On Wednesday 07 January 2009 02:05, Dennis Nezic wrote:
> On Tue, 6 Jan 2009 23:56:48 +0000, Matthew Toseland
> <toad at amphibian.dyndns.org> wrote:
> > On Tuesday 06 January 2009 16:51, 3BUIb3S50i 3BUIb3S50i wrote:
> > > So, Freemulet or Frost "automatic insertion" are dangerous? We know
> > > the key before the upload of the file.
> > 
> > Yes IMHO.
> There's no such thing as a "stream of content" in freenet. Aren't
> chunks distributed across lots of nodes, and thus not traceable to
> any one location? Wasn't that the whole point of freenet? ;)

Doesn't follow, unfortunately.

If for example the same identity is known from public posts to be reinserting 
a series of files of known content, you have a large number of inserts which 
can be correlated together. The attack would then be to watch the inserts 
(initially a trickle because the attacker is far from the originator), and 
use the fact that they got routed to your node and the location of the key 
(or simply which node sent you the inserts) to get a rough idea of where the 
originator is on the network. Then get some connections a bit closer to the 
target. The number of inserts you intercept will increase, enabling you to 
approach the target ever more rapidly. This works on darknet as well as 
opennet, the difference is on darknet getting a connection to a target node 
is expensive, requiring e.g. social engineering, remote compromise of the 
node, or local compromise (e.g. dawn raid).
> And, I'm guessing that this theoretical attack, if it even exists,
> would only affect new inserts.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 827 bytes
Desc: not available

Reply via email to