. If you still think > I'm wrong, you should show how a "greedy" patient could not take > advantage of the doctor in my system of enforced appointments. _______________________________________________ Devl mailing list [EMAIL PROTECTED] http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/devl
