On Wednesday 07 January 2009 02:05, Dennis Nezic wrote: > On Tue, 6 Jan 2009 23:56:48 +0000, Matthew Toseland > <toad at amphibian.dyndns.org> wrote: > > > On Tuesday 06 January 2009 16:51, 3BUIb3S50i 3BUIb3S50i wrote: > > > So, Freemulet or Frost "automatic insertion" are dangerous? We know > > > the key before the upload of the file. > > > > Yes IMHO. > > There's no such thing as a "stream of content" in freenet. Aren't > chunks distributed across lots of nodes, and thus not traceable to > any one location? Wasn't that the whole point of freenet? ;)
Doesn't follow, unfortunately. If for example the same identity is known from public posts to be reinserting a series of files of known content, you have a large number of inserts which can be correlated together. The attack would then be to watch the inserts (initially a trickle because the attacker is far from the originator), and use the fact that they got routed to your node and the location of the key (or simply which node sent you the inserts) to get a rough idea of where the originator is on the network. Then get some connections a bit closer to the target. The number of inserts you intercept will increase, enabling you to approach the target ever more rapidly. This works on darknet as well as opennet, the difference is on darknet getting a connection to a target node is expensive, requiring e.g. social engineering, remote compromise of the node, or local compromise (e.g. dawn raid). > > And, I'm guessing that this theoretical attack, if it even exists, > would only affect new inserts. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 827 bytes Desc: not available URL: <https://emu.freenetproject.org/pipermail/support/attachments/20090107/8e25eeeb/attachment.pgp>
