2009/3/26 Matthew Toseland <[email protected]>: > However, some sort of spam resistant filesharing/searching system is > definitely necessary to Freenet, and the sooner the better. Thaw's current > model is probably over-reliant on relatively small numbers of dedicated index > owners, and on the users manually subscribing to indexes. Frost's model is > clearly broken, and the current de facto standard of asking for stuff on the > chat forums and getting a key back is just way too slow and inconvenient.
Maybe providing a flexible way to describe the files with "rich" metadata (i.e., tags). This extension could act as a decision support mechanism to suggest which files the user should download. What do you think about this? Regards, Flávio Roberto Santos http://www.inf.ufrgs.br/~frsantos 2009/3/26 Matthew Toseland <[email protected]>: > On Thursday 26 March 2009 04:27:55 you wrote: >> Hello, >> >> I mean by content pollution the action of publishing files with fake >> metadata. >> This could be done to disseminate spam, virus or other malwares. >> Multiple decoy insertions could affect the Freenet network utility. >> >> I have a short paper (2 pages) describing my current work, including a >> description of my strategy to mitigate content pollution: >> > http://inf.ufrgs.br/~frsantos/files/funnel_infocom2009-sw.pdf<http://inf.ufrgs.br/%7Efrsantos/files/funnel_infocom2009-sw.pdf> >> >> In a previous work, I implemented the strategy in a BitTorrent community and >> the results were satisfactory. >> >> If it does not fit a relevant project, which one from your list is related >> to "user generated content" and "security" topics? >> Suggestions? > > Okay, I see where you are coming from ... > > Some basic parameters: > - Freenet is about more than filesharing, and in fact Freenet doesn't do > filesharing particularly well; this is an area we definitely need help with. > Freenet also does freesites (internal web sites), chat forums, and a (buggy) > internal email system. Freenet is an anonymous document store: the basic > operations are inserting content and retrieving it, and anonymity for end > users is a very important design goal (although of course there are attacks). > - Freenet automatically deletes unpopular content and multiplies popular > content: it is a distributed cache. > - All files are divided into blocks of 32KB; the node has no way to know that > two or more blocks are connected, and generally this is seen as a good thing. > - Right now Freenet doesn't have very much metadata as such. There is a very > simple quasi-standardised format which is used for freesites, but this is > only used by the HTML-based portal sites / index sites, which may be manually > or automatically generated or some combination of the two, by their > pseudonymous authors. Searching freesites currently uses an index of a > different kind, which again is published by a single pseudonymous identity, > but is generated automatically by a spider, based purely on the title and > content of the pages; hence this is very easily spammable (some sort of > ranking system clearly would help), but so far hasn't been. There are several > different mechanisms for filesharing: Frost has a chat board based > filesharing index system, where iirc files can be attached to messages; this > searches based on filename, content type, file size. Frost is inherently > spammable, see below, and so is the filesharing system in Frost. Thaw uses > searchable file indexes, which are authored pseudonymously and can link to > each other. Thaw allows you to subscribe to specific indexes, and explore the > web of indexes to find more to subscribe to; hence it is much less spammable. > - Spam so far has largely been a problem with chat (forums/USENET) systems. > Frost uses a globally writable queue for each public board, which of course > has been spammed; for over a year, most boards on Frost were unusable because > of this. FMS and later Freetalk emerged as solutions to this problem: new > chat systems based on a web of trust, into which a pseudonymous identity can > be announced via solving lots of CAPTCHAs. Freetalk will be integrated into > the node as a plugin, it uses a backend generic "Web of Trust" plugin which > could be used for applications other than chat, and a frontend Freetalk > plugin for chat-related functions. > - Flooding of datastores is not in general a big problem for Freenet, at least > we don't think so: A powerful attacker could certainly cause severe problems > with flooding on opennet, but he could do many other things too which would > probably be more effective; on darknet, the attacker is limited by the number > of connections he can social engineer into the network. In any case, the kind > of measures needed to address flooding of datastores directly would likely > have severe anonymity issues, so it is probably better to keep them on the > (anonymous) client layer. > - So we're talking about locating content here: Searchng, for files or for > sites. The two basic problems are filtering results and preventing the whole > system being DoS'ed. > - Using the Web of Trust for filesharing has been suggested more than once; > there may be scalability issues, but there will be such issues even with > chat, it's something we should seriously consider. > > Hence, Funnel cannot be *directly* applied: > - Voting directly with your IP address as a Sybil protection is clearly not > acceptable to most Freenet users, as it is a clear violation of anonymity. > - Voting indirectly must be Sybil-proof, or at least DoS-proof. Chat > identities from the Web of Trust would probably be a good option. > - Limiting the number of downloads from a specific file based on its > reputation is not feasible as far as I can see. > > However, some sort of spam resistant filesharing/searching system is > definitely necessary to Freenet, and the sooner the better. Thaw's current > model is probably over-reliant on relatively small numbers of dedicated index > owners, and on the users manually subscribing to indexes. Frost's model is > clearly broken, and the current de facto standard of asking for stuff on the > chat forums and getting a key back is just way too slow and inconvenient. >> >> Thank you! >> >> Regards. >> >> Flávio Roberto Santos >> http://www.inf.ufrgs.br/~frsantos > > _______________________________________________ > Devl mailing list > [email protected] > http://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl > _______________________________________________ Devl mailing list [email protected] http://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
