> On Fri, 9 Dec 2011 05:26:19 -0500, Chris wrote: >> I am looking into setting up a distribution where Tor or freenet is >> used to create a secure and anonymous environment for communicating. > > Very cool. I've done that too :-). > >> One of the issues with freenet is that it is slow. I haven't used it >> in many years and do understand it has gotten much better. I also am >> aware that after a few days it gets faster as popular data is >> retained and gets 'cached' on your node and nearby nodes based on >> what those around you are doing. >> >> What I'm trying to figure out is what happens when your node is not on >> 24/7 and you can only connect infrequently for several hours at a >> time. > > It runs at esssentially the same speed (minus the benefits of immediate > local caching, of course) -- which is pretty slow but manageable. It > may take a few seconds / a minute longer to fetch things, but that's > still a minute longer than the censored web provides, so either way > users will have to adjust their expectations. Booting into the network > will also take an additional minute or so, which always-on nodes don't > have to worry about. > >> Many users have a persistent local threat that they need to be aware >> of. Leaving a server running is not an option as it could be >> compromised by an adversary. >> >> Removable media can reduce that threat. > > The keyword being *reduce* :p. We all have that concern and fear, of > unforeseen zero-day linux exploits, etc. (We already know they exist in > Window$ :). Ideally you would want to make extra sure you have "enough" > contingency planning (proper permissioning / stable and patched > software / firewalls / perhaps "caged" virtual machines / "sentry" > programs / whatever your paranoia desires), so such fears are > minimized. They will never be eliminated though. >
I was not referring to zero day exploits actually. The key word here was local real-world threats. Such as an adversary gaining physical access to the server/machine running freenode. Removable media may not eliminate the threat although there is less opertunity for a more sophisticated targeted attack. A software keylogger inserted into the MBR or similar would not be possible if the boot medium is never available to the attacker. On the other hand a physical keylogger may still be possible and maybe even a software based keylogger although more difficult to disguise/install without being noticed. I can think of at least a few different ways of getting a keylogger onto a system without having access to the boot drive or having to install a physical device. I would still need physical access to the computer. At least one method would not even require BIOS modification and would work on any x86 machine. >> What I'm looking to find out is if you run a freenode from a >> removable media and then run a local server running freenode to use >> as one of your peers (which could be on all the time) does this post >> a threat? > > Besides the obvious risks of either of those machines being compromised > (by any number of ways: physically, buggy software, leaky software, > etc), traffic analysis will always be a threat with Tor, and also with > Freenet if bad guys have somehow managed to occupy all your peer > connections. But besides these well known threats, I think it's pretty > safe. But not perfectly safe. Lets give a scenario: We have to assume that a persons Internet connection is being monitored. This might be via a sophisticated non-governmental actor (such as by breaking WEP/WPA) or by a government act such as monitoring at the telco. The adversary should also be assumed to be "unethical" in that there are no rules and can physically modify or otherwise install a software based monitoring solution on any boot media they have access to. The first question is how many peers need to be compromised to identify the content being transmitted? If a few of your freenode peers can be compromised and the adversary can monitor your Internet connection and local area network can they identify the contents which are being requested/sent by you? This assumes that they can't bug the physical machine that you are using to run freenode. If you add a server with freenode (which can be bugged) to your local LAN that is then added as one of your peers does this compromise the security? The point of adding a server with freenode to peer with on the local LAN would be to speed up requests since the machine that is actually used for browsing freesites (such as a laptop) can't be left on all the time (as doing so gives an adversary opportunity to bug it). This means it has to run from a removable boot medium that can be accounted for at all times. > >> If no local server is run that you peer with how is the speed if you >> only connect every few days? Is running freenet for a few hours to >> several hours going to be sufficient or will it be unbearably slow? > > It's bearable. (After it takes a few minutes to connect to the > network.) I suppose it's similar to fetching a freesite you never > fetched before -- perhaps a bit faster. > >> With Tor speeds are frequently severely limited. Especially >> with .onion nodes. Some non-onion servers can be accessed with >> significant speed though for sustained periods (15-300... maybe >> faster). > > That's probably not a Tor-specific problem -- but simply the less > powerful server behind the onioning. I don't think there are any > youtube-sized .onion servers. I'm petty sure this is the result of going through 6 nodes. The chance of getting a fast connection through 6 nodes seems highly unlikely. With three nodes you might get 30-300 when connecting to a non-onion web site. Frequently 60-120 and sometimes 300. With onion sites though you connect through three nodes plus the server connects through three nodes. That is 6 nodes you have to go through to get content. You can only forcefully change your three nodes. On average you are looking at 5-10 (frequently up to maybe 30) although probably maxing out at 100. > _______________________________________________ > Support mailing list > Support@freenetproject.org > http://news.gmane.org/gmane.network.freenet.support > Unsubscribe at > http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support > Or mailto:support-requ...@freenetproject.org?subject=unsubscribe > _______________________________________________ Support mailing list Support@freenetproject.org http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:support-requ...@freenetproject.org?subject=unsubscribe
