On Wed, Oct 12, 2005 at 03:57:59PM -0400, jrandom at i2p.net wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > > Apart from that... your argument is that you don't need global traffic > > analysis to identify users, right? Well, probably this is true. You need > > enough intelligence to see "hrrm, this user has VoIP connections to > > these 5 other users 24x7... this doesn't seem very likely!". Right? > > Right. > > For Freenet/dark to have any sort of obscurity (aka to be different from > Freenet/light), its traffic patterns need to be plausible and acceptable. > > Freenet/dark will still use long lasting bidirectional sessions, moving > lots of data, right? What, other than p2p filesharing, looks anything > like that?
What is the situation with regards to conventional P2P in oppressive regimes? Certainly piracy is tolerated... Presumably they attempt to block P2P as they can't really run their own supernodes! OTOH, they could probably just kill connections on seeing certain keywords in most cases as most of them don't encrypt their connections...? In Europe, ISPs will soon be required to record VoIP contacts for future analysis by law enforcement. I don't know if they expect to do this by going to the VoIP companies themselves... surely some of them are out of jurisdiction, and some of them are P2P. So presumably they will have to do this via traffic analysis. Meaning that they probably have the ability to do simple logging on any and all connections of specific types asked for, in current hardware. Which could then be fed to a government box, rather than just picking the required data out and storing it, as will be required soon here... If we sacrifice real-time delivery, then we can make freenet traffic look vaguely plausible, but it will still be between the same set of peers. So it should be reasonably easy to build a back-end to find it, over a longish period, say 6 months, based on traffic data kept... Which leaves us with sneakernet, wifi, schemes with PDAs and so on. Which are much more difficult to set up and use, but are hard to find, and can still scale into a usable-size network (I have previously explained why I think scale is useful), using more or less the same routing and structures as we will have in 0.7. So, even if 0.7 is not usable as such in hostile regimes for long, it will function as a usable prototype. Incidentally, your argument about small-scale systems slipping under the RADAR is bogus. If the Chinese cared enough to take the above measures, they would certainly be able to systematically block ordinary web proxies (by scanning traffic for absolute URLs), rather than having the current farcical situation of "the government is subscribed to the proxies mailing list, so proxies get blocked in a day or so". Now, perhaps this has already happened; I suspect Ian's info is way out of date... Scale is useful for two reasons: 1. You don't want to organize tiny groups of militants. They are quite capable of using PGP. What you want to do is take free speech to the masses. 2. The reason the internet is more useful than pre-internet AOL or an old non-networked BBS is that it is global. > > =jr -- Matthew J Toseland - toad at amphibian.dyndns.org Freenet Project Official Codemonkey - http://freenetproject.org/ ICTHUS - Nothing is impossible. Our Boss says so. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: Digital signature URL: <https://emu.freenetproject.org/pipermail/tech/attachments/20051012/055056df/attachment.pgp>
