> The problem with this is that if some nodes drop the data before others in > a way which isolates some of the nodes with the data from other nodes with > the data, not all nodes with the data would be updated.
But this is unlikely to happen, and even if it did, my proposal is much more likely to handle it correctly than Oskar's. > > Are you sure? How exactly? > > This wouldn't work because an update message would neither contain the > addresses of the nodes that it has passed through nor send messages back to > the sender of the update. The only way that this could be used for attacking > Freenet would be if the attacker had a *very large* surveillance network, > with large numbers of points at which Internet traffic could be monitored. In > this case, an attacker could track the movement of an update message because > of its UniqueID. Even then the messages will be encrypted making this difficult. Someone with the resources people are talking about (ie. being able to monitor and decrypt all inter-node comms) would already be able to track data, regardless of what update scheme we use (since in the worst case, they could just model what is going on inside each node based on the messages they send and receive). > > Nor in my proposal. > > Depends. Your proposal might be able to cause large quantities of > monitorable traffic provided an attacker chose to monitor an update of a > very popular document. Again, assuming they can monitor and decrypt messages travelling between arbitrary nodes. Anyone with that capability could do serious damage to Freenet's anonymity anyway. Ian. _______________________________________________ Freenet-dev mailing list Freenet-dev at lists.sourceforge.net http://lists.sourceforge.net/mailman/listinfo/freenet-dev
