-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Toad, et al
I've also read identiguy's blog, and I must say that while I don't entirely agree with his interpretation (as there /are/ ways for Freenet to move forward to meet real user's unmet needs) it does seem that a large amount of the motivation and tech being worked on could be reused from other sources, rather than reinvented. Its a bit of a shame, as for hard anonymity, users *need* medium to high latency comm, the likes of which Freenet is in a position to specialize in. In addition, for those who need hard anonymity against state level adversaries, low latency comm will never be sufficient. Turning Freenet into yet another low latency mix network doesn't seem like a great idea. You've also suggested ulterior motives behind this duplication, both in private and in public, but I'll only respond to the technical issues here. I think you owe it to your users to put any ulterior motives out of bounds when evaluating the technical needs for anonymity. With all the discussion of working against hostile regimes, I'm not sure the skill and dedication of state level adversaries has been sufficiently taken into account. They're not going to sit there with static passive attacks, but move on to dynamic active ones. There's a whole lot that hasn't been explained about how the darknet will offer any sort of anonymity against traffic analysis, blending attacks, local view attacks, intersection attacks, predecessor attacks, or even, yes, harvesting attacks. Harvesting is slower in a trusted links network, but it merely slows it down, not stops it. To be a little more provocative, how many dead users is OK with you? Yes, I know, "but people are using Freenet in China now!" I had a similar discussion with some people working on anonymous blogging a few months back. Yes, you can do wonders when there are only a few people using it - security through obscurity *does* work - as long as its not popular enough for them to bother attacking. However, once you automate things and get a large number or vocal group using it, you can expect actual resources to be expended. The Chinese government is capable of a whole lot more than simply filtering a few protocol bytes. It just doesn't make economic sense for them to do so, yet. (and no, as I sent you I2P's SSU spec [1] a few months back, we don't expose any repeatable bytes) [1]http://dev.i2p.net/cgi-bin/cvsweb.cgi/i2p/router/doc/udp.html?rev=HEAD As I've said in other venues, nothing - no tech or theory out there today - is sufficient for offering reasonable anonymity against a dedicated state level adversary. I've yet to see any evidence suggesting that I'm wrong, even though I'd love to be. I hate quoting other people's opinions, but I saw a post on the tor list the other day from Syverson echoing the same sentiment - "I don't think any of the proposals to date will provide [dissidents in repressive countires] good protection." Obviously, we'd all love if it if we're wrong, but arm waving isn't enough. > No, it is not using premix routing. I have come to the conclusion that > it is very difficult to implement premix routing securely on a darknet. > It is using rendezvous-at-a-key and provides multicast streams, which as > far as I know I2P cannot do. We will also have 1:1 streams on a similar > basis. This is the first I've heard that Freenet won't be using premix routing, contradicting dozens of posts by you and Ian to the contrary. Is there any information available as to the anonymity implications of what is actually going to be implemented? Regarding multicast, I2P is certainly not a player in that field. The efficiencies of multicast alone aren't that great when you're not working on an inherently multicast layer (e.g. a single cable), so I'm happy with app layer multicast. Content distribution networks (like usenet, feedspace, or syndie) offer app layer multicast on I2P. > I2P does not meet the needs of the users. Specifically, I2P is harvestable. > I2P will always be harvestable, as far as I can see. Talking about helping the theoretical users in hostile regimes while real live users in "western" regimes still face the same problems is masturbation. Until the "easy" problems are addressed, what makes you think the "hard" ones will be any easier? Soundly beat back the fascists in the west, *learn from those battles*, and you'll be in better shape to attack those of more hostile regimes. As for harvesting, I do think that's a red herring. Freenet, even the "darknet", is harvestable. Its just slower. Repeating what I said above, how many dead users is OK with you? > Now, I'm not saying Freenet totally solves the problem, but I2P doesn't even > pretend to solve the problem. I'd rather be open and honest than pretend about security and anonymity issues. As an aside though, I2P can and will operate with restricted routes (currently scheduled for I2P 2.0). These restricted routes sound pretty much exactly like the proposed "hybrid" network, where the majority of peers are reachable but a few at the edges are behind trusted/restricted links. We've discussed this a few times, and your response to this has been that its pointless unless all peers operate on restricted routes. I'm glad to hear you're coming to agree that its not. > And it can scale, because social networks are small world. As I've said off-list several times, I look forward to seeing any information suggesting that whats proposed can deal with actual resource scarcity. Suggestions that it'll magically balance out the load does not fly with me, and if there's one thing that should have been learned so far, its that resources are scarce. > Recently people on the IRC channel have told me that I2P is very slow > recently. C'mon toad, you don't even try out I2P occationally? I mean, sheeit, it only takes what, 5, 10 minutes to get running, and requires 0 config (no holes to punch or ports to forward). I've got Tor and Freenet installed, and while I don't use them all the time, I do poke occationally, see what people are up to. Is I2P pushing 500KBps? Nope. But people are pushing a steady 15-20KBps on I2Phex (a gnutella port), and I've seen i2p-bt pull 80-120KBps, though its often less. Bugs, et al, you know how it goes. > I2P does not provide all the functionality Freenet does (e.g. document > storage), but even if it did, it would not be a viable replacement for > Freenet 0.7 for the simple reason that it is harvestable. There is Syndie, an anonymous blogging tool (which in fact can run on top of Freenet too - yes, I finally built flogger/myi2p), but you're right, I2P alone doesn't aim to provide all the functionality that Freenet does. I've got my hands full just getting the core network going well, as I suspect you do too. It sounds like the only real reason for Freenet not to reuse I2P is because I2P "is harvestable". Given that Freenet "is harvestable" both in the public and "dark" variants, and that the hybrid variant works nearly identically to I2P's 2.0, I'm not sure I follow. I2P isn't the end-all-be-all, and of course it'd be appropriate for you to review whether to build on top of Tor instead. Or, perhaps if there are things I2P does that you think can be improved, you could help us improve them. As hobx said a few months back though, if Freenet requires a premix routing layer to offer anonymity, the appropriateness of Freenet's remaining anonymity techniques come into question. As I said in I2P's tech intro doc [2], "Freenet's functionality is very complementary to I2P's, as Freenet natively provides many of the tools for operating medium and high latency systems, while I2P natively provides the low latency mix network suitable for offering adequate anonymity. The logic of separating the mixnet from the censorship resistant distributed data store still seems self evident from an engineering, anonymity, security, and resource allocation perspective, so hopefully the Freenet team will pursue efforts in that direction, if not simply reusing (or helping to improve, as necessary) existing mixnets like I2P or Tor." [2]http://dev.i2p.net/cgi-bin/cvsweb.cgi/i2p/router/doc/techintro.html?rev=HEAD </asbestos_underpants> =jr -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFDQ/QOWYfZ3rPnHH0RAhBHAJ4ryhr+BezrpH3UX3r5Z6iHdl6EcACfftV1 IBoiYeZAhjNFNp4XG0rZLLY= =caj/ -----END PGP SIGNATURE-----
