On Fri, Apr 06, 2001 at 02:46:21AM +0100, Michael Rogers wrote: > On Wed, Apr 04, 2001 at 08:42:22PM -0500, Brandon wrote: > > 3) KSKs are just pointers to to other files which provide a name. So all > > you're really doing is misassociating a name, something that we have > > to be robust against anyway since there are other ways to do this. > > But if your pointer replaces a legitimate pointer with the same name, the > file pointed to by the legitimate pointer will drop off the network due > to lack of requests. It would be easy to censor MP3s, for example, by > changing any KSK containing the string "mp3" that passed through your node > to point to a nonexistent document. Unlike a black hole attack, your > immediate neighbour would receive a file that looked OK so it wouldn't > route around you.
You're still gonna need a lot of other nodes cooperating to be able to distroy a file. In any case we specificly say KSK's are insecure. There is no way to make them secure. This is a big fat bug but no-matter what we do it's *never* going to go away no matter how many goats we sacrifice. Remember: Friends don't let friends use KSK's. -- GCS d s+:-- a--- C++++ UL++++ P L+++ E W++ N- o K- w-- O- M V- PS+ PE+ Y+ PGP+++ t 5 X R+ tv-- b+ DI+ D++ G e- h! r-- y-- pete at petertodd.ca http://retep.tripod.com -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 232 bytes Desc: not available URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20010405/bf9579e7/attachment.pgp>
