> Right. So assuming people don't run on 19114, harvesting IP addresses from a
> cancer node is the best way to get them.
Best way I am aware of anyway.
> Why will this yield only a small number of addresses? The source address is
> reset randomly, so over the course of many requests, you will have a good
> chance of seeing a new node. Connect to that node, ask for some more keys,
> continue tunneling. What protects against such an attack (within a
> x.0.0.0/8 obviously as source is reset when switch networks)? I sadly can't
> test this theory experimentally for a month or so because I need to buy new
> hdd to fix up my system.
The best protection against this attack is by having so many Freenet nodes
as to make it impossible to aquire a significant number of IP
addresses, and also to try to work for a situation where people cannot
arbitrarily be denied access to the Internet without due-process (ie. a
court case). At this point, the fact that these people are actually
placing the offending content onto people's nodes before trying to shut
them down for it *should* be enough, and will be helped if Freenet is
known to have significant positive applications.
This is a bigger debate than just over Freenet, is it about the status of
Internet access as an essential service.
If there are ways to make it more difficult for people to fish for IP
addresses then I say we go for it - but not if they are damaging to the
Freenet architecture. I honestly don't see any benefit for Brandon's
proposal over just using a Freenet client to connect to a trusted remote
Freenet node.
Ian.
PGP signature
