> > Getting a list of cluster nodes is exactly as bad as getting a list of
> > public nodes when the attacker's goal is to shut down Freenet nodes.
>
> kAAAAAAAAAAAAAAAAARGHHHHHH. Then WHY THE FUCK ARE YOU CREATING A CLUSTER?
> I'm sorry, I'm loosing my patience here. You keep failing to address this
> point. The point of creating a cluster was to protect a group of people
> (you claim), but in fact it actually *increases* their liability.
I don't see how I'm not addressing the point. You create a cluster so that
you can reject connections from unknown hosts such as MediaEnforcer's node
if they ran a node.
There are two types of attacks, those in which they seize the IP list of
the detected node, and those in which they do not. MediaEnforcer's attack
is of the first type. Nothing protects against the second type, so I'm
discussing the first type.
In the first type of attack, the node list is not seized. Therefore
creating clusters reduces liability because less nodes are detectable via
port scanning or running an evil node.
In the second type of attack, where the node list is seized, the liability
is the same. Whether it is a normal node or a gateway which is seized, a
list of nodes is revealed. In the type of attack which we're talking about
the entire purpose is to obtain node IP addresses. If They have your
address, that's it, you're screwed. Whether the IPs are marked as trusted
or not is irrelevant. Whether they discover public or cluster nodes is
irrelevant. So the liability is the same.
Since the liability is less with clusters in the first attack and the same
in the second attack, it is overall less with clusters.
_______________________________________________
Freenet-dev mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/mailman/listinfo/freenet-dev
