Tavin Cole wrote: > > On Thu, Jun 07, 2001 at 10:09:18AM -0700, Ian Clarke wrote: > > On Thu, Jun 07, 2001 at 12:52:37PM -0400, Tavin Cole wrote: > > > I have a new suggestion for this: just count the number of hits on each > > > key > > > and call that P, and whenever P reaches a certain limit, delete the key. > > > > Er - I am probably misunderstanding you, but wouldn't this create a > > trivial attack for removing particular keys from Freenet? Simply hammer > > nodes with requests until they drop the key you are requesting... > > The idea is that once every several hundred or several thousand requests, > the node will pass the request upstream, but the chances of 2 nodes dropping > it at the same time will be very small.
Once it is passed upstream the node will no longer be queried (at least from that direction) right? So if you delete a datum after so many requests, it is trivial for a specific node to force that data out of the data store. It simply progresses from one node to the next, until it is gone completely (i.e. the malicious node is assumed to have this upstream copy, when in fact, it has been performing the requests to force the data out of store). Perhaps I am misunderstanding, but this would appear to be a major vulnerability. _______________________________________________ Devl mailing list Devl at freenetproject.org http://lists.freenetproject.org/mailman/listinfo/devl
