On Sat, 12 Aug 2000, Benjamin Coates wrote: > > From "Henry Hemming" <typo at pp.htv.fi> > > I pray(in the metaphoric sense) that I'm not the first to post this. But > > wouldn't it be extreamly easy for the goverment to subvert freenet by > > creating a super duper cool client for freenet that they distribute for free > > and as a bonus the client reports information to the goverment. This way of > > exposing freenet wouldn't even cost much (compared to other metheds > > mentioned), prob 1mil US would do it easy. Most home users wouldnt give a > > damn who wrote the client or if its bugged (unless the press makes enough > > noise about it, as with carnivore) as long as its fast and looks good. > > > > --typo > > This could be resisted by making certain that the 'real' freenet does not > interoperate with the 'evil' freenet. The people who use the bugged client > out of ignorace would be screwed, but we can't really do anything to protect > the ignorant anyway. > > -- > Benjamin Coates
On rogue clients: Another trick (which I think we should seriously consider) would be to make it so a freenet client can be used to download and check the signature of a new version of the Freenet client either off the web, off freenet, or a local file. The Freenet client would obviously need to contain a 'freenet developers' public key. Or better, it could contain a key for each developer individually. This protects the user against a 'rogue developer', because the user would expect to see a list of developers vouching for the software. If there was an argument on Slashdot between the developers, for example, then the user would read and consider the developers' points of view, and be able to make their own decision about whose signature to trust. (This is a modification and improvement of my previous slightly-too-radical idea - based on a chat with Brandon.) Incidentally - I presume the Freenet client will have to have a 'trust' command which you can use on a signed document to record the public key in your personal keyring. Steve _______________________________________________ Freenet-dev mailing list Freenet-dev at lists.sourceforge.net http://lists.sourceforge.net/mailman/listinfo/freenet-dev
