-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> > > The question is what tool offers the most resistance given equal
> > > amounts of effort being expended to attack them.
>
> Its not just an interesting question, its the fundamental question
> for anyone designing an anonymity tool.
Only if you're ignoring the context within which the tool operates -
you need to take into consideration the practical constraints we call
reality. Its the same as arguing whether SCSI or IDE is better when
the user is transferring data over a modem - its entirely academic.
> > Equal amounts of effort will not be expended to attack all things,
> > only those things that are valuable enough. Using many different
> > "primitive" techniques keeps the value of individual attacks down,
> > while using one big "high tech" tool puts everything in one basket,
> > making it worth attacking.
> This logic doesn't make sense. Can you explain it in terms of real-
> world examples?
Ok, let me try putting it into a narrative for you.
Today, only a very limited amount of resources in the law enforcement
and intelligence community is being spent to break Freenet. Why? Do
they think they can't break it, that its too secure? No. They just
don't bother, because it isn't worth their time. Yes, there are
likely some violations going on that could be lead to convictions,
but the cost of looking into the technology, mounting the required
attacks, and prosecuting the violators exceeds the perceived value
of ending the violations.
Now lets look forward a few years and assume the technology goes
well - thousands upon thousands (or maybe millions) of people are
using Freenet in a hostile regime. They are using it to speak freely
with their compatriots, to spread news to people abroad, and to
access normally censored information. The power of free speech is
clear to the people using Freenet, but it also becomes clear to the
people who would be threatened by such speech [1]. The hostile
governments then task their intelligence and law enforcement agencies
to put their considerable weight into breaking it - the cost of
looking into the technology, mounting the required attacks, and
prosecuting no longer exceeds the perceived value of ending the
violations. After investing the required resources, the attacks are
able to identify violators (aka users) on a wide scale, essentially
ending Freenet for users in the hostile regime and causing the
prosecution of some portion of the users.
On the other hand, rather than building One Big Solution for
supporting free speech in hostile regimes, if many different,
small scale methods were used, the threshold for the government
to go out and task the intelligence and law enforcement agencies
to attack any of the individual methods would never be crossed -
shutting down 50 people using radios in one region has no effect
upon another 75 people using coded messages in adverts, and has
no effect upon another 30 people hiding messages in purchase
orders, and has no effect upon another 80 people hiding newspapers
inside food packaging, ad nauseum.
The cost of mounting the attacks never reaches the value of
shutting down the targets of the attacks. As such, the government
would not expend substantial effort to do so. Yes, periodically
some of them would be attacked through simpler means, but how those
"primitive" techniques hold up to the same level of attack that a
successful Freenet would face is irrelevent, as they would never
face that.
Which is exactly what I said -
> > Using many different "primitive" techniques keeps the value of
> > individual attacks down, while using one big "high tech" tool puts
> > everything in one basket, making it worth attacking.
One Big System which will not withstand focused attack is less secure
than many small systems, even if each of those small systems would
not be able to withstand the same level of attack.
Make sense?
[1] Two alternate results:
A) users overthrow their government when empowered sufficiently
(I wouldn't count on this)
B) users don't care and go about their business as before
(I don't think this would be the case)
> Why don't you ask a Chinese dissident whether they would prefer
> us to work on an impractical but "perfect" system based on
> steganography, or a system that would be useful for all practical
> purposes in the near-term.
In the near term, Freenet will operate on the small scale (from the
government's perspective), so it will work fine, since it won't be
attacked. This would be good, as it would help individuals who
need help. Freenet 0.5 meets this need too, and would 0.3. WASTE
would probably be better though, as it has much less overhead.
However, if Freenet grows to match the claim of a "globally scalable
darknet", or maybe even if it just garners enough press for people
to think it does, it would then become worth attacking, and hence,
*less secure* than if it didn't grow.
=jr
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQFDSuf8WYfZ3rPnHH0RAvUwAKCDh/V3qI9T04egRmTtWrSdGoNyZwCdGa53
oAkseslsbDenmcMP49LznH4=
=sqqP
-----END PGP SIGNATURE-----
