Hi!
On 22:57 Mon 17 Jan , David Barrett wrote:
> On 01/17/2011 10:06 PM, Michael Blizek wrote:
> >>>Something like the above *will* happen. It's inevitable. It's not even
> >>>that creative. And it'll probably happen sooner than we expect. Sound
> >>>unlikely? Remember those researchers that cracked GSM at the CCC 2
> >>>weeks ago? They did it with "Universal Software Radio Peripheral"
> >>
> >>Sounds funny... just where did you get *that* idea from?
> >
> >Thee are other projects doing this as well:
> >gnunet.org is building a transport as it can act as a mesh
> >netsukuku.freaknet.org is building a file sharing mesh network, but I doubt
> >it
> > will scale very well
>
> I think the key question, as has always been the question when it
> comes to P2P network, is usability. Skype "just worked" so well
> that it took off like mad. Same for the major pirate networks
> (though even those are surprisingly unwieldy). A wireless mesh will
> only take off if it's absolutely dead simple.
Making it simple is one of my goals. There is not really anything that you
really need to configure... except maybe which traffic has priority.
> In fact... I could
> see it leveraging some of SocialVPN and the P2P social network
> concepts. Imagine:
>
> 1) You buy this USB device from WalMart, and plug it in for the first time.
You mean an USB WLAN adapter?
> 2) An app launches, whether you're on Mac, Windows, Linux, iPad, whatever.
This will not work. Cor is currently linux only. Users of other operating
systems can still use it, by getting a router letting the router translate
between TCP/IP and cor. This will probably be a common use.
You will also need to install the cor software yourself in most cases...
> 3) It asks "Welcome to the Mesh! Do you have an account, or do you
> want to create a new one?" You choose "Create a new one, named
> Quinthar"; it generates a huge public key.
>
> 4) It asks "There are 23 nodes in range named Alice, Bob, Cathy,
> etc. Which are your friends?" You choose "Alice".
>
> 5) It shows you Alice's public profile, which is available to
> anyone. It's up to Alice to decide how much to show. It asks "What
> password would you like to use to friend Alice?" You say
> "Wonderland"
>
> 6) On Alice's computer it says "Quinthar would like to be friends,
> what is the password?" She asks you, then types it in "Wonderland".
> It says "Great, now you and Alice are friends, and will stay
> connected so long as you are directly in range, share an
> intermediate mesh node, or are both connected to the internet." [Eg,
> it works just like SocialVPN and if it can't directly connect,
> establishes a NAT-penetrated connection over the internet. After
> the initial setup, you never need to think about it again.]
>
> 6) Once connected, you can see Alice's "Friend" profile, which is
> shown to anybody who is friends Alice. It might have additional
> information, such as online status, more photos and such, as she
> chooses. She sees the same for you.
>
> 7) It says "Now that you're friends with Alice, what do you want to
> do?" You say "Share these songs, photos, and videos, but not these
> other ones." [Perhaps by folder.] When she looks at your profile,
> she sees all these items. She can set offline preferences to
> optionally sync your data to her computer for access if you get
> separated. You might have a variety of access levels that you
> choose to share or not with different people.
>
> 8) It says "Great, it's shared with Alice. Do you want to share
> with any of Alice's friends -- including those you don't know?" You
> directly set how many levels of indirection you'll allow, perhaps
> just defaulting to 3 (Alice, Alice's friends, Alice's friends
> friends.)
>
> ... fast forward until you have many connections, some of which are
> physically in range, others are connected via a VPN over the
> internet, others are offline ...
>
> 9) You have a vast interface to browse the photos, videos, songs,
> updates, profile information, and basically a lot of stuff about
> everybody around you. The USB dongle is used to install on a new
> computer, and connect directly without the internet, but even
> without the dongle an installed computer can continue to participate
> in the mesh via the internet.
Cor is *not* about social networks. It is about forwarding data to hosts
which are not connected locally. You can build on top of it whatever you
want.
> 10) If any particular computer gets lost or compromised, you can
> unfriend them (or remove just that device) immediately.
> Furthermore, your node is configured to monitor unfriending to
> automatically "quarantine" any node that has become suspect. (For
> example, one of my friends lost his iPhone; he'd remove that device
> from his profile and my devices would stop talking with it, without
> any involvement from me.)
This is only effective, if:
1) Your friend does not have any cached data on the device
2) The unfriending happens before the attacker makes use abuses the data
> 11) And because your USB dongle is owned by you, it can store data
> such as your private key so you can easily move it between computers
> -- or even quickly access your mesh using someone else's computer,
> without leaving any trace on the computer itself.
You mean that you want to boot from this USB dongle? Even then, if the owner
of the computer wants to attack you, he can and there is little you can do
against it. Think about attaching a firewire cable to that computer and
reading/manipulating the memory via DMA...
> Anyway, ultimately I think mesh technology will be far less
> important than mesh *usability*. It needs to be packaged up with
> really simple, excellent software that enables the most basic peer
> activities -- especially file transfer -- to be done in a totally
> seamless way
I do not think that technology will be of little importance. Currently meshes
have a *very* low capacity. Bandwidth requirements are constantly growing and
hardware/time will not help us here.
-Michi
--
programing a layer 3+4 network protocol for mesh networks
see http://michaelblizek.twilightparadox.com
_______________________________________________
p2p-hackers mailing list
[email protected]
http://lists.zooko.com/mailman/listinfo/p2p-hackers
