Send Devl mailing list submissions to
devl at freenetproject.org
To subscribe or unsubscribe via the World Wide Web, visit
http://www.uprizer.com/mailman/listinfo/devl
or, via email, send a message with subject or body 'help' to
devl-request at freenetproject.org
You can reach the person managing the list at
devl-admin at freenetproject.org
When replying, please edit your Subject line so it is more specific
than "Re: Contents of Devl digest..."
Today's Topics:
1. Re: Killing Freenet (Re: [freenet-devl] Aardvark) (Oskar Sandberg)
2. Re: Announcement Protocol (Tavin Cole)
3. Re: Announcement Protocol (Oskar Sandberg)
4. HAR! (Mr.Bad)
5. Re: List gone quiet (Tavin Cole)
6. Re: Announcement Protocol (Tavin Cole)
7. Re: Aardvark (Tavin Cole)
8. Re: Aardvark (Scott G. Miller)
9. Re: Aardvark (Tavin Cole)
10. Re: Killing Freenet (Re: [freenet-devl] Aardvark) (Tavin Cole)
11. Re: Killing Freenet (Re: [freenet-devl] Aardvark) (Scott G. Miller)
12. Re: Killing Freenet (Re: [freenet-devl] Aardvark) (Adam Langley)
13. Re: Aardvark (Chris Anderson)
--__--__--
Message: 1
Date: Sat, 3 Feb 2001 18:42:22 +0100
From: Oskar Sandberg <[email protected]>
To: devl at freenetproject.org
Subject: Re: Killing Freenet (Re: [freenet-devl] Aardvark)
Reply-To: devl at freenetproject.org
On Sat, Feb 03, 2001 at 08:55:37AM -0800, Mr.Bad wrote:
> >>>>> "OS" == Oskar Sandberg <md98-osa at nada.kth.se> writes:
>
> OS> And for people who talk to try to have a clue what they are
> OS> talking about...
>
> Hey, Oskar: there's only one Oskar. If you're going to do this work
> and have other people help out, you're going to deal with a lot of
> people who don't know as much about it as you do.
>
> If I'm the worst you have to deal with, you'll be pretty lucky.
You were the one complaining, not me.
--
'DeCSS would be fine. Where is it?'
'Here,' Montag touched his head.
'Ah,' Granger smiled and nodded.
Oskar Sandberg
md98-osa at nada.kth.se
--__--__--
Message: 2
Date: Sat, 3 Feb 2001 12:42:45 -0500
From: Tavin Cole <[email protected]>
To: devl at freenetproject.org
Subject: Re: [freenet-devl] Announcement Protocol
Reply-To: devl at freenetproject.org
On Sat, Feb 03, 2001 at 11:10:20AM -0500, Chris Anderson wrote:
> On Sat, Feb 03, 2001, Oskar Sandberg wrote:
> >
> > 1) In our version, Alice has to trust that Bob is a legitimate
> > node, but Bob does not even have to know who Alice is. Freenet
> > nodes should (for obvious reasons) not be handing out lists of
> > their references to just anybody, so for Bob to give Alice a bunch
> > of references he has to have reason to trust Alice - and not just
> > to be a legitimate node, but to being somebody who is capable of
> > keeping this information secret (and either way, when Alice
> > proceeds to make the announcement there is a leak, at least to
> > traffic analysis, exactly what references Bob had).
>
> Am I misunderstanding? Isn't the purpose of the Announcement
> protocol to seed Alice with references to other nodes, regardless of
> Alice's evilness? How can you stop evil Alice from Announcing
> to every new freenet node she finds, culling lots of references?
By virtue of the fact that nodes will reject announcements if they
have any previous knowledge of Alice. She can do this a limited
number of times.
--
// Tavin Cole
--__--__--
Message: 3
Date: Sat, 3 Feb 2001 18:51:33 +0100
From: Oskar Sandberg <[email protected]>
To: devl at freenetproject.org
Subject: Re: [freenet-devl] Announcement Protocol
Reply-To: devl at freenetproject.org
On Sat, Feb 03, 2001 at 12:42:45PM -0500, Tavin Cole wrote:
< >
> > Am I misunderstanding? Isn't the purpose of the Announcement
> > protocol to seed Alice with references to other nodes, regardless of
> > Alice's evilness? How can you stop evil Alice from Announcing
> > to every new freenet node she finds, culling lots of references?
>
> By virtue of the fact that nodes will reject announcements if they
> have any previous knowledge of Alice. She can do this a limited
> number of times.
I think that besides the normal FAQ, we need a page with a couple of
axioms of free networks. I think #1 will be: Negative filtering doesn't
work.
Remember: Alice can generate a million different identities if it pleases
her.
--
'DeCSS would be fine. Where is it?'
'Here,' Montag touched his head.
'Ah,' Granger smiled and nodded.
Oskar Sandberg
md98-osa at nada.kth.se
--__--__--
Message: 4
To: devl at freenetproject.org
From: Mr.Bad <[email protected]>
Organization: Pigdog Journal
Date: 03 Feb 2001 09:51:37 -0800
Subject: [freenet-devl] HAR!
Reply-To: devl at freenetproject.org
OK, whoever updated KSK at KeyIndex.txt -- very clever. *I* am definitely
convinced.
~Mr. Bad
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/\____/\ Mr. Bad <mr.bad at pigdog.org>
\ / Pigdog Journal | http://pigdog.org/ | *Stay*Real*Bad*
| (X \x)
( ((**) "If it's not bad, don't do it.
\ <vvv> If it's not crazy, don't say it." - Ben Franklin
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
--__--__--
Message: 5
Date: Sat, 3 Feb 2001 12:53:20 -0500
From: Tavin Cole <[email protected]>
To: devl at freenetproject.org
Subject: Re: [freenet-devl] List gone quiet
Reply-To: devl at freenetproject.org
On Sat, Feb 03, 2001 at 12:35:39PM -0500, Gianni Johansson wrote:
> On Friday 02 February 2001 22:12, you wrote:
>
> > > Hey, why don't we turn the filter on? I haven't heard a bug report in
> > ages.
> >
> I second this.
>
> I haven't seen any bugs either. Even if there are some, we should get the
> filter out into wider use (with the appropriate warnings and caveats) so that
> we find them.
>
> If people have objections could they please provide specific examples of
> known exploits. Not just generic complaints that "filtering is inherently
> difficult and imperfect so we shouldn't have any filtering" which is sort of
> equivalent to "I can easily open the door to your house with 1kg of plastic
> explosives, so it's stupid for you to put a lock on it."
Why don't I just come up with an exploit (damn, I can't use the meta-refresh
thing anymore, I already mentioned that) and quietly gather IP addresses awhile,
then once I have a list of people who've accessed documents about, say, how
to manufacture some kind of illegal drug, I'll just let the police announce
the exploit on my behalf.
--
// Tavin Cole
--__--__--
Message: 6
Date: Sat, 3 Feb 2001 12:54:43 -0500
From: Tavin Cole <[email protected]>
To: devl at freenetproject.org
Subject: Re: [freenet-devl] Announcement Protocol
Reply-To: devl at freenetproject.org
On Sat, Feb 03, 2001 at 06:51:33PM +0100, Oskar Sandberg wrote:
> On Sat, Feb 03, 2001 at 12:42:45PM -0500, Tavin Cole wrote:
> < >
> > > Am I misunderstanding? Isn't the purpose of the Announcement
> > > protocol to seed Alice with references to other nodes, regardless of
> > > Alice's evilness? How can you stop evil Alice from Announcing
> > > to every new freenet node she finds, culling lots of references?
> >
> > By virtue of the fact that nodes will reject announcements if they
> > have any previous knowledge of Alice. She can do this a limited
> > number of times.
>
> I think that besides the normal FAQ, we need a page with a couple of
> axioms of free networks. I think #1 will be: Negative filtering doesn't
> work.
>
> Remember: Alice can generate a million different identities if it pleases
> her.
Oh yeah, duh. Reply in haste, regret in leisure..
--
// Tavin Cole
--__--__--
Message: 7
Date: Sat, 3 Feb 2001 12:57:46 -0500
From: Tavin Cole <[email protected]>
To: devl at freenetproject.org
Subject: Re: [freenet-devl] Aardvark
Reply-To: devl at freenetproject.org
On Sat, Feb 03, 2001 at 10:36:15AM -0500, Chris Anderson wrote:
> On Sat, 03 Feb 2001, Peter Todd wrote:
>
> > On Sat, 03 Feb 2001, you wrote:
> >
> > > > Your absolutely correct and are in fact backing up my position.
> > > > I was just clarifying the point, but I entirely agree. KSKs are
> > > > bad. *Baaaad*. When you're about to use a KSK, ask yourself
> > > > three questions:
> > > >
> > > > 1) Do I need a KSK?
> > > > 2) Really?
> > > > 3) Repeat question 1
> > >
> > > If KSK's are so evil as to give the impression that they are a
> > > stable way of adding content to freenet, why not change their
> > > behavior... Instead of propagating the old KSK value when a
> > > collision happens, propagate the new value. For example, if I
> > > insert my KSK at robots.txt, it will overwrite any robots.txt that
> > > already exists instead of propagating the existing one.
> >
> > But then you would end up with people constantly trying to kill
> > each others KSK's. Not good.
>
> If a node really wanted it's robots.txt to survive, it could refuse
> the insert request.
Since when do nodes get to know the plaintext of their KSKs, let alone
make decisions about how to treat them? That's called an attack.
--
// Tavin Cole
--__--__--
Message: 8
Date: Sat, 3 Feb 2001 12:59:57 -0500
To: devl at freenetproject.org
Subject: Re: [freenet-devl] Aardvark
From: "Scott G. Miller" <[email protected]>
Reply-To: devl at freenetproject.org
--EVF5PPMfhYS0aIcm
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Sat, Feb 03, 2001 at 12:17:43PM -0500, Chris Anderson wrote:
> On Fri, 2 Feb 2001, Scott G. Miller wrote:
>=20
> > On Sat, Feb 03, 2001 at 10:08:14AM -0500, Chris Anderson wrote:
> >
> > > If KSK's are so evil as to give the impression that they are a
> > > stable way of adding content to freenet, why not change their
> > > behavior... Instead of propagating the old KSK value when a
> > > collision happens, propagate the new value. For example, if I
> > > insert my KSK at robots.txt, it will overwrite any robots.txt that
> > > already exists instead of propagating the existing one.
> >
> > How the fuck would that help? Besides completely remove any
> > smidgen of usefulness they do have.
>=20
> They seem redundent at the moment. I could use an SSK with a ascii
> derived private key for the same thing as a KSK. A KSK that
> overwrites other KSKs is like a freenet shout or an advertisement.
Maybe, except that the node doesnt really care about KSKs, and
implementing this (weird) behavior would mean that it would.
--EVF5PPMfhYS0aIcm
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE6fEcdr9IW4v3mHtQRAqQuAKCE07xOUH/34FRUoTGzPdFU44gSPACfRlsm
osmc3Mdhl7tD3cJAKiVNZMU=
=hH6E
-----END PGP SIGNATURE-----
--EVF5PPMfhYS0aIcm--
--__--__--
Message: 9
Date: Sat, 3 Feb 2001 13:03:10 -0500
From: Tavin Cole <[email protected]>
To: devl at freenetproject.org
Subject: Re: [freenet-devl] Aardvark
Reply-To: devl at freenetproject.org
On Sat, Feb 03, 2001 at 12:59:57PM -0500, Scott G. Miller wrote:
> On Sat, Feb 03, 2001 at 12:17:43PM -0500, Chris Anderson wrote:
> > On Fri, 2 Feb 2001, Scott G. Miller wrote:
> >
> > > On Sat, Feb 03, 2001 at 10:08:14AM -0500, Chris Anderson wrote:
> > >
> > > > If KSK's are so evil as to give the impression that they are a
> > > > stable way of adding content to freenet, why not change their
> > > > behavior... Instead of propagating the old KSK value when a
> > > > collision happens, propagate the new value. For example, if I
> > > > insert my KSK at robots.txt, it will overwrite any robots.txt that
> > > > already exists instead of propagating the existing one.
> > >
> > > How the fuck would that help? Besides completely remove any
> > > smidgen of usefulness they do have.
> >
> > They seem redundent at the moment. I could use an SSK with a ascii
> > derived private key for the same thing as a KSK. A KSK that
> > overwrites other KSKs is like a freenet shout or an advertisement.
> Maybe, except that the node doesnt really care about KSKs, and
> implementing this (weird) behavior would mean that it would.
Unless it were a natural side effect of an updating mechanism for
SVKs.
--
// Tavin Cole
--__--__--
Message: 10
Date: Sat, 3 Feb 2001 13:08:52 -0500
From: Tavin Cole <[email protected]>
To: devl at freenetproject.org
Subject: Re: Killing Freenet (Re: [freenet-devl] Aardvark)
Reply-To: devl at freenetproject.org
On Sat, Feb 03, 2001 at 04:55:13PM +0100, Oskar Sandberg wrote:
> On Sat, Feb 03, 2001 at 10:41:43AM -0500, Peter Todd wrote:
> > On Sat, 03 Feb 2001, you wrote:
> > > > Is it actually 5 seconds? The default is 2000 miliseconds, 2 seconds
> > > > right? Anyway I just set my timeout on my node to 5000 miliseconds to
> > > > see what will happen.
> > >
> > > static public final int defaultConnectTimeout = 30000;
> > >
> > > So actually the default in 30 seconds...
> >
> > Doesn't that get set to the value of connectTimeout in .freenetrc?
> > The default, IE the value the .freenetrc in the tarball is set to,
> > connectTimeout there is 2000
>
> Well, Setup.java says:
>
> public static void setParamConnectTimeout() {
> String id = "connectTimeout";
> expComment("How long to wait to connect to a host before giving up
> (in milliseconds)");
> long l = params.getlong(id,Core.defaultConnectTimeout);
> if (expert)
> l = getNumber("?",l);
> out.println(id+ "=" + l);
> }
>
> I'm assuming that the first time this is run the params object is empty...
Remember what I was saying about how we need to abolish sample.freenetrc and
force everyone to use the configurer?
--
// Tavin Cole
--__--__--
Message: 11
Date: Sat, 3 Feb 2001 13:09:36 -0500
To: devl at freenetproject.org
Subject: Re: Killing Freenet (Re: [freenet-devl] Aardvark)
From: "Scott G. Miller" <[email protected]>
Reply-To: devl at freenetproject.org
--61jdw2sOBCFtR2d/
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Sat, Feb 03, 2001 at 06:21:44PM +0100, Sebastian Spaeth wrote:
> "Scott G. Miller" wrote:
> > > It would be interesting to see what the exception that causes the rem=
oval
> > > is. Are we failing to connect (maybe we need to increase the connect
> > > timeout, our arbitrary cutoff after 5 seconds when I believe the TCP =
says
> > > two minutes is somewhat shaky), are we failing to get responses back
> > > from nodes we send to, or is the authentication not working, or what?
> >=20
> > Like I've said many times before, its too damned harsh to remove a node
> > from the datastore for failing to connect once. Freenet should be able=
to
> > tolerate a node disappearing for an hour or two now and then. I really
> > think we should implement the decayed contact heuristic.
>=20
> I second that. I like agl's implementation which will ignore all
> references to a node for a certain time if not reachable, enlarging the
> ignore phase every time, until it is totally dropped in the end (if I
> understood his scheme correct).
Thats essentially what I proposed months ago, it works by having a
probability of contact, that starts out at 1.0. If you fail to contact
them, you divide it by some constant, say 2.
When you look for a reference next time, you accept it if some random
number between 0 and 1 is less than that number. So after one failed
connect, there is a 50% chance of picking that reference. After two
failed connects, 25%, etc. When its below say 10% you drop the reference
(or not, more in a sec). When you do connect to a node, either reset it
to 1.0 or double it, depending on how much you trust the
reliability. Thats a tossup.
Since this is a Datastore issue (in finding references), you could not
ever drop the reference, but when you need to drop a reference and your
deciding between two references, pick the one with the lowest reliability
factor.
> How about adding "backup references" when a node comes across an other
> data source reference for a key that it already knows. It could hold up
> to two or three references for a key, using the backup references only
> when the primary node is not reachable. This way it wouldn't hurt the
> routing system, I guess.
Thats overly complicated.
--61jdw2sOBCFtR2d/
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE6fElgr9IW4v3mHtQRAsxnAJ9u2/s02puMMwxAEJtUbL+RTef+UwCdHtnK
MPVMEAlONNZg9jSAmk5keRc=
=VhmE
-----END PGP SIGNATURE-----
--61jdw2sOBCFtR2d/--
--__--__--
Message: 12
Date: Sat, 3 Feb 2001 18:21:35 +0000
From: Adam Langley <[email protected]>
To: devl at freenetproject.org
Subject: Re: Killing Freenet (Re: [freenet-devl] Aardvark)
Reply-To: devl at freenetproject.org
--1UWUbFP1cBYEclgG
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Sat, Feb 03, 2001 at 06:21:44PM +0100, Sebastian Spaeth wrote:
> I second that. I like agl's implementation which will ignore all
> references to a node for a certain time if not reachable, enlarging the
> ignore phase every time, until it is totally dropped in the end (if I
> understood his scheme correct).
Sounds like you did.
> How about adding "backup references" when a node comes across an other
> data source reference for a key that it already knows. It could hold up
> to two or three references for a key, using the backup references only
> when the primary node is not reachable. This way it wouldn't hurt the
> routing system, I guess.
That's a big change to the DataStore. I'm not going to comment
until I've had a chance to think about it.
AGL
--=20
90% of generation[x] will always think that generation[x+2] are too liberal.
--1UWUbFP1cBYEclgG
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iEYEARECAAYFAjp8TC8ACgkQzaVS3yy2PWC6swCfT0W7oTMyAFwfhwKy4qNPtNnH
BjgAninHhKvBj7DrAB8KjgBFJ/aqyKFd
=tm9C
-----END PGP SIGNATURE-----
--1UWUbFP1cBYEclgG--
--__--__--
Message: 13
Date: Sat, 3 Feb 2001 13:10:48 -0500 (EST)
From: Chris Anderson <[email protected]>
To: devl at freenetproject.org
Subject: Re: [freenet-devl] Aardvark
Reply-To: devl at freenetproject.org
On Sat, Feb 03, 2001, Tavin Cole wrote:
> Since when do nodes get to know the plaintext of their KSKs, let
> alone make decisions about how to treat them? That's called an
> attack.
Hey, it's my node... If I want to be stupid, nobody can stop me.
Since a client and a node are not distinguishable, there is no reason
a node can't know the plaintext of it's data. Encryption does
degrade the speed of the local node's data by about 200X, one way to
speed it up is to cache the plaintext or get rid of local encryption all
together for transient nodes.
--__--__--
_______________________________________________
Devl mailing list
Devl at freenetproject.org
http://www.uprizer.com/mailman/listinfo/devl
End of Devl Digest
