Brandon wrote on 12/25/00 11:41 pm:
>If you have the resources to
>port scan blocks of IPs (which
>I think is a reasonable power
>to give a theoretical
>attacker) then you can't
>make node fishing less
>effective. I stand by my
>position that the option to
>reject unknown connections
>is the only way to combat
>this attack and that it will
>not break Freenet.
I beleive it was Travis who pointed out that such port scan
would make for lots of mad sys admins, most of whom have
never touched Freenet. So such a form of node fishing is unlikely
to be implemented. Even if it were, it would get them in lots of
troubble. This means they have problems even finding a node
in the first place without using the crutch of inform.php. The only
other way to go node fishing is for themselves to run nodes and
gather IPs and ports that run across it and then check those for
'evil' content. This will yield only a small fraction of nodes and
would only be worth the effort for the potential PR. Additionaly,
as has been brought out before, the only way you can be
sure of 'evil' stuff being on an arbitrary node before you requested
it is to set HTL to 1. This is easily fixed with a probability that
the HTL will not be decremented.
After those few changes outlined above are added, it will
probably be settled in a court case. MediaEnforcer will be there
trying to explain how placing 'illegal' content on people's computers
and then getting them banned from their ISP isn't entrapment.
In the audiance (trying to keep their pants dry listening to
the MediaEnforcer people) will be RMS, ESR, John Perry Barrlow, and
Emmanual Goldstein, with EFF lawyers at Freenet's aid.
Timm Murray
-----------
Microsoft: Re-inventing square wheels
_______________________________________________
Freenet-dev mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/mailman/listinfo/freenet-dev
