On Monday 12 Dec 2011 03:26:50 Chris wrote: > > On Sun, 11 Dec 2011 20:05:36 -0500, Chris wrote: > > > > How would you tell the difference between freenet becoming more > > popular, and the bad guys slowly infiltrating the opennet? Also, you > > assume they only have a few days to perform the attack -- how do you > > know most of the current nodes aren't "them" right now? > > You wouldn't know. But you can't exactly be targeted until you exist. > Second. There are lots of adversaries. Not all of them are going to be > targeting you. If the number of nodes is increasing it makes any one > adversaries job all that much harder to target any one particular user. > The Tor project has said such before. The more nodes that exist the harder > certain attacks are to perform. Many of these attacks become apparent too > if done too quickly. I'm not saying this would work for Freenet. I'm just > saying it depends on the model and various factors. Freenet is very small. > So it Tor. If every computer was distributed with Freenet or Tor many of > these attacks would be much more difficult. Your node should have a choice > as to who to connect with. If you have enough choice you will be unlikely > to come across your adversary given a random selection of nodes.
Tor has scalability issues. In principle Freenet should scale better than Tor does. Unfortunately bandwidth is very cheap in quantity. Computing hardware and geeks are cheap too. So even with a big network, it's likely that connecting to and surveilling every node is going to be feasible for a relatively small cost. And in fact a big network would be more likely to contain interesting targets - so is more likely to be surveilled than a small network. This is just the extreme end of opennet attacks though. There are many cheaper attacks, which are partially explained in the FAQ. > > >> The way to do this really is to monitor the data and figure out what > >> the statistics are or have been over time and then base it off this > >> information. If there is a change in those statistics it could > >> indicate an attack. > > > > This is being done. But it won't help in this case at all. (Even if I > > wanted to dump thousands of bugged nodes into the network, I could > > simply post a Slashdot article, and join that upsurge.) > > You could. But then that upsurge would probably make it all the more > difficult to perform the attack. For the record your idea of taking stats doesn't work. It doesn't work because nodes constantly go online and offline, so you need to constantly add more nodes - and many nodes do actually leave for good. It doesn't work because an attacker could perfectly well make his nodes behave in the "predictable" way you expect. And above all it doesn't work because routing on opennet is dependant on the path folding algorithm, which constantly changes the connections to optimise data retrieval. Simply choosing a fixed set of peers at install time does not work, especially not if the network is getting bigger. We do limit the rate of gaining new connections, but we can't limit it to be so slow as to affect an attacker in a big way. An attacker cannot directly connect to your node, he has to use path folding. But there are various attacks that make use of this. The simplest, and most expensive - connect to everyone - simply means he has to be a good node. More sophisticated, cheaper attacks rely on figuring out, with slowly increasingly precision, where a stream of requests are coming from. And yes we have many ideas on how to make these attacks much more difficult, especially for inserts (which generally are more valuable than requests). > > Are you reading what I'm writing? You have to organize first. If you > haven't organized you can't get the people unbrainwashed. Any revolution > takes MANY people. Debatable point in the light of recent events IMHO. > > You clearly would prefer to go out in the street and organize. Good luck > not getting shot. My brothers and sisters and girlfriends and parents will come after me. When they get shot their relatives will come after. When they keep on shooting us we just get bigger. And if they still won't give in, and shoot us some more, the soldiers start defecting to our side, and we still win. I'm not saying you don't need organisers. Certainly inspiring voices are helpful, and keeping them safe is helpful. But look at what has been achieved with essentially traceable, public systems. IMHO Freenet has limited use in revolutions because the authorities will either turn off the internet completely or find some expensive technical way to block it which they can get the people to pay for. However, if it is popular, and allows people to communicate, it can be very useful, not least for helping people to hear voices they wouldn't be able to hear otherwise. China has shown it's willing to tolerate criminality as long as it doesn't include dissent - there is apparently state-licensed p2p software. This would never happen here ... On the other end of the scale, Iran has made it clear that they don't care about the economy at all, they are preparing to prohibit all internet connections other than in banks and other corporates with a proven need. In the west it is useful because of the increasing trend towards blocking sites that the powers that be don't like - sometimes based on copyright, but there are plenty of debatable copyright claims where the public interest is clearly served by violating it. (E.g. Co$).
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Support mailing list Support@freenetproject.org http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:support-requ...@freenetproject.org?subject=unsubscribe
