On Thu, Sep 22, 2005 at 05:48:37PM -0400, Juiceman wrote: > Wasn't there an idea to have a separate encrypted user store with a > key that is only in ram? When a person turns off their node or > computer the user store is essentially unreadable and would be erased > on next start-up? Locally requested content would only be kept there.
Sure. This will help. We might support HTL 0 requests/inserts but have them only go to the client cache. Or we might overload it so that that was HTL=-1, and HTL=0 goes to the client cache and then the store, but is not routed. > > On 9/22/05, Matthew Toseland <toad at amphibian.dyndns.org> wrote: > > On Thu, Sep 22, 2005 at 10:39:33PM +0100, Volodya Mozhenkov wrote: > > > Matthew Toseland wrote: > > > >That's not the point. We already intend to make HTL=0 attacks > > > >infeasible, and they go well beyond datastore probing (think social > > > >engineering with NIM forms, Frost posts; put a different KSK/SSK on each > > > >node). > > > > > > > >The point is, you can still time it, and there's no real way to beat > > > >timing attacks in this area. > > > > > > I'm getting lost once again. First i don't understand why that is not the > > > point, since if you simply not cache the data if it was requested locally, > > > then if it somehow can be proven that your node has requested the block, > > > and it is not in the datastore, then you were the requester; that > > > compromises anonymity, not increases it. Second, i don't see what you have > > > meant by the social engineering with nim/frost. > > > > If they bust your node and get your store, or even if they can probe it, > > then they can prove what you've been downloading, with some degree of > > confidence (because you have *all of it*). This is the Register attack. > > This is what not caching locally requested files is working against. > > -- > > Matthew J Toseland - toad at amphibian.dyndns.org > > Freenet Project Official Codemonkey - http://freenetproject.org/ > > ICTHUS - Nothing is impossible. Our Boss says so. > > > > > > -----BEGIN PGP SIGNATURE----- > > Version: GnuPG v1.4.1 (GNU/Linux) > > > > iD8DBQFDMyVjHzsuOmVUoi0RAqZsAJ0Rb/rJzgZ8HKYaESAFSAcJMS7COQCeLrp2 > > pDugYQwgz0ePU/SiEtskKyw= > > =rcwT > > -----END PGP SIGNATURE----- > > > > > > _______________________________________________ > > Support mailing list > > Support at freenetproject.org > > http://news.gmane.org/gmane.network.freenet.support > > Unsubscribe at > > http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support > > Or mailto:support-request at freenetproject.org?subject=unsubscribe > > > > > > > -- > I may disagree with what you have to say, but I shall defend, to the > death, your right to say it. - Voltaire > _______________________________________________ > Support mailing list > Support at freenetproject.org > http://news.gmane.org/gmane.network.freenet.support > Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support > Or mailto:support-request at freenetproject.org?subject=unsubscribe -- Matthew J Toseland - toad at amphibian.dyndns.org Freenet Project Official Codemonkey - http://freenetproject.org/ ICTHUS - Nothing is impossible. Our Boss says so. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: Digital signature URL: <https://emu.freenetproject.org/pipermail/support/attachments/20050922/3948faba/attachment.pgp>
