>
> I think that it is *very* unlikely that this would be achieved by
> port-scanning (do you know how long a port-scan would take over a 56k
> modem, particluarly where a DH key-exchange must be attempted for each
> port?). Additionally, with the introduction of Public-key crypto, a port
> scan would not be able to confirm the presence of a Freenet node without
> the appropriate public key! Much more likely that they would just run a
> Freenet node and harvest IP addresses from it.
Correct. Once we hit 0.4, an attacker has to know the public key of the
node its connecting to in order to connect. So blindly searching for
Freenet nodes doesnt work without being *in* the network.
> I stick to my position - in a proper Freenet it will be *impossible* to
> prevent people from fishing for IP addresses, although they will have
> little or no control over which IP addresses they "catch". The point is
> that it should be difficult for them to shut down an arbitrary node once
> they have found it, and the best way to do this is to have Freenet so
> widely deployed that there is a higher possibility of getting hit by
> lightening than someone with the power to shut down your node actually
> finding your IP address.
Gabby Johnsons right. Freenet is not about control. Its about
eliminating it. Its supposed to work by having strength in numbers and
trust in no one.
PGP signature
