On Sat, 29 Jul 2006, Matthew Toseland <toad at amphibian.dyndns.org> wrote: >!!! Unable to decode the following MIME section !!! >Content-Type: multipart/signed; micalg=pgp-sha1; > protocol="application/pgp-signature"; boundary="VywGB/WGlW4DM4P8" >Content-Disposition: inline > > >--VywGB/WGlW4DM4P8 >Content-Type: text/plain; charset=us-ascii >Content-Disposition: inline >Content-Transfer-Encoding: quoted-printable > >On Sat, Jul 29, 2006 at 06:32:35AM -0000, Anonymous Freenet User wrote: >> On Sat, 29 Jul 2006, Matthew Toseland <toad at amphibian.dyndns.org> wrote: >> >!!! Unable to decode the following MIME section !!! >> >Content-Type: multipart/signed; micalg=3Dpgp-sha1; >> > protocol=3D"application/pgp-signature"; boundary=3D"MGYHOYXEY6WxJCY8" >> >Content-Disposition: inline >>=20 >> personal note: I hate pgpmime, inline may be old fashioned, but it's more >> compatible > >It's more standards compliant.
Perhaps, but useless to programs that do not understand pgp-mime. Sadly, I lack the skills to add this capability to Jack B. Nymble and I am entirely too stubborn to change software from what has worked for me for years, thus your msgs are not verifyable to me at all. >> > >> >You have to connect to a **0.7** node. Actually you have to connect to >> >several. And yes, the content is different; it's an incompatible content >> >reset. >>=20 >> This means that it's time to download all of your favorite 0.5 content and >> re-insert it in 0.7 when it becomes possible. > >Yes. >>=20 >> On a related note... >>=20 >> If I set up a new 0.7 node, get a few refs and begin inserting content. am >> I as anonymous in doing so as I am in 0.5? Is there any way to trace >> content back to the node that inserted it? > >0.5 has security problems. 0.7 has security problems. Either way you are >vulnerable primarily to those nodes you are directly connected to. Who >are far fewer in 0.7, and who you hopefully already know, in 0.7. >Whereas on 0.5 you may well be connected to the [insert bad guys]. > >Hence the darknet model is safer - at least, it's safer from a distant >adversary. It is less safe from the point of view of a personal >betrayal. And it remains an explicit goal that it be impossible to trace >the author of an insert, however if you happen to be directly connected >to them, you have a good chance of busting them with a correlation >attack or something similar, until we implement premix routing (in 0.8). > >Also there are a number of important features which are not implemented >yet, and a variety of attacks are possible. One of the big ones is that >we don't have proper encryption yet; connections are encrypted, but not >authenticated yet, so they can be MITMed or spoofed. That will be fixed >in the reasonably near future. > Thanks for the clarification. That helps my decision of what to insert where.
