On Tuesday 05 August 2003 03:11 am, Gabriel K wrote: > I guess you COULD stop when you have reached a node that has it. But if you > proceed you could have multiple download sources. > And as I said before, you could sort keys with something like achord into > the network, (which is kind of you file manifest), and then you only need > to ask O(log N) nodes.
Hehe, this discussion keeps moving closer and closer to a Freenet model. But, yes a CHORD like architecture would be much better. Also you have now redused the function of admin to just booting misbehaving nodes! > Well, all nodes must trust that the admin is not compromised.. I don't > think that is a big problem. > In what way could you track down the IP of the admin? > > Well, since no file data is sent through the admin, it must only be able to > hande control messages. In fact, the same load is on each node. > Control messages are small, so BW for them is not very much. Each nodes is > required to reserve the BW needed for control messages. If it doesn't have > it, it will be kicked from the network. Why, bother? Messages to admin are signed and distributed to everyone right, and then admin has to send reply messages about what to do, to everyone in that aria right? So why not just have each node circulate its message in the aria, then the other nodes will decide on who to believe for themselves. Grapevine does this. If done right as long as each node is connected to more good nodes than bad nodes it can properly cut off the bad ones. > Well, I have thought of that too. All attacks on the net can only affect a > ONE innocent node, and the admin is prepared to make a misstake in order to > also ban the evil node. > All the attacks you mentioned above have an answer in the PDF. > Dropping evil messages to admin can only affect one innocent node before > the attacker is kicked. > If a node delays messages it will get kicked. > joining and rejoining will not help to learn about more nodes. > Admin can only be located by evil nodes if they are very lucky. They cannot > decide where they end up in the network when they join, so if they are > lucky enough to end up on each side of the admin, they could find out it is > the admin. If the attacking set of nodes don't have this luck the first > time, it's very likely they will never get that chance, because they are > placed on the same locations in the network each time. Anyway, the admin > can prevent this attack by placing a trusted computer on either side of it > in the network. > If an evil node destroyed a node beside it and then won't let the ring > heal, admin will kick both ends and the let the ring rejoin. So only one > node is innocently affected. (The destroying of the node with an out of > band DNS attack is not an attack based on the network rules, so it doesn't > count) I'm not sure what you mean by timing attacks? > About malicious admin, that is the only trusted node, if it is malicious > then all nodes are fucked. But I'm sure many networks would form people > know are safe. But I agree it would be better if there was no admin. But > having the admin makes many problems easy to solve. > > Well what is the point of having it so large when you can't find all the > data in it if you wanted to? Most people can find most of the data most of the time. There are two reasons why you would not be able to. 1, you and/or nodes that you route to, make sufficiently poor routing decisions, so that the data cannot be reached before the HTL runs out. This SHOULD be rare, unless the network is flooded with new nodes, as it is after a slashdotting. The second possibility is if some data was inserted in the network, then some people download it, then it becomes unpopular and so it gets removed from the data store of the nodes that would be routed requests for it. However it is not totally gone. It is still in the cache of some of the people that last downloaded it. Because the data is no longer where it is SUPPOSED to be the network will likely not find it. There is not much that could be done to fix this, although more space would help. PS, what do you think of my proposal? _______________________________________________ Tech mailing list [EMAIL PROTECTED] http://hawk.freenetproject.org:8080/cgi-bin/mailman/listinfo/tech
