(Travis, I posted this to freenet-chat, because I'm infatuated with my
appending-keytype idea. Hope you don't mind.)
On Fri, 22 Dec 2000, Travis Bemann wrote:
> On Fri, Dec 22, 2000 at 07:01:54PM -0600, Mark J. Roberts wrote:
> > On Fri, 22 Dec 2000, Travis Bemann wrote:
> >
> > > You could put a setting in clients which would automatically block
> > > people who don't use PGP/GPG. And note that key generation is not a
> > > fast thing - so trolls couldn't just produce a new key for each they
> > > post.
> >
> > Automatic or not, you simply can't download 100,000 individual
> > articles. They could all be JPEG images of cats. You still can't filter
> > them.
>
> fnindex items and fnnews messages are in specific formats, and would
> be automatically ignored by clients if they were not in this format.
> fnindex items just have a series of fields, and fnnews messages just
> have a series of fields followed by a body of 8 bit text. Of course,
> you still have the problem of wasted bandwidth and hard drive space on
> Freenet nodes even if a client cuts off a requesting connection once
> it realizes that the data being requested is not in the proper
> format.
Withstanding a large-scale attack is a hopeless proposition. You simply
won't have enough bandwidth.
> > > Note that the Usenet has this same problem - and although there is
> > > cancellation, many Usenet servers ignore cancels due to programs like
> > > ActiveAgent by HipCrime (a free (as in beer) programming with a large
> > > number of variants which can do things ranging from ordinary spamming
> > > to mass cancelling to mass supersedes to mass sporging (the
> > > combination of spamming and forging).
> >
> > > Usenet has these same problems. Many sites ignore cancel messages.
> >
> > Usenet is an archaic system, and everybody knows it, even the
> > trolls. Freenet is the hippest, coolest thing since AOL. Flooding Usenet
> > has no real novelty value, it's impossible to forge your headers
> > completely (so your posts are soon canceled) and if you're annoying enough
> > your ISP will grep their access logs and pull your plug. (You had to ram
> > in those 10,000 cat pictures from somewhere.)
>
> Of course, they will probably get tired of attacking fnnews and
> fnindex. Also, won't many of them realize that Freenet and fnnews and
> fnindex are good for them because they provide havens where they can
> trade all their warez and exploits with anonymity and impunity.
> Freenet provides the perfect warez distribution system - just break
> your warez into little bits that can actually fit on most nodes. If
> they were smart they would help Freenet rather than try to hurt it.
> Of course, there still are going to be some trolls and other idiots,
> and trolls are not going away any time soon.
Yes, but it only takes one dedicated flooder to wreck everything. Sigh.
> > > > The burning question is whether fnnews and fnindex are worth implementing
> > > > in light of their vulnerablility to flooding. Will they be superseded by a
> > > > more secure alternative in the (relatively) near future?
> > >
> > > The only way to do a more secure version simply be private fnnews and
> > > fnindex based on SSKs instead of KSKs (which is an extremely trivial
> > > change). However, this would be for completely private-posting,
> > > public-reading newsgroups and indices - there really is no way to do
> > > public newsgroups and indices with cancellation and such - this is do
> > > to the inherent nature of Freenet - not do to the design of fnnews and
> > > fnindex. It is possible to do moderation, but that could only be done
> > > through newsgroups or indices which are under SSKs but can be posted
> > > to by anyone through fnmail (which someone other than myself has
> > > created) to a particular mailbox which belongs to the moderator. The
> > > problem with this is that it is purely centralized (although still
> > > anonymous), with the moderator being able to arbitrarily choose what
> > > posts are going to actually be posted.
> >
> > Public posting is a real bitch. As long as the forum is associated with
> > Freenet, we're going to attract the script kiddies and their random text
> > generators. The only way out is to have a encrypted Web submission form
> > that limits the number of posts per IP. Which is completely unacceptable.
>
> There are always going to be trolls and 5kr1pt k1dd13z. But before
> one starts proposing methods to fight them, one must understand the
> implications of such methods. Stuff like cancels and moderation can
> be used just as easily for censorship as for fighting trolls and
> 5kr1pt k1dd13z.
And there's the problem.
We need a new keytype (how many times have we heard that?). Before you can
insert anything to this "subspace" (it's different, read the next
paragraph), you must generate an identity using a "hash cash" system. It
takes a long time, maybe six hours on a gigahertz pentium. After you're
generated your identity, you can begin to post. (Posting should perhaps
require thirty seconds of hash cash, but I'm not sure.)
The post appends its CHK to a list, along with the identity of the poster.
Newsgroup readers download specified chunks of this list (i.e., "1234-" to
download everything later than and including post 1234, etc.). Then, the
downloaded list is compared against a group killfile. The killfile is
optional, maintained by group regulars, and the user could add or
subtract from it locally with his client.
Flooders have very little effect: all they can do is slightly increase the
size of the list, so they'll get bored and probably stop. There's no
mechanism for censorship, either: there are no gods who can expunge
identities, and there is no voting. There is little processing to be done
by the client, too: all the client need do is download the new message
"chunk" of the list and filter it with the killfile.
The above is very basic. I would definitely modify it by allowing
arbitrary data to be appended to the list, up to a size limit (say
1kbyte). That would permit subject headers and other protocol-dependent
stuff. It should not be too big, though, because then the lists would
start to inflate to huge sizes. (This won't be a problem with any
reasonable allowed size, even in a busy newsgroup.)
--
Mark Roberts
[EMAIL PROTECTED]
_______________________________________________
Freenet-chat mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/mailman/listinfo/freenet-chat
