Re: [freenet-dev] FMS: Surrounded nodes and opennet was Re: Really secure inserts?

Sat, 12 Jan 2013 16:14:40 -0800 

Am Dienstag, 8. Januar 2013, 22:26:56 schrieb Matthew Toseland:
> > We could check, if we can access the latest freenet update in pure darknet
> > mode.
> >
> > If we can get that, we likely can access the global keyspace.
>
> Possibly. It gets passed across unroutable links and reinserted, so it's not
> so certain.
>
> Maybe the source or something. Or the bookmarks even. Maybe do a
> random-route-then-fetch probe.
>
> But we'd want to be able to distinguish between "in our darknet pocket" and
> "on opennet via another node". We might have a cluster of 39 darknet nodes,
> all with opennet enabled, all connected to each other. We add one more
> node, they lose their remaining opennet connections and become orphaned.

Wouldn’t we spot that because every one of our contacts would have every other
contact as FOAF?

A 2-step cluster is very unlikely, I think, because that would be 40*4000
nodes, which is almost 10 times Dunbars number, so the chance that all these
people know each other is quite small.

> So we want a flag for requests to only pass over darknet links IMHO. We can
> use this for testing the local darknet. But we could also use it for trying
> to fetch data from the local darknet before we ask opennet, on a
> whole-request level. IMHO that would be useful.

That would be nice, yes.

It would also allow testing the theory, that a globally connected darknet is
possible (or even efficient). On the long run, that is :)

> > > Your argument is then that we need to be able to announce from any
> > > darknet
> > > peer?
> >
> > I thought we could already do that…
>
> We can right now. But some of my plotting re opennet changes might not be
> compatible with initiating your own announcements without involving
> seednodes. Without involving the seednodes it is much harder to throttle
> announcements - either for a DoS or for creating lots of nodes or for MAST.

I think that the throttling has to be decentral without dependence on central
information, otherwise we’ll just see attacks on the seednodes, soon.

> > > No, we need to actually communicate with the downstream nodes: we
> > > exchange
> > > noderefs internally via an announcement. That means there needs to be
> > > two-way FNP traffic. It's necessary for UDP hole punching to work. Of
> > > course it doesn't always work...
> >
> > But that would still not be too hard in a lightweight script, I think.
>
> I don't see how it can be a script.

I do not know how much it actually does, but from a conceptual point of view,
the seed node should not be required to be able to do a full freenet
connection. A tiny subset of the protocol should suffice - and that tiny
subset could be implemented in PHP-scripts or similar, so that seed nodes
could run on regular webservers (the cheap ones without root access).

> > GWebCaches for example exchange lists of other GWebCaches - by having the
> > clients tell them about the other GWebCaches they know. Due to that there
> > is no additional required upper layer: To get a new cache known, you just
> > have to give its address to a client. For example via a freesite. And the
> > clients can decide which cache-list to follow.
>
> Seednodes could keep track of other seednodes. But you would still need to
> know a seednode in order to get onto the network. Hence it is a centralised
> network. Even worse, in principle a malicious seednode can ensure you only
> receive references he controls; there are ways to prevent this involving
> other seednodes, of course.

That’s clear, yes.

But if seednodes could be run on any server, people could just run seednodes
for their own community, adding a level of security (because even if the
seednodes should go down, others could easily take their place without having
to coordinate that globally).

> > Do you have an idea where the rising number of users since sunday
> > 2012-12-30 comes from?
> >
> > http://127.0.0.1:8888/freenet:USK@pxtehd-
> > TmfJwyNUAW2Clk4pwv7Nshyg21NNfXcqzFv4,LTjcTWqvsq3ju6pMGe9Cqb3scvQgECG81hRdg
> > j5WO4s,AQACAAE/statistics/129/
> >
> > That’s a rise which would not trigger that problem.
>
> Hmmm, interesting. Guess there was some publicity?

I know that there was that video on youtube, but that came later. Something
likely prompted Tek to post it, though. And it would be interesting to trace
it.

It could be easy, though: 29c3 just ended.

The rise started just before the end of 2012 - an interesting correllation to
the end of the chaos communication congress…
https://events.ccc.de/congress/2012/wiki/Main_Page

> > How about just segmenting the connections we have right now into 10
> > segments - and just throttling the ratio of changes in the number of new
> > nodes in these segments?
>
> I would be worried about routing consequences; it would be too similar to
> normal traffic, and ...

> > The benefit would be that an attack on part of the keyspace would be very
> > unlikely to block you completely. And your node could correlate the
> > performance of your two locations to find out about attacks. We now would
> > have 2 datapoints we can trust.
>
> Hmmm, maybe.

Maybe keep it for a later discussion - I guess that there are more important
issues right now…

Best wishes,
Arne
--
A man in the streets faces a knife.
Two policemen are there it once. They raise a sign:

    “Illegal Scene! Noone may watch this!”

The man gets robbed and stabbed and bleeds to death.
The police had to hold the sign.

…Welcome to Europe, citizen. Censorship is beautiful.

   ( http://draketo.de/stichwort/censorship )

Attachment: signature.asc
Description: This is a digitally signed message part.

_______________________________________________
Devl mailing list
[email protected]
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Reply via email to