[freenet-support] 0.7 Censorship attack
On 9/23/06, an ominous cow herd wrote: > On Saturday 23 September 2006 09:50, nobody at geonosis.homelinux.net wrote: > > This is a Type III anonymous message, sent to you by the Winston Smith > > Project Geonosis mixminion server at geonosis.winstonsmith.info. If > > you do not want to receive anonymous messages, please contact pbox- > > admin at winstonsmith.info. For information about anonymity, see > > https://www.winstonsmith.info/pws or > > https://e-privacy.firenze.linux.it. > > > > -BEGIN TYPE III ANONYMOUS MESSAGE- > > Message-type: plaintext > > > > In <20060918233820.GA27941 at amphibian.dyndns.org> toad > wrote: > > >On Mon, Sep 18, 2006 at 02:10:57PM +0100, Volodya wrote: > > >> Lars Juel Nielsen wrote: > > >> > On 9/11/06, anon-bounces at deuxpi.ca > > >> > wrote: > > >> >> -BEGIN TYPE III ANONYMOUS MESSAGE- > > >> >> Message-type: plaintext > > >> >> > > >> >> I read this on frost recently. How is this best addressed? > > >> >> > > >> >> - - Scruple at rJvWGdrEj1YOqt_TMc7Wyl01t2Q - 2006.08.29 - > > >> >> 05:47:35GMT - > > >> >> > > >> >> Someone brought up the point in the boards board that your peers > > >> >> (e.g. 'friends' on 0.7) can see what you are requesting and > > >> >> inserting. I responded that this may be an avenue of attack against > > >> >> dark-net since if something 'naughty' is being requested then your > > >> >> peers will know it is either coming from you or one of your friend > > >> >> nodes. In either case thats bad news if you have something > > >> >> contraversial or 'naughty' to say - your 'friends' on the darknet > > >> >> could ask you to sever your connection with the node that's doing the > > >> >> naughty requesting, or demand to know which node is doing it of yours > > >> >> and try to track it themselves. > > >> >> > > >> >> I'll be posting this attack message on the devl and tech mailing > > >> >> lists soon. If you have any points to make then do it here, and I'll > > >> >> incorporate it into my post (this will be like a draft then). > > >> > > > >> > Premix routing, planned for 0.8. > > >> > > >> Yep, unfortunately anything short of premix will be a hack and not solve > > >> the problem. > > > > > >Maybe. There are a few hacks that would give *some* plausible > > >deniability... Well, you have some plausible deniability *now*, but > > >nothing that would stand up to a statistical attack... > > > > So essentially, if I'm looking for anonymity that can stand up to a serious > > attacker that has access to anything 2.5 billion dollars can buy, then I'd > > be better off using 0.5 for now insted of 0.7. > > > > Thank you for making that clear. I have large (2 to 20gb) files to > > distribute (no, they're not cp), that I must have very good plausible > > deniability and be able to stand up to at least a statistical attack like > > you're talking about. > > > > BTW- I read in a msg on Frost that 0.7 is speed limited to 10mb per day to > > make it more difficult for people to insert large, possibly copyrighted or > > cp binaries. Is this for real or does that poster not know what they're > > talking about? > > > > If for example only, I start an 0.7 node and begin to insert warez and cp, > > am I anonymous enough even from my peers to be safe or will the feds come > > knocking my door down? > > > > [remembering that free speech includes allowing stuff you abhor as well as > > what you agree with.] > > I find it funny that all of these 0.7 users are saying that the 0.7 network is > better and more secure than the 0.5 network. They say this even while we see > these warnings about critical bug fixes, peers in the 0.7 network being able > to monitor what comes from your node, and the IRC channels where people trade > references could have cops monitoring or actively trading these references. > Now you mention that there is a cap on bandwidth. WTF? 0.5 got pretty much the same security problems as 0.7 do and there is no cap on bandwidth, toad denied it in the a reply to the mail you replied to and I can confirm it as an user too, it may be slow but it's faster than 0.5, retain content better and there is no cap that I've run into yet. There is still work to be done on speeding it up but the current speed limit(whatever it is) is not intentional. > > This is why I'm staying with the 0.5 network until either 0.7 becomes useful, > or another anonymous network (ANts http://antsp2p.sourceforge.net/) > surpasses the 0.5 network in usability, popularity, and security. > > It would be sad to see Freenet become just a footnote in the computer > chronicles while other anonymous networks become more popular and Freenet > loses it's user base. Maybe some Chinese Christian dissident will use it to > speak freely, but it won't matter much if there is no one to listen. > > > > > > - Anonymous - 2006.08.27 - 20:09:01GMT - > > > > > > The ref doesn't change if your IP changes. Or rather it does change but > > > is still
[freenet-support] 0.7 Censorship attack
--- an ominous cow herd wrote: > On Saturday 23 September 2006 09:50, > nobody at geonosis.homelinux.net wrote: > > This is a Type III anonymous message, sent to you > by the Winston Smith > > Project Geonosis mixminion server at > geonosis.winstonsmith.info. If > > you do not want to receive anonymous messages, > please contact pbox- > > admin at winstonsmith.info. For information about > anonymity, see > > https://www.winstonsmith.info/pws or > > https://e-privacy.firenze.linux.it. > > > > -BEGIN TYPE III ANONYMOUS MESSAGE- > > Message-type: plaintext > > > > In <20060918233820.GA27941 at amphibian.dyndns.org> > toad > wrote: > > >On Mon, Sep 18, 2006 at 02:10:57PM +0100, Volodya > wrote: > > >> Lars Juel Nielsen wrote: > > >> > On 9/11/06, anon-bounces at deuxpi.ca > wrote: > > >> >> -BEGIN TYPE III ANONYMOUS MESSAGE- > > >> >> Message-type: plaintext > > >> >> > > >> >> I read this on frost recently. How is this > best addressed? > > >> >> > > >> >> - - Scruple at rJvWGdrEj1YOqt_TMc7Wyl01t2Q > - 2006.08.29 - > > >> >> 05:47:35GMT - > > >> >> > > >> >> Someone brought up the point in the boards > board that your peers > > >> >> (e.g. 'friends' on 0.7) can see what you are > requesting and > > >> >> inserting. I responded that this may be an > avenue of attack against > > >> >> dark-net since if something 'naughty' is > being requested then your > > >> >> peers will know it is either coming from you > or one of your friend > > >> >> nodes. In either case thats bad news if you > have something > > >> >> contraversial or 'naughty' to say - your > 'friends' on the darknet > > >> >> could ask you to sever your connection with > the node that's doing the > > >> >> naughty requesting, or demand to know which > node is doing it of yours > > >> >> and try to track it themselves. > > >> >> > > >> >> I'll be posting this attack message on the > devl and tech mailing > > >> >> lists soon. If you have any points to make > then do it here, and I'll > > >> >> incorporate it into my post (this will be > like a draft then). > > >> > > > >> > Premix routing, planned for 0.8. > > >> > > >> Yep, unfortunately anything short of premix > will be a hack and not solve > > >> the problem. > > > > > >Maybe. There are a few hacks that would give > *some* plausible > > >deniability... Well, you have some plausible > deniability *now*, but > > >nothing that would stand up to a statistical > attack... > > > > So essentially, if I'm looking for anonymity that > can stand up to a serious > > attacker that has access to anything 2.5 billion > dollars can buy, then I'd > > be better off using 0.5 for now insted of 0.7. > > > > Thank you for making that clear. I have large (2 > to 20gb) files to > > distribute (no, they're not cp), that I must have > very good plausible > > deniability and be able to stand up to at least a > statistical attack like > > you're talking about. > > > > BTW- I read in a msg on Frost that 0.7 is speed > limited to 10mb per day to > > make it more difficult for people to insert large, > possibly copyrighted or > > cp binaries. Is this for real or does that poster > not know what they're > > talking about? > > > > If for example only, I start an 0.7 node and begin > to insert warez and cp, > > am I anonymous enough even from my peers to be > safe or will the feds come > > knocking my door down? > > > > [remembering that free speech includes allowing > stuff you abhor as well as > > what you agree with.] > > I find it funny that all of these 0.7 users are > saying that the 0.7 network is > better and more secure than the 0.5 network. They > say this even while we see > these warnings about critical bug fixes, peers in > the 0.7 network being able > to monitor what comes from your node, and the IRC > channels where people trade > references could have cops monitoring or actively > trading these references. > Now you mention that there is a cap on bandwidth. > WTF? > > This is why I'm staying with the 0.5 network until > either 0.7 becomes useful, > or another anonymous network (ANts > http://antsp2p.sourceforge.net/) > surpasses the 0.5 network in usability, popularity, > and security. > > It would be sad to see Freenet become just a > footnote in the computer > chronicles while other anonymous networks become > more popular and Freenet > loses it's user base. Maybe some Chinese Christian > dissident will use it to > speak freely, but it won't matter much if there is > no one to listen. > and what's the plus'es of AntsP2P over Mute-Net?... > > > > > - Anonymous - 2006.08.27 - 20:09:01GMT > - > > > > > > The ref doesn't change if your IP changes. Or > rather it does change but > > > is still compatible, even toad and ian aren't > that insane... You could > > > also use a dyndns name or something similiar. I > currently run 0.5 and 0.7 > > > at the same time, 0.7 doesn't use much bandwidth > anyway. (You can't get > > > it to use more then 10
All this nonsense against 0.7 was Re: [freenet-support] 0.7 Censorship attack
On Sat, Sep 23, 2006 at 10:45:57AM -0700, an ominous cow herd wrote: > I find it funny that all of these 0.7 users are saying that the 0.7 network > is > better and more secure than the 0.5 network. They say this even while we see > these warnings about critical bug fixes, peers in the 0.7 network being able > to monitor what comes from your node, and the IRC channels where people trade > references could have cops monitoring or actively trading these references. > Now you mention that there is a cap on bandwidth. WTF? > > This is why I'm staying with the 0.5 network until either 0.7 becomes useful, > or another anonymous network (ANts http://antsp2p.sourceforge.net/) > surpasses the 0.5 network in usability, popularity, and security. > > It would be sad to see Freenet become just a footnote in the computer > chronicles while other anonymous networks become more popular and Freenet > loses it's user base. Maybe some Chinese Christian dissident will use it to > speak freely, but it won't matter much if there is no one to listen. I'm half inclined to believe that there's a deliberate propaganda campaign against Freenet 0.7... Here's what I said on the tech list: --- The 10MB limit is nonsense; there is no such code. And correlation attacks are feasible on 0.5 as well as on 0.7. It's a bit more complex on 0.5, but I'm not sure that it requires any more effort. And on 0.7 you get to choose your peers; on 0.5 a clever peer can choose you (possibly as part of a network-wide campaign to connect to everyone in order to monitor everyone). 0.7 does have some security issues certainly, but overall I'm not sure that 0.5 is any better. Anyway, read the security page on the wiki. --- For anyone listening who can't be bothered to look up the security page on the wiki, here it is: http://wiki.freenetproject.org/FreenetZeroPointSevenSecurity The short version: - Correlation attacks are possible on both 0.5 and 0.7. They may be easier on 0.7 due to it having better (therefore more predictable) routing, but 0.5's routing is pretty predictable, as it just goes by load most of the time. Also due to Freenet 0.7 having smaller keys. - Freenet 0.7 has one major, obvious weakness right now which is that its connection setup isn't secure against MITM or impersonation when the attacker knows the refs of both sides. Nextgens started to work on this, but STS (the solution) isn't quite ready yet. - On 0.5, or indeed on any opennet, such as the one we will soon implement for 0.7, or the bogus one we have at present using #freenet-refs etc, a whole range of attacks are much easier. In particular, harvest-and-block is the best known attack. But content tracing is easier on opennet too, because all you have to do is connect to everyone and do correlation attacks on everyone (requires an ubernode). Or connect to one node at a time and likewise. You are vulnerable on darknet or on opennet - but on darknet you get to choose who you are vulnerable to. If you suspect a particular subnetwork, just connect to all the nodes on that network and do correlation attacks on them. Etc etc. -- next part -- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: Digital signature URL: <https://emu.freenetproject.org/pipermail/support/attachments/20060923/755d47ee/attachment.pgp>
[freenet-support] 0.7 Censorship attack
This is a Type III anonymous message, sent to you by the Winston Smith Project Geonosis mixminion server at geonosis.winstonsmith.info. If you do not want to receive anonymous messages, please contact pbox- admin at winstonsmith.info. For information about anonymity, see https://www.winstonsmith.info/pws or https://e-privacy.firenze.linux.it. -BEGIN TYPE III ANONYMOUS MESSAGE- Message-type: plaintext In <20060918233820.GA27941 at amphibian.dyndns.org> toad wrote: >On Mon, Sep 18, 2006 at 02:10:57PM +0100, Volodya wrote: >> Lars Juel Nielsen wrote: >> > On 9/11/06, anon-bounces at deuxpi.ca wrote: >> >> -BEGIN TYPE III ANONYMOUS MESSAGE- >> >> Message-type: plaintext >> >> >> >> I read this on frost recently. How is this best addressed? >> >> >> >> - - Scruple at rJvWGdrEj1YOqt_TMc7Wyl01t2Q - 2006.08.29 - >> >> 05:47:35GMT - >> >> >> >> Someone brought up the point in the boards board that your peers (e.g. >> >> 'friends' on 0.7) can see what you are requesting and inserting. I >> >> responded that this may be an avenue of attack against dark-net since >> >> if something 'naughty' is being requested then your peers will know it >> >> is either coming from you or one of your friend nodes. In either case >> >> thats bad news if you have something contraversial or 'naughty' to say >> >> - your 'friends' on the darknet could ask you to sever your connection >> >> with the node that's doing the naughty requesting, or demand to know >> >> which node is doing it of yours and try to track it themselves. >> >> >> >> I'll be posting this attack message on the devl and tech mailing lists >> >> soon. If you have any points to make then do it here, and I'll >> >> incorporate it into my post (this will be like a draft then). >> > >> > Premix routing, planned for 0.8. >> >> Yep, unfortunately anything short of premix will be a hack and not solve the >> problem. > >Maybe. There are a few hacks that would give *some* plausible >deniability... Well, you have some plausible deniability *now*, but >nothing that would stand up to a statistical attack... So essentially, if I'm looking for anonymity that can stand up to a serious attacker that has access to anything 2.5 billion dollars can buy, then I'd be better off using 0.5 for now insted of 0.7. Thank you for making that clear. I have large (2 to 20gb) files to distribute (no, they're not cp), that I must have very good plausible deniability and be able to stand up to at least a statistical attack like you're talking about. BTW- I read in a msg on Frost that 0.7 is speed limited to 10mb per day to make it more difficult for people to insert large, possibly copyrighted or cp binaries. Is this for real or does that poster not know what they're talking about? If for example only, I start an 0.7 node and begin to insert warez and cp, am I anonymous enough even from my peers to be safe or will the feds come knocking my door down? [remembering that free speech includes allowing stuff you abhor as well as what you agree with.] > > - Anonymous - 2006.08.27 - 20:09:01GMT - > > The ref doesn't change if your IP changes. Or rather it does change but is > still compatible, even toad and ian aren't that insane... You could also use > a dyndns name or something similiar. > I currently run 0.5 and 0.7 at the same time, 0.7 doesn't use much bandwidth > anyway. (You can't get it to use more then 10 - 30kb/s) Sadly its also not > usable for anything except freesites and textmessages up to now because of > the ridiculous insert speed. (like 10MB/day). I really wonder if this insert > speed is by purpose because it manages to keep all kind of movies, mp3s, > warez, porn and so on out of 0.7, which happens to be the stuff toad doesn't > like. > (btw: Porn is sin as far as he is concerned, as is sex outside of marriage. I > never imagined that toad is a christian nutcase... If anyone is interested I > could poste the discussion in the privacy and religion boards on 0.7 in which > toad parcipated. His believes are somewhat interesting.) > And he never cared about filesharing and hates the pedo stuff anyway. Which > leaves the small stuff like freesite, images and books... (If you want a good > laugh look for some guy who is posting 25MB chunks of a movie for over one > month. He got to 26 or something like that up to now...) Anyway, pushing for > opennet doesn't really make sense up to now because 0.7 isn't really usable > anyway. -END TYPE III ANONYMOUS MESSAGE-
[freenet-support] 0.7 Censorship attack
gt; this insert speed is by purpose because it manages to keep all kind of > > movies, mp3s, warez, porn and so on out of 0.7, which happens to be the > > stuff toad doesn't like. > > (btw: Porn is sin as far as he is concerned, as is sex outside of marriage. > > I never imagined that toad is a christian nutcase... If anyone is > > interested I could poste the discussion in the privacy and religion boards > > on 0.7 in which toad parcipated. His believes are somewhat interesting.) > > And he never cared about filesharing and hates the pedo stuff anyway. Which > > leaves the small stuff like freesite, images and books... (If you want a > > good laugh look for some guy who is posting 25MB chunks of a movie for over > > one month. He got to 26 or something like that up to now...) Anyway, > > pushing for opennet doesn't really make sense up to now because 0.7 isn't > > really usable anyway. > > -END TYPE III ANONYMOUS MESSAGE- > ___ > Support mailing list > Support at freenetproject.org > http://news.gmane.org/gmane.network.freenet.support > Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support > Or mailto:support-request at freenetproject.org?subject=unsubscribe > -- next part -- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: Digital signature URL: <https://emu.freenetproject.org/pipermail/support/attachments/20060923/f7b65a93/attachment.pgp>
[freenet-support] Windows Installation problem
Hi everyone, Just tried to install v0.7 on windows 2000, and am having problems. I already have freenet 0.5 installed, which I want to keep running, but while I was installing 0.7 (to a different directory), it was stopped. Anyway, I left the installer to install everything listed, and it got to the part where it has to download bits, and it complained with something like "plugin already installed" or something similar, with only a quit button active. (I'm afraid I didn't write it down at the time as I thought it was just a warning). Why would this happen on a vanilla install? Also, how do I uninstall it properly and start again? >From the parent directory, "java -jar Freenet7\Uninstaller\uninstaller.jar" brought up an uninstall dialog, but pressing the uninstall button didn't seem to do anything, yet, rerunning the installer warns me about installing another instance of freenet. Any ideas? Thanks, MrFlibble
[freenet-support] 0.7 Censorship attack
On Saturday 23 September 2006 09:50, nobody at geonosis.homelinux.net wrote: > This is a Type III anonymous message, sent to you by the Winston Smith > Project Geonosis mixminion server at geonosis.winstonsmith.info. If > you do not want to receive anonymous messages, please contact pbox- > admin at winstonsmith.info. For information about anonymity, see > https://www.winstonsmith.info/pws or > https://e-privacy.firenze.linux.it. > > -BEGIN TYPE III ANONYMOUS MESSAGE- > Message-type: plaintext > > In <20060918233820.GA27941 at amphibian.dyndns.org> toad wrote: > >On Mon, Sep 18, 2006 at 02:10:57PM +0100, Volodya wrote: > >> Lars Juel Nielsen wrote: > >> > On 9/11/06, anon-bounces at deuxpi.ca wrote: > >> >> -BEGIN TYPE III ANONYMOUS MESSAGE- > >> >> Message-type: plaintext > >> >> > >> >> I read this on frost recently. How is this best addressed? > >> >> > >> >> - - Scruple at rJvWGdrEj1YOqt_TMc7Wyl01t2Q - 2006.08.29 - > >> >> 05:47:35GMT - > >> >> > >> >> Someone brought up the point in the boards board that your peers > >> >> (e.g. 'friends' on 0.7) can see what you are requesting and > >> >> inserting. I responded that this may be an avenue of attack against > >> >> dark-net since if something 'naughty' is being requested then your > >> >> peers will know it is either coming from you or one of your friend > >> >> nodes. In either case thats bad news if you have something > >> >> contraversial or 'naughty' to say - your 'friends' on the darknet > >> >> could ask you to sever your connection with the node that's doing the > >> >> naughty requesting, or demand to know which node is doing it of yours > >> >> and try to track it themselves. > >> >> > >> >> I'll be posting this attack message on the devl and tech mailing > >> >> lists soon. If you have any points to make then do it here, and I'll > >> >> incorporate it into my post (this will be like a draft then). > >> > > >> > Premix routing, planned for 0.8. > >> > >> Yep, unfortunately anything short of premix will be a hack and not solve > >> the problem. > > > >Maybe. There are a few hacks that would give *some* plausible > >deniability... Well, you have some plausible deniability *now*, but > >nothing that would stand up to a statistical attack... > > So essentially, if I'm looking for anonymity that can stand up to a serious > attacker that has access to anything 2.5 billion dollars can buy, then I'd > be better off using 0.5 for now insted of 0.7. > > Thank you for making that clear. I have large (2 to 20gb) files to > distribute (no, they're not cp), that I must have very good plausible > deniability and be able to stand up to at least a statistical attack like > you're talking about. > > BTW- I read in a msg on Frost that 0.7 is speed limited to 10mb per day to > make it more difficult for people to insert large, possibly copyrighted or > cp binaries. Is this for real or does that poster not know what they're > talking about? > > If for example only, I start an 0.7 node and begin to insert warez and cp, > am I anonymous enough even from my peers to be safe or will the feds come > knocking my door down? > > [remembering that free speech includes allowing stuff you abhor as well as > what you agree with.] I find it funny that all of these 0.7 users are saying that the 0.7 network is better and more secure than the 0.5 network. They say this even while we see these warnings about critical bug fixes, peers in the 0.7 network being able to monitor what comes from your node, and the IRC channels where people trade references could have cops monitoring or actively trading these references. Now you mention that there is a cap on bandwidth. WTF? This is why I'm staying with the 0.5 network until either 0.7 becomes useful, or another anonymous network (ANts http://antsp2p.sourceforge.net/) surpasses the 0.5 network in usability, popularity, and security. It would be sad to see Freenet become just a footnote in the computer chronicles while other anonymous networks become more popular and Freenet loses it's user base. Maybe some Chinese Christian dissident will use it to speak freely, but it won't matter much if there is no one to listen. > > > - Anonymous - 2006.08.27 - 20:09:01GMT - > > > > The ref doesn't change if your IP changes. Or rather it does change but > > is still compatible, even toad and ian aren't that insane... You could > > also use a dyndns name or something similiar. I currently run 0.5 and 0.7 > > at the same time, 0.7 doesn't use much bandwidth anyway. (You can't get > > it to use more then 10 - 30kb/s) Sadly its also not usable for anything > > except freesites and textmessages up to now because of the ridiculous > > insert speed. (like 10MB/day). I really wonder if this insert speed is by > > purpose because it manages to keep all kind of movies, mp3s, warez, porn > > and so on out of 0.7, which happens to be the stuff toad doesn't like. > > (btw: Porn is sin as far as
[freenet-support] Windows Installation problem
Hi everyone, Just tried to install v0.7 on windows 2000, and am having problems. I already have freenet 0.5 installed, which I want to keep running, but while I was installing 0.7 (to a different directory), it was stopped. Anyway, I left the installer to install everything listed, and it got to the part where it has to download bits, and it complained with something like plugin already installed or something similar, with only a quit button active. (I'm afraid I didn't write it down at the time as I thought it was just a warning). Why would this happen on a vanilla install? Also, how do I uninstall it properly and start again? From the parent directory, java -jar Freenet7\Uninstaller\uninstaller.jar brought up an uninstall dialog, but pressing the uninstall button didn't seem to do anything, yet, rerunning the installer warns me about installing another instance of freenet. Any ideas? Thanks, MrFlibble ___ Support mailing list Support@freenetproject.org http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED]
Re: [freenet-support] 0.7 Censorship attack
This is a Type III anonymous message, sent to you by the Winston Smith Project Geonosis mixminion server at geonosis.winstonsmith.info. If you do not want to receive anonymous messages, please contact pbox- [EMAIL PROTECTED] For information about anonymity, see https://www.winstonsmith.info/pws or https://e-privacy.firenze.linux.it. -BEGIN TYPE III ANONYMOUS MESSAGE- Message-type: plaintext In [EMAIL PROTECTED] toad [EMAIL PROTECTED] wrote: On Mon, Sep 18, 2006 at 02:10:57PM +0100, Volodya wrote: Lars Juel Nielsen wrote: On 9/11/06, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: -BEGIN TYPE III ANONYMOUS MESSAGE- Message-type: plaintext I read this on frost recently. How is this best addressed? - - [EMAIL PROTECTED] - 2006.08.29 - 05:47:35GMT - Someone brought up the point in the boards board that your peers (e.g. 'friends' on 0.7) can see what you are requesting and inserting. I responded that this may be an avenue of attack against dark-net since if something 'naughty' is being requested then your peers will know it is either coming from you or one of your friend nodes. In either case thats bad news if you have something contraversial or 'naughty' to say - your 'friends' on the darknet could ask you to sever your connection with the node that's doing the naughty requesting, or demand to know which node is doing it of yours and try to track it themselves. I'll be posting this attack message on the devl and tech mailing lists soon. If you have any points to make then do it here, and I'll incorporate it into my post (this will be like a draft then). Premix routing, planned for 0.8. Yep, unfortunately anything short of premix will be a hack and not solve the problem. Maybe. There are a few hacks that would give *some* plausible deniability... Well, you have some plausible deniability *now*, but nothing that would stand up to a statistical attack... So essentially, if I'm looking for anonymity that can stand up to a serious attacker that has access to anything 2.5 billion dollars can buy, then I'd be better off using 0.5 for now insted of 0.7. Thank you for making that clear. I have large (2 to 20gb) files to distribute (no, they're not cp), that I must have very good plausible deniability and be able to stand up to at least a statistical attack like you're talking about. BTW- I read in a msg on Frost that 0.7 is speed limited to 10mb per day to make it more difficult for people to insert large, possibly copyrighted or cp binaries. Is this for real or does that poster not know what they're talking about? If for example only, I start an 0.7 node and begin to insert warez and cp, am I anonymous enough even from my peers to be safe or will the feds come knocking my door down? [remembering that free speech includes allowing stuff you abhor as well as what you agree with.] - Anonymous - 2006.08.27 - 20:09:01GMT - The ref doesn't change if your IP changes. Or rather it does change but is still compatible, even toad and ian aren't that insane... You could also use a dyndns name or something similiar. I currently run 0.5 and 0.7 at the same time, 0.7 doesn't use much bandwidth anyway. (You can't get it to use more then 10 - 30kb/s) Sadly its also not usable for anything except freesites and textmessages up to now because of the ridiculous insert speed. (like 10MB/day). I really wonder if this insert speed is by purpose because it manages to keep all kind of movies, mp3s, warez, porn and so on out of 0.7, which happens to be the stuff toad doesn't like. (btw: Porn is sin as far as he is concerned, as is sex outside of marriage. I never imagined that toad is a christian nutcase... If anyone is interested I could poste the discussion in the privacy and religion boards on 0.7 in which toad parcipated. His believes are somewhat interesting.) And he never cared about filesharing and hates the pedo stuff anyway. Which leaves the small stuff like freesite, images and books... (If you want a good laugh look for some guy who is posting 25MB chunks of a movie for over one month. He got to 26 or something like that up to now...) Anyway, pushing for opennet doesn't really make sense up to now because 0.7 isn't really usable anyway. -END TYPE III ANONYMOUS MESSAGE- ___ Support mailing list Support@freenetproject.org http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED]
Re: [freenet-support] 0.7 Censorship attack
The 10MB limit is nonsense; there is no such code. And correlation attacks are feasible on 0.5 as well as on 0.7. It's a bit more complex on 0.5, but I'm not sure that it requires any more effort. And on 0.7 you get to choose your peers; on 0.5 a clever peer can choose you (possibly as part of a network-wide campaign to connect to everyone in order to monitor everyone). 0.7 does have some security issues certainly, but overall I'm not sure that 0.5 is any better. Anyway, read the security page on the wiki. On Sat, Sep 23, 2006 at 06:50:26PM +0200, [EMAIL PROTECTED] wrote: This is a Type III anonymous message, sent to you by the Winston Smith Project Geonosis mixminion server at geonosis.winstonsmith.info. If you do not want to receive anonymous messages, please contact pbox- [EMAIL PROTECTED] For information about anonymity, see https://www.winstonsmith.info/pws or https://e-privacy.firenze.linux.it. -BEGIN TYPE III ANONYMOUS MESSAGE- Message-type: plaintext In [EMAIL PROTECTED] toad [EMAIL PROTECTED] wrote: On Mon, Sep 18, 2006 at 02:10:57PM +0100, Volodya wrote: Lars Juel Nielsen wrote: On 9/11/06, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: -BEGIN TYPE III ANONYMOUS MESSAGE- Message-type: plaintext I read this on frost recently. How is this best addressed? - - [EMAIL PROTECTED] - 2006.08.29 - 05:47:35GMT - Someone brought up the point in the boards board that your peers (e.g. 'friends' on 0.7) can see what you are requesting and inserting. I responded that this may be an avenue of attack against dark-net since if something 'naughty' is being requested then your peers will know it is either coming from you or one of your friend nodes. In either case thats bad news if you have something contraversial or 'naughty' to say - your 'friends' on the darknet could ask you to sever your connection with the node that's doing the naughty requesting, or demand to know which node is doing it of yours and try to track it themselves. I'll be posting this attack message on the devl and tech mailing lists soon. If you have any points to make then do it here, and I'll incorporate it into my post (this will be like a draft then). Premix routing, planned for 0.8. Yep, unfortunately anything short of premix will be a hack and not solve the problem. Maybe. There are a few hacks that would give *some* plausible deniability... Well, you have some plausible deniability *now*, but nothing that would stand up to a statistical attack... So essentially, if I'm looking for anonymity that can stand up to a serious attacker that has access to anything 2.5 billion dollars can buy, then I'd be better off using 0.5 for now insted of 0.7. Thank you for making that clear. I have large (2 to 20gb) files to distribute (no, they're not cp), that I must have very good plausible deniability and be able to stand up to at least a statistical attack like you're talking about. BTW- I read in a msg on Frost that 0.7 is speed limited to 10mb per day to make it more difficult for people to insert large, possibly copyrighted or cp binaries. Is this for real or does that poster not know what they're talking about? If for example only, I start an 0.7 node and begin to insert warez and cp, am I anonymous enough even from my peers to be safe or will the feds come knocking my door down? [remembering that free speech includes allowing stuff you abhor as well as what you agree with.] - Anonymous - 2006.08.27 - 20:09:01GMT - The ref doesn't change if your IP changes. Or rather it does change but is still compatible, even toad and ian aren't that insane... You could also use a dyndns name or something similiar. I currently run 0.5 and 0.7 at the same time, 0.7 doesn't use much bandwidth anyway. (You can't get it to use more then 10 - 30kb/s) Sadly its also not usable for anything except freesites and textmessages up to now because of the ridiculous insert speed. (like 10MB/day). I really wonder if this insert speed is by purpose because it manages to keep all kind of movies, mp3s, warez, porn and so on out of 0.7, which happens to be the stuff toad doesn't like. (btw: Porn is sin as far as he is concerned, as is sex outside of marriage. I never imagined that toad is a christian nutcase... If anyone is interested I could poste the discussion in the privacy and religion boards on 0.7 in which toad parcipated. His believes are somewhat interesting.) And he never cared about filesharing and hates the pedo stuff anyway. Which leaves the small stuff like freesite, images and books... (If you want a good laugh look for some guy who is posting 25MB chunks of a movie for over one month. He got to 26 or something like that up to now...) Anyway, pushing for opennet doesn't really make sense up to now because 0.7 isn't really
Re: [freenet-support] 0.7 Censorship attack
On Saturday 23 September 2006 09:50, [EMAIL PROTECTED] wrote: This is a Type III anonymous message, sent to you by the Winston Smith Project Geonosis mixminion server at geonosis.winstonsmith.info. If you do not want to receive anonymous messages, please contact pbox- [EMAIL PROTECTED] For information about anonymity, see https://www.winstonsmith.info/pws or https://e-privacy.firenze.linux.it. -BEGIN TYPE III ANONYMOUS MESSAGE- Message-type: plaintext In [EMAIL PROTECTED] toad [EMAIL PROTECTED] wrote: On Mon, Sep 18, 2006 at 02:10:57PM +0100, Volodya wrote: Lars Juel Nielsen wrote: On 9/11/06, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: -BEGIN TYPE III ANONYMOUS MESSAGE- Message-type: plaintext I read this on frost recently. How is this best addressed? - - [EMAIL PROTECTED] - 2006.08.29 - 05:47:35GMT - Someone brought up the point in the boards board that your peers (e.g. 'friends' on 0.7) can see what you are requesting and inserting. I responded that this may be an avenue of attack against dark-net since if something 'naughty' is being requested then your peers will know it is either coming from you or one of your friend nodes. In either case thats bad news if you have something contraversial or 'naughty' to say - your 'friends' on the darknet could ask you to sever your connection with the node that's doing the naughty requesting, or demand to know which node is doing it of yours and try to track it themselves. I'll be posting this attack message on the devl and tech mailing lists soon. If you have any points to make then do it here, and I'll incorporate it into my post (this will be like a draft then). Premix routing, planned for 0.8. Yep, unfortunately anything short of premix will be a hack and not solve the problem. Maybe. There are a few hacks that would give *some* plausible deniability... Well, you have some plausible deniability *now*, but nothing that would stand up to a statistical attack... So essentially, if I'm looking for anonymity that can stand up to a serious attacker that has access to anything 2.5 billion dollars can buy, then I'd be better off using 0.5 for now insted of 0.7. Thank you for making that clear. I have large (2 to 20gb) files to distribute (no, they're not cp), that I must have very good plausible deniability and be able to stand up to at least a statistical attack like you're talking about. BTW- I read in a msg on Frost that 0.7 is speed limited to 10mb per day to make it more difficult for people to insert large, possibly copyrighted or cp binaries. Is this for real or does that poster not know what they're talking about? If for example only, I start an 0.7 node and begin to insert warez and cp, am I anonymous enough even from my peers to be safe or will the feds come knocking my door down? [remembering that free speech includes allowing stuff you abhor as well as what you agree with.] I find it funny that all of these 0.7 users are saying that the 0.7 network is better and more secure than the 0.5 network. They say this even while we see these warnings about critical bug fixes, peers in the 0.7 network being able to monitor what comes from your node, and the IRC channels where people trade references could have cops monitoring or actively trading these references. Now you mention that there is a cap on bandwidth. WTF? This is why I'm staying with the 0.5 network until either 0.7 becomes useful, or another anonymous network (ANts http://antsp2p.sourceforge.net/) surpasses the 0.5 network in usability, popularity, and security. It would be sad to see Freenet become just a footnote in the computer chronicles while other anonymous networks become more popular and Freenet loses it's user base. Maybe some Chinese Christian dissident will use it to speak freely, but it won't matter much if there is no one to listen. - Anonymous - 2006.08.27 - 20:09:01GMT - The ref doesn't change if your IP changes. Or rather it does change but is still compatible, even toad and ian aren't that insane... You could also use a dyndns name or something similiar. I currently run 0.5 and 0.7 at the same time, 0.7 doesn't use much bandwidth anyway. (You can't get it to use more then 10 - 30kb/s) Sadly its also not usable for anything except freesites and textmessages up to now because of the ridiculous insert speed. (like 10MB/day). I really wonder if this insert speed is by purpose because it manages to keep all kind of movies, mp3s, warez, porn and so on out of 0.7, which happens to be the stuff toad doesn't like. (btw: Porn is sin as far as he is concerned, as is sex outside of marriage. I never imagined that toad is a christian nutcase... If anyone is interested I could poste the discussion in the privacy and religion boards on 0.7 in which toad parcipated. His believes are
All this nonsense against 0.7 was Re: [freenet-support] 0.7 Censorship attack
On Sat, Sep 23, 2006 at 10:45:57AM -0700, an ominous cow herd wrote: I find it funny that all of these 0.7 users are saying that the 0.7 network is better and more secure than the 0.5 network. They say this even while we see these warnings about critical bug fixes, peers in the 0.7 network being able to monitor what comes from your node, and the IRC channels where people trade references could have cops monitoring or actively trading these references. Now you mention that there is a cap on bandwidth. WTF? This is why I'm staying with the 0.5 network until either 0.7 becomes useful, or another anonymous network (ANts http://antsp2p.sourceforge.net/) surpasses the 0.5 network in usability, popularity, and security. It would be sad to see Freenet become just a footnote in the computer chronicles while other anonymous networks become more popular and Freenet loses it's user base. Maybe some Chinese Christian dissident will use it to speak freely, but it won't matter much if there is no one to listen. I'm half inclined to believe that there's a deliberate propaganda campaign against Freenet 0.7... Here's what I said on the tech list: --- The 10MB limit is nonsense; there is no such code. And correlation attacks are feasible on 0.5 as well as on 0.7. It's a bit more complex on 0.5, but I'm not sure that it requires any more effort. And on 0.7 you get to choose your peers; on 0.5 a clever peer can choose you (possibly as part of a network-wide campaign to connect to everyone in order to monitor everyone). 0.7 does have some security issues certainly, but overall I'm not sure that 0.5 is any better. Anyway, read the security page on the wiki. --- For anyone listening who can't be bothered to look up the security page on the wiki, here it is: http://wiki.freenetproject.org/FreenetZeroPointSevenSecurity The short version: - Correlation attacks are possible on both 0.5 and 0.7. They may be easier on 0.7 due to it having better (therefore more predictable) routing, but 0.5's routing is pretty predictable, as it just goes by load most of the time. Also due to Freenet 0.7 having smaller keys. - Freenet 0.7 has one major, obvious weakness right now which is that its connection setup isn't secure against MITM or impersonation when the attacker knows the refs of both sides. Nextgens started to work on this, but STS (the solution) isn't quite ready yet. - On 0.5, or indeed on any opennet, such as the one we will soon implement for 0.7, or the bogus one we have at present using #freenet-refs etc, a whole range of attacks are much easier. In particular, harvest-and-block is the best known attack. But content tracing is easier on opennet too, because all you have to do is connect to everyone and do correlation attacks on everyone (requires an ubernode). Or connect to one node at a time and likewise. You are vulnerable on darknet or on opennet - but on darknet you get to choose who you are vulnerable to. If you suspect a particular subnetwork, just connect to all the nodes on that network and do correlation attacks on them. Etc etc. signature.asc Description: Digital signature ___ Support mailing list Support@freenetproject.org http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED]
Re: [freenet-support] 0.7 Censorship attack
On 9/23/06, an ominous cow herd [EMAIL PROTECTED] wrote: On Saturday 23 September 2006 09:50, [EMAIL PROTECTED] wrote: This is a Type III anonymous message, sent to you by the Winston Smith Project Geonosis mixminion server at geonosis.winstonsmith.info. If you do not want to receive anonymous messages, please contact pbox- [EMAIL PROTECTED] For information about anonymity, see https://www.winstonsmith.info/pws or https://e-privacy.firenze.linux.it. -BEGIN TYPE III ANONYMOUS MESSAGE- Message-type: plaintext In [EMAIL PROTECTED] toad [EMAIL PROTECTED] wrote: On Mon, Sep 18, 2006 at 02:10:57PM +0100, Volodya wrote: Lars Juel Nielsen wrote: On 9/11/06, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: -BEGIN TYPE III ANONYMOUS MESSAGE- Message-type: plaintext I read this on frost recently. How is this best addressed? - - [EMAIL PROTECTED] - 2006.08.29 - 05:47:35GMT - Someone brought up the point in the boards board that your peers (e.g. 'friends' on 0.7) can see what you are requesting and inserting. I responded that this may be an avenue of attack against dark-net since if something 'naughty' is being requested then your peers will know it is either coming from you or one of your friend nodes. In either case thats bad news if you have something contraversial or 'naughty' to say - your 'friends' on the darknet could ask you to sever your connection with the node that's doing the naughty requesting, or demand to know which node is doing it of yours and try to track it themselves. I'll be posting this attack message on the devl and tech mailing lists soon. If you have any points to make then do it here, and I'll incorporate it into my post (this will be like a draft then). Premix routing, planned for 0.8. Yep, unfortunately anything short of premix will be a hack and not solve the problem. Maybe. There are a few hacks that would give *some* plausible deniability... Well, you have some plausible deniability *now*, but nothing that would stand up to a statistical attack... So essentially, if I'm looking for anonymity that can stand up to a serious attacker that has access to anything 2.5 billion dollars can buy, then I'd be better off using 0.5 for now insted of 0.7. Thank you for making that clear. I have large (2 to 20gb) files to distribute (no, they're not cp), that I must have very good plausible deniability and be able to stand up to at least a statistical attack like you're talking about. BTW- I read in a msg on Frost that 0.7 is speed limited to 10mb per day to make it more difficult for people to insert large, possibly copyrighted or cp binaries. Is this for real or does that poster not know what they're talking about? If for example only, I start an 0.7 node and begin to insert warez and cp, am I anonymous enough even from my peers to be safe or will the feds come knocking my door down? [remembering that free speech includes allowing stuff you abhor as well as what you agree with.] I find it funny that all of these 0.7 users are saying that the 0.7 network is better and more secure than the 0.5 network. They say this even while we see these warnings about critical bug fixes, peers in the 0.7 network being able to monitor what comes from your node, and the IRC channels where people trade references could have cops monitoring or actively trading these references. Now you mention that there is a cap on bandwidth. WTF? 0.5 got pretty much the same security problems as 0.7 do and there is no cap on bandwidth, toad denied it in the a reply to the mail you replied to and I can confirm it as an user too, it may be slow but it's faster than 0.5, retain content better and there is no cap that I've run into yet. There is still work to be done on speeding it up but the current speed limit(whatever it is) is not intentional. This is why I'm staying with the 0.5 network until either 0.7 becomes useful, or another anonymous network (ANts http://antsp2p.sourceforge.net/) surpasses the 0.5 network in usability, popularity, and security. It would be sad to see Freenet become just a footnote in the computer chronicles while other anonymous networks become more popular and Freenet loses it's user base. Maybe some Chinese Christian dissident will use it to speak freely, but it won't matter much if there is no one to listen. - Anonymous - 2006.08.27 - 20:09:01GMT - The ref doesn't change if your IP changes. Or rather it does change but is still compatible, even toad and ian aren't that insane... You could also use a dyndns name or something similiar. I currently run 0.5 and 0.7 at the same time, 0.7 doesn't use much bandwidth anyway. (You can't get it to use more then 10 - 30kb/s) Sadly its also not usable for anything except freesites and textmessages up to now because of the ridiculous insert speed. (like 10MB/day). I really wonder if
Re: [freenet-support] 0.7 Censorship attack
--- an ominous cow herd [EMAIL PROTECTED] wrote: On Saturday 23 September 2006 09:50, [EMAIL PROTECTED] wrote: This is a Type III anonymous message, sent to you by the Winston Smith Project Geonosis mixminion server at geonosis.winstonsmith.info. If you do not want to receive anonymous messages, please contact pbox- [EMAIL PROTECTED] For information about anonymity, see https://www.winstonsmith.info/pws or https://e-privacy.firenze.linux.it. -BEGIN TYPE III ANONYMOUS MESSAGE- Message-type: plaintext In [EMAIL PROTECTED] toad [EMAIL PROTECTED] wrote: On Mon, Sep 18, 2006 at 02:10:57PM +0100, Volodya wrote: Lars Juel Nielsen wrote: On 9/11/06, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: -BEGIN TYPE III ANONYMOUS MESSAGE- Message-type: plaintext I read this on frost recently. How is this best addressed? - - [EMAIL PROTECTED] - 2006.08.29 - 05:47:35GMT - Someone brought up the point in the boards board that your peers (e.g. 'friends' on 0.7) can see what you are requesting and inserting. I responded that this may be an avenue of attack against dark-net since if something 'naughty' is being requested then your peers will know it is either coming from you or one of your friend nodes. In either case thats bad news if you have something contraversial or 'naughty' to say - your 'friends' on the darknet could ask you to sever your connection with the node that's doing the naughty requesting, or demand to know which node is doing it of yours and try to track it themselves. I'll be posting this attack message on the devl and tech mailing lists soon. If you have any points to make then do it here, and I'll incorporate it into my post (this will be like a draft then). Premix routing, planned for 0.8. Yep, unfortunately anything short of premix will be a hack and not solve the problem. Maybe. There are a few hacks that would give *some* plausible deniability... Well, you have some plausible deniability *now*, but nothing that would stand up to a statistical attack... So essentially, if I'm looking for anonymity that can stand up to a serious attacker that has access to anything 2.5 billion dollars can buy, then I'd be better off using 0.5 for now insted of 0.7. Thank you for making that clear. I have large (2 to 20gb) files to distribute (no, they're not cp), that I must have very good plausible deniability and be able to stand up to at least a statistical attack like you're talking about. BTW- I read in a msg on Frost that 0.7 is speed limited to 10mb per day to make it more difficult for people to insert large, possibly copyrighted or cp binaries. Is this for real or does that poster not know what they're talking about? If for example only, I start an 0.7 node and begin to insert warez and cp, am I anonymous enough even from my peers to be safe or will the feds come knocking my door down? [remembering that free speech includes allowing stuff you abhor as well as what you agree with.] I find it funny that all of these 0.7 users are saying that the 0.7 network is better and more secure than the 0.5 network. They say this even while we see these warnings about critical bug fixes, peers in the 0.7 network being able to monitor what comes from your node, and the IRC channels where people trade references could have cops monitoring or actively trading these references. Now you mention that there is a cap on bandwidth. WTF? This is why I'm staying with the 0.5 network until either 0.7 becomes useful, or another anonymous network (ANts http://antsp2p.sourceforge.net/) surpasses the 0.5 network in usability, popularity, and security. It would be sad to see Freenet become just a footnote in the computer chronicles while other anonymous networks become more popular and Freenet loses it's user base. Maybe some Chinese Christian dissident will use it to speak freely, but it won't matter much if there is no one to listen. and what's the plus'es of AntsP2P over Mute-Net?... - Anonymous - 2006.08.27 - 20:09:01GMT - The ref doesn't change if your IP changes. Or rather it does change but is still compatible, even toad and ian aren't that insane... You could also use a dyndns name or something similiar. I currently run 0.5 and 0.7 at the same time, 0.7 doesn't use much bandwidth anyway. (You can't get it to use more then 10 - 30kb/s) Sadly its also not usable for anything except freesites and textmessages up to now because of the ridiculous insert speed. (like 10MB/day). I really wonder if this insert speed is by purpose because it manages to keep all kind of movies, mp3s, warez, porn and so on out of 0.7, which happens to be the stuff toad doesn't like. (btw: Porn is