On Sun, 11 Dec 2011 20:05:36 -0500, Chris wrote: > > On Sun, 11 Dec 2011 16:36:53 -0500, Chris wrote: > >> How many users actually compile it themselves? > > > > Me, and all other Gentoo users :-). > > > >> How many examine the diffs? > > > > I do, rarely :s. > > > > > >> > [...] > >> > How would you propose to differentiate between a bugged node and > >> > a normal node? > >> > >> This is why you have authentication and checks against any > >> inability to connect to nodes. > > > > There is no such authentication that would help here. And you would > > be able to connect to any node normally -- except the compromised > > nodes would still find a way to become your peers and surround you. > > (I'm not sure exactly what criteria need to be met for your node to > > accept a stranger's offer, but I'm sure a dedicated adversary can > > easily meet them.) > > I think you are wrong here. I think authentication could work to a > degree provided certain conditions are true/consistent enough. I am > assuming certain things such as there being enough nodes that come > online daily and stay online permanently. It may not work if the > number of nodes which come online and then go offline is high. I'm no > expert here although in theory you should be able to use > authentication to verify that old nodes are still under the control > of the person they were under prior. Chances are the initial nodes > you trust aren't going to be compromised by your adversary.
First of all, on opennet, the peers you are connected to change every few minutes/hours. They are not static. They constantly change to make routing more efficient, via "swapping". I was not suggesting the bad guys actually compromise other people's nodes -- the far easier and more likely scenario is they simply have *their own bugged nodes*, and try to become your peer. (And I think, (not absolutely sure), for a dedicated attacker, this is pretty easy.) > The adversary would have to slowly bring on new nodes then and would > be limited to a particular number of nodes per day (however many is > typical). If they try bringing on too many new nodes at once an alert > should go up. So, again, *their nodes* (just a few... 10-20?) will initiate peering with your node. And there is nothing you or anyone can do about it. This is the problem with connecting to strangers -- ie. opennet. Although, I guess this can be (already is?) mitigated somewhat if we only allow a certain percentage of our peers to come from external (swap, etc) requests -- but then it would simply become a question of time before you initiate peering with their nodes -- and they will have many, including big and popular seednodes. > For instance say there are 5000 nodes already, and there are never > more than 20 new nodes that come on per day then the adversary would > need 8 months to add 5000 nodes. If they brought on 40 nodes a day it > would be apparent that an attack was underway. How would you tell the difference between freenet becoming more popular, and the bad guys slowly infiltrating the opennet? Also, you assume they only have a few days to perform the attack -- how do you know most of the current nodes aren't "them" right now? > The way to do this really is to monitor the data and figure out what > the statistics are or have been over time and then base it off this > information. If there is a change in those statistics it could > indicate an attack. This is being done. But it won't help in this case at all. (Even if I wanted to dump thousands of bugged nodes into the network, I could simply post a Slashdot article, and join that upsurge.) > >> You are looking at the issue wrong. It doesn't matter which nodes > >> are bugged. If a user can't connect to higher than normal > >> percentage of nodes it should send up a red flag for one. > > > > They will be able to. > > They will be able to what? They will be able to connect to normal nodes too. Of course, from your perspective, they're *all* equal strangers. (On opennet.) > >> I don't doubt that some developers think opennet mode is hopelessly > >> insecure. > > > > It's not that they "think" it's hopelessly insecure. It really > > is :p. I mean, it might still be "good enough" -- but there are > > actual, well-known, unsolvable problems with the opennet idea. > > Which that FAQ should have explained :p. > > I'm not arguing it is or isn't. Everything is relative though. No, everything is not relative :P. Opennet *is* pretty easily exploitable by design. This isn't a problem with freenet in particular -- but of any untrustworthy network. (Opennet does actually have a minimal amount of trust in it -- via the seednodes. But it's easily exploitable. A darknet is the way to go. (The only reason why the opennet is still around is because people are lazy and complacent.)) > >> I think the best way to organize a revolt or guerrilla war fare in > >> todays world would probably be to anonymously organize multiple > >> small groups. > > > > I strongly disagree. The battle (no matter which one you pick, > > probably) is ultimately in the minds of the boring violence-phobic > > masses -- the majorities. If you don't have popular support, you're > > doomed no matter what you try to do. The best way to organize a > > revolt is to talk to your friends and family and convince them > > peacefully and rationally. (And freenet is a great tool for > > this! :D.) > > Nobody is saying you don't need public support (at least until you > gain power). It's the first and main thing you need, before you decide to take any action. (Unless that action is supposed to persuade them -- which anything violent or controversial probably almost certainly won't.) > If the government is killing off or arresting the organizers then > gaining popular support is difficult or impossible. Well, if they're organizing to "get the revolution rolling", then of course that's an assured fail. If they're organizing to peacefully teach people, then yea, arresting those people will hamper things. This is where freenet might come in. > The problem is that many people are going to be in great danger as > they will be physically doing things that might get detected. People should not be doing things "physically", before the philosophy is firmly entrenched in the minds of the people. If the people are still brainwashed, than any action you take will only make your position look worse. First you have to undo their brainwashing. > If just one person is detected you don't want your entire structure to > unravel. One person may allow one of your small groups to be wiped > out. You have to assume that once the adversary has one person in a > group they will discover the others in that group. It should not > allow the entire organization to be taken out though. That is where > such a project comes into play. > > If users and organizers are using Tor/freenet/whatever it can be > difficult to determine who is organizing, who is actively > participating, and who is just a supporter, or even follower (may be > against the revolt). Compared to if an organizations members know > each other and can be forced to talk. A government in power may not > have the resources to arrest all using Tor/freenet/whatever. That > gives the organizers protection (potentially or hopefully) long > enough to let them carry through from the organization to the actual > uprising without it's organizers being killed off. Or give them > opportunity to make mistakes and re-group. Yep. _______________________________________________ Support mailing list Support@freenetproject.org http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:support-requ...@freenetproject.org?subject=unsubscribe
