[freenet-chat] Freenet 0,5 or 0,7

Tue Aug 29 16:43:07 UTC 2006

NextGen$: I don't think you should call people trolls who are merely trying
to expose the weaknesses of freenet to make it better. Isn't that what you
guys want us to do? We're all in the same boat here.

You stated that you believe computer based attacks on Freenet are much
easier than social engineering, and therefore support the fact that freenet
should be an invite only network.

But, I don't think this model's going to work, for several reasons:

First, the guiding principle behind freenet right now is anonymity in the
numbers of a large number of users doing all sorts of different things. They
may easily know you're using freenet, but it's extremely difficult to prove
WHAT you downloaded. In other word it's very difficult to get specific
evidence against a specific freenet user.

True, if freenet becomes illegal, the opennet may not work, but what's the
worse that's going to happen? They put up a national firewall making freenet
unusable, or freenet users will just get a message from their ISP saying
they better stop or they'll be kicked off. This may not happen until 3-5
years from now, even though it may be illegal on paper in France already. 

The darknet concept does not provide this sort of anonymity, you are exposed
to the people you "trust", I haven't heard a single response to the
question: what happens if someone in your darknet gets busted or a spy
manages to infiltrate by joining? They instantly have reasonable grounds to
assume that you are engaged in the same activity, since you're part of the
same ring. This should be enough to bust you as well.
They also now have the ability to specifically monitor WHAT you downloaded.
Plus your "trusted" friend could easily rat on you. And that's that.

How can you underestimate the importance of this?

In contrast in opennet if a user gets busted, yes they may get a seedfile of
hundreds of different users in many different countries all engaged in
different activities. That's nice, they know all these people are using
freenet, but it will not give them specific evidence against anyone, unless
they do some extremely complex traffic analysis, spanning multiple countries
and ISPs.

And your comment about social engineering being more difficult, that doesn't
really apply to today's situation, since right now all it takes is going on
IRC to join. When is freenet planning to go underground then? 

I guess the entire 0,7 testing group will have to break into groups of
darknets of 2-3-4 people that trust each other in real life. If it goes
underground with a few hundred hard core enthusiasts, where's the fresh
content going to come from?

And half will be left outside without a darknet. I personally will have to
form a one person darknet then.

Van

-------Original Message-------

From: NextGen$
Date: 08/28/06 19:46:46
To: urza9814 at gmail.com
Cc: chat at freenetproject.org
Subject: Re: [freenet-chat] Freenet 0,5 or 0,7

* urza9814 at gmail.com <urza9814 at gmail.com> [2006-08-28 12:51:28]:

> On 8/28/06, NextGen$ <nextgens at freenetproject.org> wrote:
> >* urza9814 at gmail.com <urza9814 at gmail.com> [2006-08-28 11:13:24]:
> >

[snip.]

> >> On 8/28/06, NextGen$ <nextgens at freenetproject.org> wrote:
> >> >* - <van2 at vipmail.hu> [2006-08-27 19:45:27]:
> >> >How do you explain that all terrorist cells haven't been busted so ?
> >> >
> >>
> >> Um...they're small groups of people that know and trust each other
> >> really well. And they're isolated. That'd be like having a few hundred
> >> 50-100 person darknets with no communication between them and people
> >> only invite the people they've known for many, many years.
> >
> >You shouldn't connect to people you don't trust, full stop.
> >
>
> If I only connected to people I trust I'd end up with a darknet of 2.
> That's not very useful.
>

That's usefull.

> >> >> Also, it just isn't realistic to think that people will know others
in
> >> >real
> >> >> life that they
> >> >> can trust with the kind of things they need anonymity for. A
minority
> >> >> of people will have such connections, but the majority will not!
This
> >> >will
> >> >> mean that
> >> >> for freenet to be viable it will always need to have a public
> >mechanism
> >> >for
> >> >> joining.
> >> >
> >> >That's debatable... Gmail hadn't and has been successfull.
> >> >
> >>
> >> How the hell can you even CONSIDER comparing Gmail to freenet?
> >> Gmail isn't anonymous.
> >
> >Gmail is an invite-only system as freenet
> >
>
> Freenet isn't really invite only.

how so ?

> >> If I invite a government agent to Gmail, that's not gonna screw me over

> >
> >It won't on freenet either... It might.
> >
>
> Well, there's no possibility of that at all on Gmail.

Why do you think they keep who has introduced you then ?
I bet that it's a convenient way of fighting against spam. The catch a
spammer and ensure that his "invitees" aren't spammer.

> >> I don't have to send a file to someone to get them to join Gmail.
> >
> >You've to send them a mail, wich is kinda the same thing.
> >
>
> ehh...not really. You just type their email addy in a box.

We could have the same thing on freenet. Maybe we will.

> >> There's no security risk with just sending Gmail invites to random
> >people.
> >
> >If the fact of running freenet is illegal in your country opennet won't
> >help
> >at all ;)
> >
>
> It's not.

Freenet is already illegal here in France, I doubt it's legal in China
either.

[snip.]

Maybe you could answer to points I've snipped.

> On the darknet you know exactly who you're connected to. On the
> opennet you don't. More deniability, and harder for governments to use
> one compromised node to get to others.

That a false assumption. Your ISP does know who you're connected to, even on
opennet! Let's take an example, since a law called LEN, french ISPs have to
keep logs of EVERYTHING going through their wires for up to 6 months!!!!

Of course that silly law is hardly possible to apply... but still.

> If the chinese government
> captures one node on a darknet, chances are most of the connected
> nodes are also in China. If they capture one node on an opennet,
> chances are they can maybe bust one or two of the other known nodes.
> And opennet works better. Security might be debatable, but I have yet
> to see an argument saying that performance would be better on a
> darknet.

see above... on that point it's again worst with opennet than darknet
because
opennet's connections can be spotted by cheap traffic analysis ... on
darknet
it's more expensive ... and won't be doable when we have got steganographic
transport plugins.

> Besides, look at all the existing opennets. I've never heard of anyone
> getting busted on Freenet 0.5...I've never heard of a string of
> arrests on ANY P2P network where they, say, captured one guy's
> computer and then watched who downloaded from him. That type of attack
> would be a lot more efficient on a darknet.
>

Maybe because such networks aren't popular enough to be targeted ?
Maybe because they don't need to make an example out of those poor guys ?

> >> >Keep in mind that the "known attacks" agaisnt freenet are only
> >> >probablilistic ones ... "It's likely that your have
inserted/downloaded
> >> >that
> >> >key" : it's always a matter of plausible deniability.
> >> >
> >> >> Are "the bad guys" really going to spend millions on high tech
> >> >> computers to break a network, when all they have to do is join it?
> >> >Thinking
> >> >> we can keep them out is absurd! Any current member of 0,7 could just
> >as
> >> >well
> >> >> be or become a spy or a narc or whatever.
> >> >>
> >> >
> >> >You seems to missunderstand the point : you should wonder why would
> >> >opennet be
> >> >more secure... and will see that it's not.
> >> >
> >>
> >> I wonder why a darknet is more secure...and see that it's not.
> >
> >Can't you read what I'm writting ? :)
> >
>
> Can't you read what *I'm* writing? :)
>

I'm replying to every questions/replies from you. You aren't doing the same
for me.

[snip]

NextGen$
_______________________________________________
chat mailing list
chat at freenetproject.org
Archived: http://news.gmane.org/gmane.network.freenet.general
Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/chat
Or mailto:chat-request at freenetproject.org?subject=unsubscribe
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://emu.freenetproject.org/pipermail/chat/attachments/20060829/514c65a4/attachment.htm 