On Tue, May 09, 2000 at 12:23:38AM +0100, Ian Clarke wrote: > > > > Rather than me try to defend this proposal against vague and > > > unsubstantiated criticism, I will first ask you to say exactly what is > > > wrong with this idea. > > Sending to all or even some portion of the nodes you know is too much > > traffic. If you send to 10 nodes, and they send to 10 nodes, its like a > > chain letter. > > Wrong, read my email carefully. Nodes are only forwarded by nodes which > posess the data, this constrains the spread of the DataUpdate message, > so that you will only have messages roughly proportional to the amount > of cached copies of the data in the system. I think this is reasonable, > and moreover I think it is as good as we can get since if we want to > update data in Freenet it is inevitable that every node caching that > data must be informed of the update in some form or another.
The problem with this is that if some nodes drop the data before others in a way which isolates some of the nodes with the data from other nodes with the data, not all nodes with the data would be updated. > > Also, an attacker need only send an update to discover all > > the nodes neighboring a single node. > > Are you sure? How exactly? This wouldn't work because an update message would neither contain the addresses of the nodes that it has passed through nor send messages back to the sender of the update. The only way that this could be used for attacking Freenet would be if the attacker had a *very large* surveillance network, with large numbers of points at which Internet traffic could be monitored. In this case, an attacker could track the movement of an update message because of its UniqueID. > > No, it assumes no such thing. It merely continues to follow the ordinary > > route beyond the first occurance of data. This doesn't mean that it will > > necessarily find anything. In fact, even if it doesn't, all its ensuring > > is that the edges of HTL are explored. Also, it doesn't affect caching, > > since if the closest document was also as recent as the newest update, > > you're still getting the *data* from that close node. You are only > > sending control messages out to HTL depth. > > Ok, so if the DataRequest won't nescessarily find anything after being > forwarded, what use is it to anyone?! > > > It also means that you don't trigger an avalanche of monitorable > > communication. > > Nor in my proposal. Depends. Your proposal might be able to cause large quantities of monitorable traffic provided an attacker chose to monitor an update of a very popular document. > > > > So: A) This proposal probably wouldn't work > > > > > > Yes, but all of these messages would be directed towards one > > > (potentially non-existent!) central source for the data, which would > > > probably fall-over immediately if the data was popular. A > > > double-failure! > > Its not causing the data to be placed at any central source, nor is it > > causing increased data traffic at that non-existant source. So thats a > > double-negation. ;) > > Actually no, firstly there won't be a central source, so it won't work, > but even if I am wrong on this point, and there was a central source, > then it *still* won't work, because that central source would fall-over > if it was overloaded! I need to be wrong on both counts for you to be > right, so this is indeed a double-failure. > > Ian. > > _______________________________________________ > Freenet-dev mailing list > Freenet-dev at lists.sourceforge.net > http://lists.sourceforge.net/mailman/listinfo/freenet-dev -- Travis Bemann Sendmail is still screwed up on my box. My email address is really bemann at execpc.com. _______________________________________________ Freenet-dev mailing list Freenet-dev at lists.sourceforge.net http://lists.sourceforge.net/mailman/listinfo/freenet-dev
