On Wed, 5 Mar 2003 08:23:37 -0600, Mark J Roberts said: > You suggested that users behind a corporate LAN might covertly set > up a JMS router outside their firewall, but an ordinary NAT could be > employed for this purpose today.
I very well may be misinformed - how exactly would one place a NAT either inside or outside a firewall so that people on the outside could send packets in to Fred and Fred send packets out to those machines if the firewall is blocking all inbound connections, and/or blocking all outbound connections that don't originate from a controlled proxy machine? > I'm not at all convinced that more is really so desirable, especially > in light of the inevitable complexity that a really generic scheme would > bring. You're right, I am making one assumption, and that is that Freenet will eventually want to tackle hard network setups - that Freenet will want to be runnable by people in China, in Iran, or even in colleges, libraries, cybercafes, or in corporations. If we're going to go down that road, we're going to deal with some really nasty transport layers to get around the obstacles. Should we throw them all around within Fred - an application that provides anonymity and data caching - or should those nasty transports be factored out into a component designed from the ground up to do only that? JMS isn't rocket science, and it isn't the latest fad. Its an API into a technology that has been proven over and over to scale out to really gnarly network situations. > And who pays to run the JMS routers, given that the imprisoned end user > obviously cannot run one himself? The baseline is that the user has the ability to install software on their machine. The prison warden isn't going to install Freenet either. Some networks won't be breachable - I don't think anyone is ever going to build the transports necessary to be able to run a Freenet node inside Langley. But we should have a way to accomodate those networks that can be breached. Also, if someone can't use their own router (which is just a piece of software), people would be able to open their routers up for public use as well, like how some do with their FProxies, except nodes who use those 'public' routers wouldn't compromise their anonymity. > The problem is that the people who locked it down in the first place > will not be pleased when they notice your suspicious network usage, > the result being that you will have designed an effective way to > upgrade a crippled connection to a non-existent connection. Of course they won't be pleased, but should we give up on free speech because it might get someone in trouble? Or should we endevour to find better ways to empower them to overcome their obstacles? -jrandom, blabbing on about JMS, as always !+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+ CryptoMail provides free end-to-end message encryption. http://www.cryptomail.org/ Ensure your right to privacy. Traditional email messages are not secure. They are sent as clear-text and thus are readable by anyone with the motivation to acquire a copy. !+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+ _______________________________________________ devl mailing list devl at freenetproject.org http://hawk.freenetproject.org:8080/cgi-bin/mailman/listinfo/devl
