On Sunday 22 June 2008 03:56, Hierophant wrote: > I've recently implemented a Freenet opennet node via XeroBank 2.0 <http://xerobank.com> and would appreciate comments, especially regarding performance and security.? XeroBank 2.0 is a commercial broadband descendant of Tor.? XeroBank is apparently incorporated in Panama.? Although XeroBank's website has short bios on its key staff, I have not found any information regarding its owners. > > XeroBank access costs $35 per month for 75 Gb at ca. 1.5 Mb/sec download and ca. 0.5 Mb/sec upload.? Clients are assigned both access and deposit account numbers, and only deposit-account-to-access-account transactions are supposedly possible.? Also, payments to XeroBank are anonymized via Dalpay in Iceland, and so even deposit accounts are supposedly anonymous.? Multiple machines can access XeroBank simultaneously, and each machine (real and/or virtual) has a separate encrypted VPN channel to its network.? There are currently exit nodes in Canada and the Netherlands.? The IP of an exit node persists until the originating VPN channel terminates. > > I've corresponded with Steve Topletz, one of XeroBank's technical consultants, and he's assured me that running a Freenet doesn't violate its terms of service unless doing so generates upstream complaints.? For those who don't know of Steve Topletz, he's a veteran of Cult of the Dead Cow and Hacktivismo, and was active in Tor development.? There are interviews with him on darkREADING <http://tinyurl.com/6y6eju>, NowPublic <http://tinyurl.com/5donxb> and the American Chronicle <http://tinyurl.com/558ngj>. > > As I understand XeroBank, only entities capable of global correlation attacks can trace traffic between its entry and exit nodes.? Being a private network, XeroBank doesn't share Tor's key vulnerability to evil exit nodes.? According to XeroBank's Privacy Policy <http://xerobank.com/privacy_policy.php>, it does not log IPs or activity unless there is evidence of malicious activity which violates its terms of service and/or human rights, or unless it's been compelled by "court orders of all applicable jurisdictions for all specific servers" (which are in multiple countries). > > Lack of IP anonymity is the key vulnerability of Freenet in insecure mode, and even for darknets if they're compromised.? By running this node via XeroBank, none of my opennet peers knows my true IP.? And given that each machine connects via a separate VPN and has a distinct exit IP, I can run a second node that connects only to my opennet node, and use only that node for accessing Freenet.? As I understand Freenet, the activities of that draknet node would not be visible to any of my opennet peers. > > I'm currently running my main node using Freenet 0.7 Build #1152 r20268 in a virtual Win XP SP2 machine on a PGP-encrypted partition, using Java Version 1.6.0_06 and JVM Version 10.0-b22.? There's now a XeroBank 2.0 version of xB Machine, and I'll switch to that shortly.? The Win XP machine has one CPU, 1 Gb memory and a 30 Gb hard disk.? The node has one CPU, 512 Mb memory, a 20 Gb datastore and bandwidth limits of 50 Kbps output and 100 Kbps input.? The node has been up for over two days, and has generally had ca. 5-10 peers.? Output and input rates have generally been ca. 25-50 Kbps. > > Freenet provides many other statistics, but I'm not going to dump them all here.? However, given that I do want help optimizing this node's performance, I'll be happy to provide whatever non-compromising information that's requested. > > Hierophant > hierophant at hell.com
Cool. However I would point out that there is an entire industry dedicated to reversing money anonymisation schemes. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available URL: <https://emu.freenetproject.org/pipermail/support/attachments/20080802/4eddbf48/attachment.pgp>
