> On Sun, 11 Dec 2011 16:36:53 -0500, Chris wrote: >> How many users actually compile it themselves? > > Me, and all other Gentoo users :-). > >> How many examine the diffs? > > I do, rarely :s. > > >> > [...] >> > How would you propose to differentiate between a bugged node and a >> > normal node? >> >> This is why you have authentication and checks against any inability >> to connect to nodes. > > There is no such authentication that would help here. And you would be > able to connect to any node normally -- except the compromised nodes > would still find a way to become your peers and surround you. (I'm not > sure exactly what criteria need to be met for your node to accept > a stranger's offer, but I'm sure a dedicated adversary can easily meet > them.)
I think you are wrong here. I think authentication could work to a degree provided certain conditions are true/consistent enough. I am assuming certain things such as there being enough nodes that come online daily and stay online permanently. It may not work if the number of nodes which come online and then go offline is high. I'm no expert here although in theory you should be able to use authentication to verify that old nodes are still under the control of the person they were under prior. Chances are the initial nodes you trust aren't going to be compromised by your adversary. The adversary would have to slowly bring on new nodes then and would be limited to a particular number of nodes per day (however many is typical). If they try bringing on too many new nodes at once an alert should go up. For instance say there are 5000 nodes already, and there are never more than 20 new nodes that come on per day then the adversary would need 8 months to add 5000 nodes. If they brought on 40 nodes a day it would be apparent that an attack was underway. The way to do this really is to monitor the data and figure out what the statistics are or have been over time and then base it off this information. If there is a change in those statistics it could indicate an attack. > >> You are looking at the issue wrong. It doesn't matter which nodes are >> bugged. If a user can't connect to higher than normal percentage of >> nodes it should send up a red flag for one. > > They will be able to. They will be able to what? > >> You can keep track of nodes as well and check out which nodes are new >> and which have been added over time. The number of new nodes coming >> online shouldn't exceed a certain threshold. If there are 5,000 and >> on average the number of nodes increase by 2 a week then 100 new >> nodes coming online should send up a red flag. I don't know what the >> actual numbers are or the range. Maybe some weeks do see 100 nodes >> and others only 2. There is probably a number though that could >> increase the time it takes to pull off such an attack. > > There is no such metric -- a slashdot article, for example, could > easily trigger such a gauge. Moreover, you're not understanding the > attack enough -- the bad guys don't need to control too many bugged > nodes -- just a few which they will find a way to peer with you. > > By the way, here is one freesite that tries to measure how many nodes > are on the network: > > USK@85gZTCiQO9IEPDAGvjktO9d-ZMS1lIABR6JB85m4ens,VGDItiCVzCcWAay51faZzcIfAepzeHpzXYvChlueWYE,AQACAAE/stats/1533/ > > >> >> and if is not made apparent that is a problem with freenet (or >> >> whichever project you would be suggesting). >> > >> > Yes it is. And that's why it's in the FAQ :p. You should take a bit >> > more time, and read it more carefully: >> > >> > "Combined with harvesting and adaptive search attacks, [the >> > bootstrapping attack] explains why opennet is regarded by many >> > core developers as hopelessly insecure. If you want good security >> > you need to connect only to friends." >> >> I don't think you understand how it works that well. I suspect if >> some of your friends are compromised you won't be. > > Did you even read the "Correlation attacks" subsection, from > http://freenetproject.org/faq.html#attack ? Yes. I get the jist of it. > > >> I don't doubt that some developers think opennet mode is hopelessly >> insecure. > > It's not that they "think" it's hopelessly insecure. It really is :p. I > mean, it might still be "good enough" -- but there are actual, > well-known, unsolvable problems with the opennet idea. Which that FAQ > should have explained :p. I'm not arguing it is or isn't. Everything is relative though. > > >> I think the best way to organize a revolt or guerrilla war fare in >> todays world would probably be to anonymously organize multiple small >> groups. > > I strongly disagree. The battle (no matter which one you pick, > probably) is ultimately in the minds of the boring violence-phobic > masses -- the majorities. If you don't have popular support, you're > doomed no matter what you try to do. The best way to organize a revolt > is to talk to your friends and family and convince them peacefully and > rationally. (And freenet is a great tool for this! :D.) Nobody is saying you don't need public support (at least until you gain power). If the government is killing off or arresting the organizers then gaining popular support is difficult or impossible. The problem is that many people are going to be in great danger as they will be physically doing things that might get detected. If just one person is detected you don't want your entire structure to unravel. One person may allow one of your small groups to be wiped out. You have to assume that once the adversary has one person in a group they will discover the others in that group. It should not allow the entire organization to be taken out though. That is where such a project comes into play. If users and organizers are using Tor/freenet/whatever it can be difficult to determine who is organizing, who is actively participating, and who is just a supporter, or even follower (may be against the revolt). Compared to if an organizations members know each other and can be forced to talk. A government in power may not have the resources to arrest all using Tor/freenet/whatever. That gives the organizers protection (potentially or hopefully) long enough to let them carry through from the organization to the actual uprising without it's organizers being killed off. Or give them opportunity to make mistakes and re-group. _______________________________________________ Support mailing list Support@freenetproject.org http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:support-requ...@freenetproject.org?subject=unsubscribe
