On 22/03/14 14:13, Tom Sparks wrote: > > > > > >> On Friday, 21 March 2014 9:55 PM, Matthew Toseland >> <[email protected]> wrote: >>> On 21/03/14 04:42, Steve Dougherty wrote: >>> On Tuesday - March 25th - I have a meeting scheduled with Professor J. >>> Alex Halderman [0] to talk about security and Freenet. He is one of the >>> people behind such research as Green Dam arbitrary code execution, [1] >>> cold boot attacks on disk encryption, [2] and insufficient entropy on >>> embedded systems leading to weak encryption keys. [3] >> Nice. >>> What should I say? I'm planning to mention: >> Bear in mind that nobody, no matter how brilliant, is an expert in >> everything. > that I do agree with > >>> 2) Would it be possible to run a seed node on campus? > your campus IT people well want to terminate the node unless you can prove > that you run it for legal research reasons > >> The only solution other than darknet AFAICS is charging people real >> money (possibly BTC) to join opennet. This would require a much greater >> appeal to start with, and more reliable software. In BTC, the funds (or >> a large part of the funds) would be provably destroyed, possibly with >> the rest going to FPI or a charity chosen from a list (need to make sure >> it doesn't go straight back to the guy trying to exploit announcement!). > paying to access freenet doesn't make sense unless it a private mesh network > and you are paying for the hardware > > I could see a kevin bacon[1] like people becoming Certificate authority That's called darknet. We want people to use darknet. It is dramatically more secure today, much harder to block or identify (especially with steganography), and with some work could provide a really interesting level of security (using the social network to build tunnels). The key point here is your friends don't have to be ultimately trustworthy: On opennet, the attacker can see everyone and choose who to connect to, and can quickly approach a specific target location (a key step in some really hideously bad attacks). On darknet, they have to social engineer you. Which is doable, but it's more costly.
The point is the most powerful known attacks on opennet rely on "Sybil attacks", that is, creating lots of (malicious) nodes, or exploiting announcement protocols to move easily to a targeted location on the network. The best way to beat this is darknet - a friend-to-friend network. If you want a secure opennet, you need some sort of scarce commodity: IP addresses, bandwidth, CPU time, CAPTCHAs, ... And all of these are far cheaper for an attacker than for a normal user. For example, CAPTCHAs can be bought (using human beings to solve them!) for $3 per 1000. CPU time can be obtained very cheaply for an attacker (think GPU mining), but long calculations prior to getting onto Freenet would be a big problem for anyone with a slower computer (which could still run Freenet). Bandwidth is very cheap in bulk; even if you have a really big network, connecting to every node will be cost effective for a semi-serious attacker; and it would be rather complex to use scarcity of IP addresses, and probably to little benefit, as it's likely a serious attacker can get them fairly easily. And so on. The only way to square this circle, apart from darknet, is to charge users real money (possibly as bitcoins) to join the network. But clearly we can't do that just yet. Anyway if you have a proposal for a certificate authority that isn't trivial to exploit and doesn't involve either darknet (connecting to your friends) or spending money, lets hear it. Going to conferences for keysigning etc counts as spending money, and is much less convenient. IMHO short of payment or something even more inconvenient the problem is intractable, if you can solve it you can solve many of the problems with SSL ... cacert.org?? (Actually, if you consider the broader picture, it's worse than that. Most of the plausible attackers in the West beyond the bored student level are already in bed with the NSA, which passes information to regular law enforcement and presumably to corporations, since we know it does economic espionage, and which has hundreds of documented internal abuses, so presumably corporate-level PIs can sometimes get favours ... and we know the NSA can crack almost anything, are more likely to target people using obscure tools, and are willing to attack relatively obscure systems ... there is no hope ... :| And China, Iran, etc, will just block it, even if they have to do traffic flow analysis and accept some collateral damage...)
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Devl mailing list [email protected] https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
