[freenet-chat] Web-of-trust questions

Helge Preuss scout at hyperspace-travel.de
Fri May 19 22:28:54 UTC 2006 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Matthew Toseland wrote:
> On Fri, May 19, 2006 at 09:36:13PM +0200, Helge Preuss wrote:
>> One, can't everybody discover you run freenet by doing a portscan on
>> your computer? I assume that would be a more efficient way to
>> mass-detect freenet nodes than smuggling hostile nodes into freenet -
>> especially if you're a government agency with broad resources.
>
> No. They can't.
Why not? There must be some protocol freenet clients (or peers) use to
communicate, right? If you initiate that protocol for every port, you
must find a running freenet client, right?
>> Two, they mentioned that a major aim is to get many people to run
>> freenet. That is obvious. But how would you achieve this goal if
>> people are forced to *personally know* other people connected to the
>> network? What do I do if I'm, say, a dissident with no special
>> knowledge of computers and no hacker friends either?
>
> You're in trouble in any case in that situation, because opennet *will
> be harvested and blocked*. Last year the chinese blocked freenet 0.5, not
> by harvesting, but by its protocol signature (that shouldn't be possible
> with 0.7); they will harvest and block if they have to.
>
>> Do I just give up
>> and sit on my single freenet node? Or do I turn to a centralized
>> service, thus rendering the web of trust obsolete?
>
> The centralized service will be blocked.
True. So I just forget about it?
>> Maybe (probably) I misunderstood something. But I don't see how the
>> two goals - trusted connections and wide coverage - go together. And
>> given that you can be detected with a portscan anyway, isn't it
>> practical just to forget about the web of trust and maximize coverage
>> instead?
>
> No, *you cannot be detected with a portscan*. And if we were *only*
> interested in numbers, we'd be building Kazaa, not Freenet.
Kazaa might be not such a bad idea. If everybody and their grandma
were running freenet, using it would not be suspicious and it would
work much better (disregarding scaling issues which might turn up with
such a large user base).
Seriously though, how do you plan to *ever* achieve a significant
coverage (and make a significant contribution to privacy in this
world) if you put off newbies?
It's not that I have answers, just trying to understand.
>> Regards
>>
>> Helge

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFEbkamMfG7Vu9K+FQRApmdAJ9pyrXsMUoGAuZJFMITNvk+5n4sLACgqjgT
soKLQbIt4dHDd/LKE4cL7o0=
=MmD8
-----END PGP SIGNATURE-----

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://emu.freenetproject.org/pipermail/chat/attachments/20060520/473a89b2/attachment.htm

More information about the chat mailing list