On Tuesday - March 25th - I have a meeting scheduled with Professor J. Alex Halderman [0] to talk about security and Freenet. He is one of the people behind such research as Green Dam arbitrary code execution, [1] cold boot attacks on disk encryption, [2] and insufficient entropy on embedded systems leading to weak encryption keys. [3]
What should I say? I'm planning to mention:
0) Overview of Freenet's functionality and that of plugins/applications.
1) Do you have suggestions on where the Freenet project can find
security auditors or additional developers?
2) Would it be possible to run a seed node on campus?
3) Open research questions: [4][5]
* Pitch black - what mitigations have we come up with?
* Can opennet be secured?
* Is the network topology stable - does it settle? My simulation
work in GSoC 2012 suggested it did not. As the simulation moved away
from Sandberg's model and toward more of what Freenet does it got less
stable. Does this have practical implications?
* How can forums scale? PSKs? [6] What about real-time chat?
* Can load balancing be improved?
- Steve
[0] https://jhalderm.com/
[1] https://jhalderm.com/pub/gd/
[2] https://citp.princeton.edu/research/memory/
[3] https://factorable.net/paper.html
[4] https://wiki.freenetproject.org/Research_challenges
[5] https://emu.freenetproject.org/pipermail/devl/2012-October/036569.html
[6] https://emu.freenetproject.org/pipermail/devl/2012-October/036564.html
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
