[freenet-dev] How far can we go in abusing the network in order to debug it?

Colin Davis Colin at sq7.org
Fri Mar 23 14:48:18 UTC 2007 

I worry that given that the Freenet Project has always been a very 
public project, and relies heavily on donations to continue to develop, 
headlines like "Freenet Authors add tracking code" aren't going to 
endear you to people.

And while I certainly understand the idea, and I understand that the 
security risks aren't actually that major compared to the existing 
infrastructure and a determined hacker, I don't think it'd play well 
with the Slashdot crowd. They aren't exactly world-renowned for 
listening to nuanced arguments before making judgments ;)

Just my thoughts,
Colin



Matthew Toseland wrote:
> How far can we go in abusing the production network in order to make it
> work? The testnet is never likely to be large enough to be a useful
> model. What I propose is that on swap requests, which already include
> the location of the node, and the locations of its peers, we also add a
> unique ID (say the first 8 bytes of some hash of the identity) for the
> node and each peer.
> 
> This would make it easier to map the network. It is already possible to
> map the network but it is a lot of work and a lot of uncertainty,
> because we don't know about every swap so we have to try to do partial
> matches.
> 
> This may make some attacks easier. Having said that, with the current
> swap requests, you can probably identify the topology close to you with
> some confidence. The main benefit here is in identifying the topology
> further away more reliably. Which isn't that interesting for attackers
> unless they've been e.g. watching #freenet-refs and can match an IP
> address to each node on the network. Even then, there are much easier
> attacks, and correlation attacks on nodes 4 hops away may not have
> enough information.
> 
> The benefit is we could test all our pet theories about the shape of the
> network being completely broken due to #freenet-refs . We could gather
> real world information about node uptimes, location swapping, location
> clustering. It would of course be spoofable, but only to the extent that
> location swapping is already spoofable. It would double the size of the
> swap request packets, but these are fairly small.
> 
> What do you think?
> 
> 
> ------------------------------------------------------------------------
> 
> _______________________________________________
> Devl mailing list
> Devl at freenetproject.org
> http://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

More information about the Devl mailing list