On Fri, May 19, 2006 at 10:11:57PM +0200, Helge Preuss wrote: > > > >> You're somewhat right about the trouble of getting connected, > >> while the net is small it'll be hard but as it grow chances are > >> better that you know someone who also use it. > Ah, but that's a fundamental problem: As long as you're small, it's > hard to grow. If you're large, growing is easier (until you reach a > saturation point, I guess). > Still, even if freenet grows, there will be many people who don't know > anyone with access to it (there are still many people around without a > GMail invite, too. And I dare to predict that freenet never will > achieve Google's market penetration). > At least, there should be some central servers to get newbies started.
There is, in effect. Most people get connections from #freenet-refs on irc. :( But the hope is that the network will grow organically once we have a bootstrapping core. > >> About port scanning you're wrong, freenet use random ports. > > > >> And it is planned that it will be possible to use stegonography > >> later so the trafic would look like a game, VoIP or video > >> streaming so it'd be harder to automatically block it. > freenet may use random ports, but there still is a protocol behind it > which can be detected. > Using steganography is a nice idea and I'm sure it can protect against > traffic analysis, but I don't see how it can protect against a > connection request. Will freenet only accept connections from trusted > IPs? But then, what about dynamically assigned IPs? Protecting from a connection attempt is actually very easy with UDP. It is not possible to get a Freenet node to say *anything* if you don't have its node reference already. At present, it also has to have your node reference for connection setup to start; with the eventual opennet version (yes there will be an opennet version; opennet ~= freenet 0.5; peers are discovered automatically once you're on the network), you will only need its noderef. It's harder to do this on TCP, but still possible if we proxy a legitimate TCP service such as a web server. It may well be possible to detect freenet traffic at a router level, but this is not the same thing as portscanning; it is FAR more expensive. And at that point we can indeed have stego. And no, it can't perfectly protect against traffic analysis. But we can make a start, and make things difficult for our adversary. -- Matthew J Toseland - [EMAIL PROTECTED] Freenet Project Official Codemonkey - http://freenetproject.org/ ICTHUS - Nothing is impossible. Our Boss says so.
signature.asc
Description: Digital signature
_______________________________________________ chat mailing list chat@freenetproject.org Archived: http://news.gmane.org/gmane.network.freenet.general Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/chat Or mailto:[EMAIL PROTECTED]
