So, I've been thinking about the MediaEnforcer thing. I know that
people seem to believe that it's not justified since the node may not
have had the document available before the request, but frankly I
think that's too fine a point for chicken-livered ISPs to grasp, and
definitely too fine a point for them to stand up for.
The MediaEnforcer attack is typical entrapment. However, we're not
talking about real cops, we're talking about the shady world of
corporate terms of service, where the Bill of Rights does not
apply. As a point of fact, in oppressive regimes someone could get
shot based on this attack. It's not merely theoretical.
Anyways, here's what I was thinking: I think Brandon is right about
getting private networks into Fred. But I think there's one more thing
that would help. I think there may be a good reason to allow nodes to
only talk to other nodes in a pre-configured list.
This would greatly reduce the danger of attacks like the MediaEnforcer
one. If my node only talks to nodes owned by people I trust, then I
don't have to worry that some grunt working for RCA Records is going
to connect to my node, drag an MP3 from God knows where into it, and
then get my DSL service disconnected.
Yes, I'd still be vulnerable to MITM and IP spoofing attacks, or
sniffing on my ISP's router, but at least it's a step in the right
direction.
In a super-paranoid world, there'd probably be private networks that
only trust other cluster computers, and then gateways that trust their
cluster and a handful of other gateways.
~Mr. Bad
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/\____/\ Mr. Bad <[EMAIL PROTECTED]>
\ / Pigdog Journal | http://pigdog.org/ | *Stay*Real*Bad*
| (X \x)
( ((**) "If it's not bad, don't do it.
\ <vvv> If it's not crazy, don't say it." - Ben Franklin
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
_______________________________________________
Freenet-dev mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/mailman/listinfo/freenet-dev
