The 10MB limit is nonsense; there is no such code. And correlation attacks are feasible on 0.5 as well as on 0.7. It's a bit more complex on 0.5, but I'm not sure that it requires any more effort. And on 0.7 you get to choose your peers; on 0.5 a clever peer can choose you (possibly as part of a network-wide campaign to connect to everyone in order to monitor everyone).
0.7 does have some security issues certainly, but overall I'm not sure that 0.5 is any better. Anyway, read the security page on the wiki. On Sat, Sep 23, 2006 at 06:50:26PM +0200, nobody at geonosis.homelinux.net wrote: > This is a Type III anonymous message, sent to you by the Winston Smith > Project Geonosis mixminion server at geonosis.winstonsmith.info. If > you do not want to receive anonymous messages, please contact pbox- > admin at winstonsmith.info. For information about anonymity, see > https://www.winstonsmith.info/pws or > https://e-privacy.firenze.linux.it. > > -----BEGIN TYPE III ANONYMOUS MESSAGE----- > Message-type: plaintext > > In <20060918233820.GA27941 at amphibian.dyndns.org> toad <toad at > amphibian.dyndns.org> wrote: > >On Mon, Sep 18, 2006 at 02:10:57PM +0100, Volodya wrote: > >> Lars Juel Nielsen wrote: > >> > On 9/11/06, anon-bounces at deuxpi.ca <anon-bounces at deuxpi.ca> wrote: > >> >> -----BEGIN TYPE III ANONYMOUS MESSAGE----- > >> >> Message-type: plaintext > >> >> > >> >> I read this on frost recently. How is this best addressed? > >> >> > >> >> - ----- Scruple at rJvWGdrEj1YOqt_TMc7Wyl01t2Q ----- 2006.08.29 - > >> >> 05:47:35GMT ----- > >> >> > >> >> Someone brought up the point in the boards board that your peers (e.g. > >> >> 'friends' on 0.7) can see what you are requesting and inserting. I > >> >> responded that this may be an avenue of attack against dark-net since > >> >> if something 'naughty' is being requested then your peers will know it > >> >> is either coming from you or one of your friend nodes. In either case > >> >> thats bad news if you have something contraversial or 'naughty' to say > >> >> - your 'friends' on the darknet could ask you to sever your connection > >> >> with the node that's doing the naughty requesting, or demand to know > >> >> which node is doing it of yours and try to track it themselves. > >> >> > >> >> I'll be posting this attack message on the devl and tech mailing lists > >> >> soon. If you have any points to make then do it here, and I'll > >> >> incorporate it into my post (this will be like a draft then). > >> > > >> > Premix routing, planned for 0.8. > >> > >> Yep, unfortunately anything short of premix will be a hack and not solve > >> the problem. > > > >Maybe. There are a few hacks that would give *some* plausible > >deniability... Well, you have some plausible deniability *now*, but > >nothing that would stand up to a statistical attack... > > So essentially, if I'm looking for anonymity that can stand up to a serious > attacker > that has access to anything 2.5 billion dollars can buy, then I'd be better > off using > 0.5 for now insted of 0.7. > > Thank you for making that clear. I have large (2 to 20gb) files to > distribute (no, they're not cp), that I must have very good plausible > deniability and be able to stand up to at least a statistical attack like > you're talking about. > > BTW- I read in a msg on Frost that 0.7 is speed limited to 10mb per day to > make it more difficult for people to insert large, possibly copyrighted or cp > binaries. Is this > for real or does that poster not know what they're talking about? > > If for example only, I start an 0.7 node and begin to insert warez and cp, am > I > anonymous enough even from my peers to be safe or will the feds come knocking > my door down? > > [remembering that free speech includes allowing stuff you abhor as well as > what you agree with.] > > > > > ----- Anonymous ----- 2006.08.27 - 20:09:01GMT ----- > > > > The ref doesn't change if your IP changes. Or rather it does change but is > > still compatible, even toad and ian aren't that insane... You could also > > use a dyndns name or something similiar. > > I currently run 0.5 and 0.7 at the same time, 0.7 doesn't use much > > bandwidth anyway. (You can't get it to use more then 10 - 30kb/s) Sadly its > > also not usable for anything except freesites and textmessages up to now > > because of the ridiculous insert speed. (like 10MB/day). I really wonder if > > this insert speed is by purpose because it manages to keep all kind of > > movies, mp3s, warez, porn and so on out of 0.7, which happens to be the > > stuff toad doesn't like. > > (btw: Porn is sin as far as he is concerned, as is sex outside of marriage. > > I never imagined that toad is a christian nutcase... If anyone is > > interested I could poste the discussion in the privacy and religion boards > > on 0.7 in which toad parcipated. His believes are somewhat interesting.) > > And he never cared about filesharing and hates the pedo stuff anyway. Which > > leaves the small stuff like freesite, images and books... (If you want a > > good laugh look for some guy who is posting 25MB chunks of a movie for over > > one month. He got to 26 or something like that up to now...) Anyway, > > pushing for opennet doesn't really make sense up to now because 0.7 isn't > > really usable anyway. > > -----END TYPE III ANONYMOUS MESSAGE----- > _______________________________________________ > Support mailing list > Support at freenetproject.org > http://news.gmane.org/gmane.network.freenet.support > Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support > Or mailto:support-request at freenetproject.org?subject=unsubscribe > -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: Digital signature URL: <https://emu.freenetproject.org/pipermail/support/attachments/20060923/f7b65a93/attachment.pgp>
