-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 >>>> However, before going on to build a more clear analysis of the costs >>>> necessary to detect such communication, humor me - assuming that >>>> cost to attack (2) is less than the cost of (1), do you agree that >>>> further improvements upon (1) is immaterial to the practical anonymity >>>> of those who require Freenet/dark? >> >>> Well of course, if it is easy to find all nodes, then there is little >>> point in building in heavy anonymity once you're on the network. That >>> was the whole motive behind the 0.7 darknet! >> >> Agreed. >> >> Just to clarify, "easy" there means both less expensive than attacking >> the anonymity techniques of Freenet/dark (aka (1)) and within the >> capabilities of an intent attacker.
> I am not sure I would say it is "easy", but it is definitely possible > - remember Freenet was never designed to prevent third-parties from > discovering that you are running a Freenet node (very few anonymity > protecting systems have this requirement). We have added this as a > requirement in 0.7 hence the move to a darknet approach. I personally wouldn't say "easy" either - Toad's words, not mine. But as you say, it is definitely possible. I know the original Freenet wasn't designed to go dark, but the question at hand is whether Freenet/dark will be useful for what it is being tasked with. If it is feasible for a state level adversary to mount an attack which can identify a large majority (or all) Freenet/dark nodes in their jurisdiction/control, the question becomes how expensive that attack is. Simply put, Freenet/dark will not be useful in situations where such an attack is economically viable and technically possible. Whether it is useful in situations where that attack is not economically viable or not technically possible is a different question (answered by analyzing the anonymity and security of (1), rather than (2), as we are doing here). I'll try to get a more detailed analysis of the costs and viability of such an attack later tonight, but it may have to wait until tomorrow. =jr -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFDTAaSWYfZ3rPnHH0RAh5xAJ0ccVejZxeS9MZQlfPcb+idAJBkSgCfdana EGDlEPzjofDAb+mSBBB8c8E= =etFe -----END PGP SIGNATURE-----
