[freenet-chat] Re: Migration path, please! (Re: [freenet-support] Freenet 0, 5 and 0, 7

Matthew Toseland toad at amphibian.dyndns.org
Tue Aug 29 19:46:17 UTC 2006 

(Moved to chat)

On Thu, Aug 24, 2006 at 08:52:16PM -0400, urza9814 at gmail.com wrote:
> opennets are only bad in certain circumstances. The USA is not yet one
> of them. 

That depends. China, Iran, and arguably France are. The EU may be in the
very near future. And if the network is being actively (electronically)
attacked (flooding etc), which is not yet legal for the RIAA etc in most
countries, a darknet is better.

> With a darknet, it may be harder to get into the network, but
> once your in it's a LOT easier to identify who is sharing and
> inserting what files. 

How so? If you are on opennet, you know your peers' IPs and can run
correlation/timing/etc attacks against them. If you are on darknet, you
know your peers' IPs, and can run correlation/timing/etc attacks against
them. I don't see why darknet is less secure.

> So it could be argued that a darknet is much
> riskier than an opennet. In a darknet, everyone else pretty much knows
> who you are.

Not true. YOUR PEERS know exactly who you are. That's it! Their peers
don't know who you are, nor does the rest of the network.

> As soon as one computer on the net gets compromised or
> one person decides they don't like what you're doing, you're all
> pretty much screwed. 

Still nonsense.

> I mean, I'm no expert on darknets, but it seems
> that if you only have 5 or 10 connections, and you always have the
> same connections, and you have IRC logs swapping node refs and, better
> yet, the actual node ref...it would be pretty easy to figure out what
> nodes host what files. In an opennet, this kind of thing is expected
> and protected against.

How is it protected against on opennet? Correlation and timing attacks
are quite possible on both opennet and darknet, but on opennet you can
identify every node and connect to all of them. Defences against
correlation attacks are hard, and even more so on opennet, because we
have even less chance of knowing which nodes are "real".
-- 
Matthew J Toseland - toad at amphibian.dyndns.org
Freenet Project Official Codemonkey - http://freenetproject.org/
ICTHUS - Nothing is impossible. Our Boss says so.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://emu.freenetproject.org/pipermail/chat/attachments/20060829/0abf1d87/attachment.pgp

More information about the chat mailing list