On Sat, Dec 23, 2000 at 08:47:39PM -0800, Mr.Bad wrote:
> So, I've been thinking about the MediaEnforcer thing. I know that
> people seem to believe that it's not justified since the node may not
> have had the document available before the request, but frankly I
> think that's too fine a point for chicken-livered ISPs to grasp, and
> definitely too fine a point for them to stand up for.
>
> The MediaEnforcer attack is typical entrapment. However, we're not
> talking about real cops, we're talking about the shady world of
> corporate terms of service, where the Bill of Rights does not
> apply. As a point of fact, in oppressive regimes someone could get
> shot based on this attack. It's not merely theoretical.
>
> Anyways, here's what I was thinking: I think Brandon is right about
> getting private networks into Fred. But I think there's one more thing
> that would help. I think there may be a good reason to allow nodes to
> only talk to other nodes in a pre-configured list.
>
> This would greatly reduce the danger of attacks like the MediaEnforcer
> one. If my node only talks to nodes owned by people I trust, then I
> don't have to worry that some grunt working for RCA Records is going
> to connect to my node, drag an MP3 from God knows where into it, and
> then get my DSL service disconnected.
This does seem like a reasonable problem to address. However, I don't think that your
solution is necessarily the best solution. Perhapse we should discuss it a little bit
to try to bubble up some solutions. One problem I see is that having a trust list
might cluster nodes too much. It would become a popularity contest. One node has a
reputation for being trustworthy so it has many references, but some new node that is
just as secure can't get any because it is unknown.
Plus we don't know whether that will work in court. Data over the internet passes
through many computers on its way to its destination, and I don't think anyone can
shut down those just because some guy downloaded something from Napster.
> Yes, I'd still be vulnerable to MITM and IP spoofing attacks, or
> sniffing on my ISP's router, but at least it's a step in the right
> direction.
>
> In a super-paranoid world, there'd probably be private networks that
> only trust other cluster computers, and then gateways that trust their
> cluster and a handful of other gateways.
>
> ~Mr. Bad
>
> --
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> /\____/\ Mr. Bad <[EMAIL PROTECTED]>
> \ / Pigdog Journal | http://pigdog.org/ | *Stay*Real*Bad*
> | (X \x)
> ( ((**) "If it's not bad, don't do it.
> \ <vvv> If it's not crazy, don't say it." - Ben Franklin
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
> _______________________________________________
> Freenet-dev mailing list
> [EMAIL PROTECTED]
> http://lists.sourceforge.net/mailman/listinfo/freenet-dev
PGP Key 0x3AFA955A.
