<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html;charset=ISO-8859-15"
http-equiv="Content-Type">
<title></title>
</head>
<body bgcolor="#ffffff" text="#000000">
-----BEGIN PGP SIGNED MESSAGE-----<br>
Hash: SHA1<br>
<br>
Matthew Toseland wrote:<br>
<span style="white-space: pre;">> On Fri, May 19, 2006 at
09:36:13PM +0200, Helge Preuss wrote:<br>
>> One, can't everybody discover you run freenet by doing a
portscan on<br>
>> your computer? I assume that would be a more efficient way to<br>
>> mass-detect freenet nodes than smuggling hostile nodes into
freenet -<br>
>> especially if you're a government agency with broad
resources.<br>
><br>
> No. They can't.</span><br>
Why not? There must be some protocol freenet clients (or peers) use to<br>
communicate, right? If you initiate that protocol for every port, you<br>
must find a running freenet client, right?<br>
<span style="white-space: pre;">>> Two, they mentioned that a
major aim is to get many people to run<br>
>> freenet. That is obvious. But how would you achieve this
goal if<br>
>> people are forced to *personally know* other people
connected to the<br>
>> network? What do I do if I'm, say, a dissident with no
special<br>
>> knowledge of computers and no hacker friends either?<br>
><br>
> You're in trouble in any case in that situation, because opennet
*will<br>
> be harvested and blocked*. Last year the chinese blocked freenet
0.5, not<br>
> by harvesting, but by its protocol signature (that shouldn't be
possible<br>
> with 0.7); they will harvest and block if they have to.<br>
><br>
>> Do I just give up<br>
>> and sit on my single freenet node? Or do I turn to a
centralized<br>
>> service, thus rendering the web of trust obsolete?<br>
><br>
> The centralized service will be blocked.</span><br>
True. So I just forget about it?<br>
<span style="white-space: pre;">>> Maybe (probably) I
misunderstood something. But I don't see how the<br>
>> two goals - trusted connections and wide coverage - go
together. And<br>
>> given that you can be detected with a portscan anyway, isn't
it<br>
>> practical just to forget about the web of trust and maximize
coverage<br>
>> instead?<br>
><br>
> No, *you cannot be detected with a portscan*. And if we were
*only*<br>
> interested in numbers, we'd be building Kazaa, not Freenet.</span><br>
Kazaa might be not such a bad idea. If everybody and their grandma<br>
were running freenet, using it would not be suspicious and it would<br>
work much better (disregarding scaling issues which might turn up with<br>
such a large user base).<br>
Seriously though, how do you plan to *ever* achieve a significant<br>
coverage (and make a significant contribution to privacy in this<br>
world) if you put off newbies?<br>
It's not that I have answers, just trying to understand.<br>
<span style="white-space: pre;">>> Regards<br>
>><br>
>> Helge</span><br>
<br>
-----BEGIN PGP SIGNATURE-----<br>
Version: GnuPG v1.4.3 (GNU/Linux)<br>
Comment: Using GnuPG with Mozilla - <a class="moz-txt-link-freetext" href="http://enigmail.mozdev.org">http://enigmail.mozdev.org</a><br>
<br>
iD8DBQFEbkamMfG7Vu9K+FQRApmdAJ9pyrXsMUoGAuZJFMITNvk+5n4sLACgqjgT<br>
soKLQbIt4dHDd/LKE4cL7o0=<br>
=MmD8<br>
-----END PGP SIGNATURE-----<br>
<br>
</body>
</html>