|
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Matthew Toseland wrote: > On Fri, May 19, 2006 at 10:11:57PM +0200, Helge Preuss wrote: >>>> You're somewhat right about the trouble of getting connected, >>>> while the net is small it'll be hard but as it grow chances >>>> are better that you know someone who also use it. >> Ah, but that's a fundamental problem: As long as you're small, >> it's hard to grow. If you're large, growing is easier (until you >> reach a saturation point, I guess). Still, even if freenet grows, >> there will be many people who don't know anyone with access to it >> (there are still many people around without a GMail invite, too. >> And I dare to predict that freenet never will achieve Google's >> market penetration). At least, there should be some central >> servers to get newbies started. > > There is, in effect. Most people get connections from #freenet-refs > on irc. :( But the hope is that the network will grow organically > once we have a bootstrapping core. I don't see why you pull a face :( there. The only reason I can guess is that you fear the introduction of hostile nodes into the net. You're in danger of connecting to people who might set you up. But this can happen in Real Life too. I don't know any other numbers, but the GDR had over a million secret police agents, with a total population of about 16 million. So there is no guarantee at all that the person you "know", who introduces you to freenet, isn't a government agent (or whoever else is the enemy in your case). Now I haven't thought this through (and I've had a beer in the meantime, so forgive me if I'm being stupid). I only have the tor network as a comparison, and there the introduction of hostile nodes is not a critical blow. True, every malicious node decreases anonymity, but only if every node from the entry to the exit node is hostile, the anonymity is blown. Of course, if there is only one true node left, it might be easy to subpoena it. How vulnerable against hostile nodes is freenet? As a rule of thumb? > >>>> About port scanning you're wrong, freenet use random ports. >>>> And it is planned that it will be possible to use >>>> stegonography later so the trafic would look like a game, >>>> VoIP or video streaming so it'd be harder to automatically >>>> block it. > >> freenet may use random ports, but there still is a protocol >> behind it which can be detected. > >> Using steganography is a nice idea and I'm sure it can protect >> against traffic analysis, but I don't see how it can protect >> against a connection request. Will freenet only accept >> connections from trusted IPs? But then, what about dynamically >> assigned IPs? > > Protecting from a connection attempt is actually very easy with > UDP. It is not possible to get a Freenet node to say *anything* if > you don't have its node reference already. At present, it also has > to have your node reference for connection setup to start; with the > eventual opennet version (yes there will be an opennet version; > opennet ~= freenet 0.5; peers are discovered automatically once > you're on the network), you will only need its noderef. It's harder > to do this on TCP, but still possible if we proxy a legitimate TCP > service such as a web server. > > It may well be possible to detect freenet traffic at a router > level, but this is not the same thing as portscanning; it is FAR > more expensive. And at that point we can indeed have stego. And no, > it can't perfectly protect against traffic analysis. But we can > make a start, and make things difficult for our adversary. After all, I have to admit: I think that's all one can ever hope for. There's no perfect protection. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFEblDDMfG7Vu9K+FQRAtW6AJ0dS13tuDHoxyGEfFoWCMICfpJrEwCfe8cv QuTSinwR9g1ZYTLiHy5N8LQ= =MSnc -----END PGP SIGNATURE----- |
_______________________________________________ chat mailing list chat@freenetproject.org Archived: http://news.gmane.org/gmane.network.freenet.general Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/chat Or mailto:[EMAIL PROTECTED]
