#freenet IRC Log
Index
IRC Log for 2005-08-13
Timestamps are in GMT/BST.
[0:10] * LeeFi (n=LeeFi@pool-71-112-103-237.sttlwa.dsl-w.verizon.net) Quit ("ChatZilla 0.9.61 [Mozilla rv:1.7.11/20050728]")
[1:25] * Romster (n=Romster@tor/session/x-2c2656495f6ce30a) has joined #freenet
[2:11] * y007pig (i=y007pig@222.94.122.166) Quit ()
[2:59] * Roster (n=Romster@tor/session/x-8e8447f3edfd85fe) has joined #freenet
[2:59] * Romster (n=Romster@tor/session/x-2c2656495f6ce30a) Quit (Nick collision from services.)
[3:00] * Roster is now known as Romster
[3:37] * y007pig (i=y007pig@222.94.122.166) has joined #freenet
[4:03] * MHq (n=whocarez@81-208-106-73.ip.fastwebnet.it) Quit (Read error: 104 (Connection reset by peer))
[4:20] <warpi> toad_: hum, okay. but what if you sent the packages with a spoofed ip, and use another node inbetween to checksum etc, isn't that possible?
[4:23] * y007pig (i=y007pig@222.94.122.166) Quit (Read error: 110 (Connection timed out))
[5:02] * Hory (n=Miranda@82.78.27.85) has joined #FreeNet
[5:06] <toad_> hi
[5:06] <toad_> warpi: difficult to do spoofed IP on java, and many ISPs have proper filtering in place
[5:06] <toad_> not a long term solution
[5:07] <toad_> long term solution is the darknet - don't let Them find nodes easily
[5:08] * warpi^ (i=Miranda@h95n2fls32o1006.telia.com) has joined #freenet
[5:08] <warpi^> toad_: godmorning!
[5:09] * warpi (i=Miranda@h95n2fls32o1006.telia.com) Quit (Read error: 104 (Connection reset by peer))
[5:17] * toad_ hmmz
[5:17] <toad_> LOTS of unmatchable packets from 69.196.228.78:33470
[5:17] <toad_> which is build 62, so presumably that is why...
[5:18] <warpi^> so it is still possible to send spoofed packages?
[5:19] <toad_> on SOME ISPs
[5:19] <toad_> there's a P2P that uses this
[5:19] <warpi^> aha, okay
[5:19] <warpi^> what application does?
[5:20] <toad_> not sure i remember
[5:20] <toad_> search for it
[5:20] <warpi^> oki. because, whouldn't that make it much more anonymously?
[5:23] <toad_> not much
[5:23] <toad_> if we rely on that, we're dead when it goes away
[5:23] <toad_> it's not a long term proposition
[5:23] <warpi^> aha, yeah, that's true
[5:23] <toad_> and it would only be useful to protect the node which sends the data, not the requestor
[5:24] <warpi^> yepp, that's true
[5:24] <warpi^> but you said that it will be hard to know wich node that sent in extreme situations, with much traffic. why not make that a normal situation
[5:25] <warpi^> maybe working like this: when downloading, download from multiple sources, and at the same time, download other files, wich makes it very hard to know wich ones that really have the files or not
[5:26] <warpi^> since all data is encrypted, you can never tell for surtain that one ip did sent the content
[5:26] <toad_> we already have plenty of cover traffic. that's because nodes relay data from node to node rather than returning it directly
[5:27] <warpi^> ya, but i suppose that is slower than to send directly and have other computers sending other files wich covers
[5:28] <toad_> yes but it means it is cached
[5:28] <warpi^> otherways sometimes you could tell wich ips was involved in the transport, and thoes computers might be accused
[5:28] <toad_> which makes it faster in future
[5:28] <toad_> you can anyway, spoofing provides only marginal security
[5:28] <warpi^> but only old files. content likes to be updated freqvently so.
[5:28] <toad_> you still have to send the search
[5:29] <toad_> most content is "old files". updatable stuff is likely to be a very small amount of data which links to CHKs and so on
[5:31] <warpi^> hum, i suppose that's were i think different :)
[5:31] <toad_> well architecturally, most things are CHKs, and SSKs point to CHKs
[5:31] <toad_> SSKs will be editions and DBRs and in future TUKs
[5:31] <toad_> i.e. updatable
[5:32] <toad_> but as far as updatable stuff goes, you have to insert it and get it to lots of nodes
[5:32] <toad_> NOT serve it as fast as possible from the One Source Node
[5:32] <toad_> because if you do they'll just find it and take it out
[5:32] <toad_> you need it cached lots of places as people request it, like bittorrent
[5:33] <toad_> unless its something like an IRC channel, in which case you need some sort of stream rendezvous
[5:36] * joobz (n=booj@cust2488.vic01.dataco.com.au) Quit (Client Quit)
[5:38] <warpi^> yeah, but the anonymous is a question of how many nodes that is inbetween, i mean, it could be just a secure, and controlled security, if the option was there like this:
[5:38] <warpi^> when publishing, choose how many HTLs it have to spread through until it's accessible on the net
[5:39] <toad_> no, anonymous is a matter of how many nodes MIGHT have been the original request source
[5:39] <toad_> we can greatly improve this through a technique called premix routing
[5:39] <toad_> but it's hard :|
[5:40] <warpi^> hehe, but, improving it, does that mean that it dosen't have to go through as many nodes as it would have otherways?
[5:40] <toad_> HTL on insert is a matter of pushing it far enough to be useful, not a matter of anonymity
[5:40] <toad_> why does it matter how many nodes it goes through? premix routing would use a small mixnet-routed chain of requests (with some crypto) before the beginning of any request (like with the cypherpunk remailers)
[5:41] <warpi^> why not? if lets say you choose HTL5, then the next computer that recieves it gets HTL4, but it don't know that the computer before was the publicher, so, for him it could be 25 computers before etc
[5:41] <toad_> the problem with HTL is that you have to start at some value
[5:41] <toad_> that value will normally be known, and there will be a limit
[5:41] <toad_> so it gives away loads of info
[5:42] <toad_> so we always start at 20, and pass on 20 for roughly 10 hops, in 0.7
[5:42] <warpi^> yes, you can choose with whatever u want. HTL0 to HTL100. that is impossible
[5:43] <toad_> what is impossible?
[5:43] <warpi^> i mean. it's impossible to know who sent it if there is possible to publish it with HTL0 to HTL100, since the information is encrypted between all nodes
[5:44] <toad_> it's impossible anyway for a passive attacker
[5:44] <warpi^> you don't know how many steps back there is, and it's like going through hell to find out who just sent it between one computer to another
[5:44] <toad_> yeah, but HTL100 means that ONE HUNDRED NODES will get the data
[5:44] <toad_> this is one hell of a waste of bandwidth
[5:44] <toad_> and it makes flooding really easy
[5:45] <toad_> and in practice everyone will use HTL 100 because if they don't they'll be flooded out by everyone else
[5:45] <warpi^> what i mean with HTL100 when publishing, is that it has to be sent through 100 computers until the last computer make it possible for downloading
[5:45] <toad_> been there, done that :)
[5:45] <warpi^> haha
[5:45] <toad_> no
[5:45] <warpi^> i mean, htl100 is to much, htl20 is enough
[5:45] <toad_> we do not move the content to only one computer
[5:45] <toad_> that would be absurd, and wouldn't work very well as nodes go down very often
[5:46] <toad_> and if you could find that one node, you could kill the file
[5:47] <toad_> the whole point is popular stuff gets cached on many nodes, and unpopular stuff on few nodes (or it drops out completely)
[5:47] <toad_> warpi^: want to help us test the darknet? :)
[5:47] <warpi^> but it's a question about security, if you made the data hidden until it has reached htl5, it will be much harder to trace
[5:47] <toad_> how can it be hidden?
[5:48] <toad_> only way it can be hidden as far as i can see is premix routing
[5:48] <warpi^> the data is encrypted between the nodes, and will not be possible to access until it has reached the last computer
[5:48] <toad_> and we will implement that when we get around to it
[5:48] <warpi^> i'd love to test darknet!
[5:48] <toad_> that is possible but it requires that you know the target node in advance
[5:48] <toad_> usually the only way you know it is because one of the intermediaries told you
[5:48] <toad_> and they might be lying
[5:49] <warpi^> hehe
[5:49] <toad_> so you have to establish trust by getting it through several routes...
[5:49] <toad_> it's hard, that's my point
[5:49] <warpi^> ok, ya, there is several ways to hit this problem
[5:49] <toad_> but HTL is mostly about propagation and searching and limiting the cost of a request
[5:49] <toad_> for hard anonymity you do need premix routing
[5:50] <toad_> anyway /join #freenet-alphatest if you want to help test 0.7
[5:50] <warpi^> i think i have to read more about premix routing
[5:50] <warpi^> great!
[5:58] * warpi (i=Miranda@h95n2fls32o1006.telia.com) has joined #freenet
[5:58] * warpi^ (i=Miranda@h95n2fls32o1006.telia.com) Quit (Read error: 104 (Connection reset by peer))
[7:00] * TheSeeker is now known as TheSeeker|zzz
[7:08] <nextgens> hi
[7:57] * erchache (n=xxx@85.136.104.224) has joined #freenet
[7:57] <erchache> hi
[7:57] * y007pig (i=y007pig@222.94.120.222) has joined #freenet
[7:57] <erchache> im using freenet on a powerbook, download lastest tar.gz and fails
[7:57] <erchache> can anybody help me?
[7:58] <erchache> tlaloc:/freenet root# ERROR: tcp/0: Address already in use
[7:58] <erchache> freenet.ListenException: tcp/0: Address already in use
[7:58] <erchache> at freenet.transport.tcpNIOListener.startListener(tcpNIOListener.java:69)
[7:58] <erchache> at freenet.transport.tcpNIOListener.<init>(tcpNIOListener.java:50)
[7:58] <erchache> at freenet.transport.tcpNIOListener.<init>(tcpNIOListener.java:36)
[7:58] <erchache> at freenet.interfaces.BaseLocalNIOInterface.getListener(BaseLocalNIOInterface.java:82)
[7:58] <erchache> at freenet.interfaces.BaseLocalNIOInterface.<init>(BaseLocalNIOInterface.java:140)
[7:58] <erchache> at freenet.interfaces.LocalNIOInterface.<init>(LocalNIOInterface.java:35)
[7:58] <erchache> at freenet.node.Main.startNode(Main.java:1399)
[7:58] <erchache> at freenet.node.Main.main(Main.java:873)
[7:58] <erchache> Could not bind to listening port(s) - maybe another node is running?
[7:58] <erchache> Or, you might not have privileges to bind to a port < 1024.
[8:01] <erchache> jejejeje runs!
[8:02] <erchache> i solve it...changing my ip nat for ip real router
[8:02] <erchache> :D
[8:07] <erchache> ey
[8:07] <erchache> anybody here? :-S
[8:17] * erchache (n=xxx@85.136.104.224) Quit ("Leaving")
[8:19] <toad_> bbiab
[8:24] * warpi (i=Miranda@h95n2fls32o1006.telia.com) Quit (Read error: 110 (Connection timed out))
[8:34] * y007pig (i=y007pig@222.94.120.222) Quit ()
[9:11] <greycat> �
[9:40] <toad_> hi gregh
[9:40] <toad_> hi greycat i mean
[9:40] <toad_> we're still testing... at least we will be when i debug this new bug
[9:40] <toad_> i got a really big old one already though
[9:41] * linyos (n=linyos@AC940CB9.ipt.aol.com) has joined #freenet
[9:43] <toad_> hey linyos !
[9:43] <linyos> toad_: yo yo yo
[9:43] <linyos> what up?
[9:43] * toad_ is debugging the 0.7 alpha
[9:43] <toad_> on #freenet-alphatest
[9:52] <linyos> i think i'm going to take over the world
[9:52] <linyos> that seems like the best solution to our problems with hostile regimes
[9:53] <toad_> sounds like a plan.. then *you* can oppress the masses!
[10:00] <toad_> don't forget to oppress (or buy off) the bourgeoisie!
[10:01] <linyos> i want absolute power over everyone
[10:01] <linyos> so i can put an end to evils
[10:02] <toad_> but first you must destroy freedom. only then will you be powerful enough with the Dark Side to conquer the world...
[10:05] <toad_> anyone want to help me test 0.7? greycat maybe?
[10:07] <linyos> nonsense, i will take over the world peacefully through the power of enlightened self-interest
[10:07] <linyos> i'll found a new city-state and seek market share
[10:07] <linyos> it'll be the best place to live in the world
[10:08] <linyos> just as any firm competes for customers
[10:09] <greycat> 82.32.17.1:8008 CONNECTED Toad node 2 -Fred,0.7,1.0,66
[10:18] * Sugadude (n=Sugadude@anonymous.genetikayos.com) Quit (Remote closed the connection)
[10:21] * Bryan_w (i=Bryguy@r01baw7d3.desktop.umr.edu) Quit ()
[10:23] * Sugadude (n=Sugadude@tor/session/x-20e5863716285bc8) has joined #freenet
[10:26] * Ash-Fox (i=UNKNOWN@edj134.neoplus.adsl.tpnet.pl) Quit (Remote closed the connection)
[10:27] * y007pig (i=y007pig@222.94.120.222) has joined #freenet
[10:40] * Ash-Fox (i=UNKNOWN@edj134.neoplus.adsl.tpnet.pl) has joined #FreeNET
[11:10] * Ash-Fox (i=UNKNOWN@edj134.neoplus.adsl.tpnet.pl) Quit (Remote closed the connection)
[11:25] * Caco_Patane (n=root@OL146-124.fibertel.com.ar) has joined #Freenet
[12:37] * k0301237 (i=k0301237@shell.evtek.fi) has joined #freenet
[12:39] * k0301237 (i=k0301237@shell.evtek.fi) has left #freenet
[12:50] * Caco_Patane (n=root@OL146-124.fibertel.com.ar) has left #Freenet
[13:05] * Ash-Fox (i=UNKNOWN@ecp130.neoplus.adsl.tpnet.pl) has joined #FreeNET
[13:10] <linyos> hmm
[13:11] <linyos> now you have got me thinking again
[13:11] <toad_> hmmm?
[13:13] <linyos> if i were behind the wall, i suppose i would want to have a box on the outside in a western datacenter
[13:13] <linyos> then i could tunnel through to it in whatever way seemed nicest
[13:14] <linyos> so maybe that is a first step, widespread access to inexpensive hosts on the outside
[13:15] <linyos> (then you can run freenet on the box in the datacenter, or whatever)
[13:15] <linyos> and connect via SSH or a web interface
[13:16] <linyos> and of course, there are tons of legit reasons to SSH to some box
[13:16] <linyos> it doesn't even look unusual
[13:17] <linyos> you could be working on your web site
[13:18] <linyos> especially since linux is getting popular everywhere, it would be easy
[13:20] * toad_ ignores linyos's libertopian nonsense...
[13:21] <toad_> :)
[13:21] <linyos> what?
[13:22] <toad_> linyos: a) the average chinese programmer, or doctor, earns $5000/year. the average chinese student has far less. b) if ssh'ing to a western datacenter is a common means to avoid the firewall, sooner or later the authorities will deal with it
[13:22] <linyos> come on, i have a point: it's a very practical answer to the problem of the wall. banning it would cause exactly the kind of collateral damage we were discussing.
[13:23] <toad_> no, if there's money involved, people can always be bought off
[13:23] <linyos> bandwidth & hardware does not cost much these days, we could push the price down. plus you could share the thing with your friends.
[13:23] <linyos> think a virtualized slice of some ordinary box.
[13:23] <toad_> just like Google
[13:23] <toad_> or if there's access involved
[13:23] <toad_> Google, etc etc
[13:24] <linyos> i could start these things myself...
[13:24] <toad_> sure
[13:24] <toad_> but it would be a matter of a dozen or two players
[13:24] <toad_> those that aren't bought off can be blocked
[13:25] <linyos> you'd have to keep it discrete
[13:25] <linyos> but you are no different than any other purveyor of hosting
[13:25] <linyos> except that you keep costs to a minimum
[13:25] <linyos> plus, you don't have to deal directly with the end consumer
[13:26] <linyos> somebody can buy a block of hosts and give them away to his friends behind the wall
[13:26] <linyos> and they can share them, etc
[13:26] <toad_> it's not a scalable solution
[13:26] <toad_> of course I can give some of my friends behind the wall SSH
[13:26] <linyos> why not? is there any principled limit on how many colocated hosts can be sold?
[13:26] <toad_> but what does that ultimately achieve?
[13:26] <toad_> yes
[13:26] <linyos> here's what it achieves:
[13:26] <toad_> the fact is you have to be a Real Business
[13:27] <toad_> and there's only room for so many of those
[13:27] <toad_> and if there are many there will be many crooks too
[13:27] <linyos> the govt can't block you unless it's prepared to scrutinize every SSH connection
[13:27] <toad_> there are problems in life that cannot be solved by a market
[13:27] <toad_> (that should be my signature...)
[13:27] <toad_> yes, they can
[13:27] <linyos> crooks? huh? you just buy the damn host from whatever firm you like
[13:27] <toad_> they block SSH except to registered hosts
[13:27] <toad_> linyos: and how do you find the host?
[13:28] <toad_> how do you find a reputable firm?
[13:28] <toad_> by a market
[13:28] <toad_> so they block the market
[13:28] <toad_> end of problem
[13:28] <linyos> someone on the outside does it for you and gives you the host
[13:28] <trams> what makes you people so sure that they don't implement a gigant ssh proxy
[13:28] <toad_> eeh??
[13:28] <toad_> what's a gigant ssh proxy?
[13:28] <trams> giant
[13:28] <trams> even :)
[13:28] <linyos> joe schmoe in canada buys a block of 100 hosts
[13:29] <linyos> he gives the ips + passwords to his buddies in china
[13:29] <trams> toad_: a machine that you ssh to and then forwards your connection. ofcourse, you need to submit keys to that host
[13:29] <trams> but i guess that is not a problem for a government that wants to keep track of people
[13:29] <linyos> trams: of course, they could simply ban SSH...
[13:30] <toad_> linyos: the vast majority of chinese don't know any sympathetic westerners
[13:30] <toad_> linyos: you haven't solved the hard problems
[13:30] <linyos> toad_: but there is some chain of people through which they do
[13:30] <toad_> anyway
[13:30] <toad_> i'm going to ignore this channel for the next 10 minutes while i do some Real Work
[13:30] <toad_> trams can debate it with you
[13:30] <trams> good luck.
[13:30] <trams> not really
[13:30] <toad_> email me if you think you have a point
[13:30] <trams> i'm cooking
[13:30] <trams> :D
[13:31] <linyos> toad_: it's not much of a debate unless you propose some real reason why this would not serve our purposes...
[13:31] <toad_> linyos: the vast majority of chinese don't know any sympathetic westerners
[13:31] <toad_> linyos: the vast majority of chinese don't know any sympathetic westerners
[13:31] <toad_> linyos: the vast majority of chinese don't know any sympathetic westerners
[13:31] <toad_> linyos: the vast majority of chinese don't know any sympathetic westerners
[13:31] <toad_> linyos: the vast majority of chinese don't know any sympathetic westerners
[13:31] <toad_> linyos: the vast majority of chinese don't know any sympathetic westerners
[13:31] <toad_> linyos: the vast majority of chinese don't know any sympathetic westerners
[13:31] <toad_> yes? this is common ground?
[13:32] <linyos> toad_: but some do and they will manage to have the things bought for them.
[13:32] <toad_> the usual solution would be a market. except that any centralized service can be blocked trivially.
[13:32] <linyos> it's just like any other black market.
[13:32] <toad_> linyos: the rich and well-connected can usually manage
[13:32] <toad_> linyos: they don't need to evade the state BECAUSE THEY ARE THE STATE
[13:32] <linyos> ?
[13:33] * sandos (n=sandos@tor/session/x-0add06f21aea3c57) Quit (Read error: 104 (Connection reset by peer))
[13:33] <linyos> i mean, say you have some friend who knows a friend who is hooked up
[13:33] <linyos> bingo, you can get access
[13:33] <linyos> i don't see that being such a big problem
[13:34] <toad_> throw in some routing, caching and load balancing, and you have.... <drum roll>... darknet freenet
[13:35] <linyos> no, you have a specific research project
[13:35] <toad_> linyos: you can't just span out - 5 hops from me are millions of people
[13:35] <toad_> linyos: in the simplistic, naive and unspecified form you are talking about, it simply does not scale
[13:35] <toad_> yes, i can give a few people shells
[13:35] <toad_> so what?
[13:36] <linyos> tomorrow you will be able to give 10,000 shells
[13:36] <linyos> that's what
[13:36] <toad_> if i give more than a few people shells, i'll get noticed and blocked
[13:36] <toad_> if i give 10,000 people shells i'll certainly get blocked by the Wall
[13:36] <linyos> there would be lots of IPs all over different networks
[13:36] <toad_> HOW DO YOU FIND THEM?
[13:36] <linyos> they would blend in with every other weird server out there
[13:37] <toad_> HOW DO YOU FIND THEM?
[13:37] <linyos> they are given or sold to you via some chain of people
[13:37] <trams> the wall is just a short scale goal to circumvent
[13:37] <toad_> well i suppose the real reason i object is because i'm not convinced there will always be accessible Free places
[13:37] <trams> to be honest
[13:37] <toad_> where we can tunnel to
[13:37] <linyos> some guy in hong kong buys 100,000 shells and sells them on the black market, whatever
[13:38] <toad_> yeah
[13:38] <toad_> he buys 100,000 shells
[13:38] <toad_> and sells them
[13:38] <toad_> one person in that 100,000 is an informant
[13:38] <toad_> suddenly THE ENTIRE BLOCK is blocked
[13:38] <toad_> the supplying company happily betrays the guy who bought them in exchange for continued access to the chinese market
[13:39] <toad_> and you're back to square one
[13:39] <toad_> it does not scale
[13:39] <linyos> so he sells them in small blocks... i'm sure it can be done. but i'll argue this point later when i've thought it through.
[13:39] <toad_> no, it's not
[13:39] <toad_> it's centralized
[13:40] <toad_> centralized = vulnerable
[13:40] <linyos> anyway, if there are no free places, i doubt freenet would survive either
[13:40] <toad_> but in any case it is completely useless in the long term
[13:40] * toad_ is definitely tempted to add the line to his sig "There are problems in life that cannot be solved by markets" to his sig...
[13:41] <linyos> i guess it is vulnerable in the sense that a western regulator could ban selling hosts
[13:41] <toad_> linyos: NO!
[13:41] <toad_> it's vulnerable in that in order to do it cost effectively you would have to buy from large players
[13:41] <toad_> large players can be blocked very easily, and therefore will give in to even the slightest pressure from china
[13:42] * sandos (n=sandos@tor/session/x-5a0e1f6639c02684) has joined #freenet
[13:43] <toad_> the solution is to have an f2f network which maximizes the effectiveness of the few external links it does have through caching and routing, and is not harvestable. that's called freenet.
[13:43] <linyos> why? i can rent a rack+100mbps for $3000/mo. stick in 100 servers, each with 10 virtual hosts, yielding 1000 hosts to sell.
[13:43] <linyos> toad_: maybe
[13:44] <linyos> and maybe freenet is easier to block
[13:44] <toad_> linyos: it has the advantage that even if they get ALL the external links it is still useful internally
[13:44] <linyos> who knows
[13:44] <toad_> linyos: the rich can and probably always have found ways around the firewall
[13:44] <toad_> so what? the rich are part of the system, and they don't care about anything except staying rich (as a class)
[13:45] <toad_> only way to make this sort of thing viable for the not-so-rich is to centralize it
[13:45] * y007pig (i=y007pig@222.94.120.222) Quit ("byebye")
[13:45] <toad_> which means it can be blocked really easily
[13:45] <linyos> but that's like five bucks a month. say you share one host with four friends, that is one buck a month
[13:45] <linyos> that is nothing by any standard
[13:46] <toad_> well, probably not for metropolitan students
[13:46] <toad_> certainly it's a lot of money for the peasants
[13:46] <toad_> but not for the students
[13:46] <linyos> you could have hundreds of wacky anonymous firms selling racks of these things in obscure corners of the net where nobody looks
[13:46] <toad_> but the fundamental problem is marketing
[13:46] <hobx> ah, collectivism, that greatest of stupidities.
[13:47] <toad_> that's the whole problem
[13:47] <linyos> there are no internet cafes out in the hills anyway
[13:47] <toad_> linyos: there are no obscure corners of the net where nobody looks. if the chinese consumer can find it, so can the government.
[13:48] <toad_> linyos: you can perhaps market virally, but if it relies on a central service, you have an upper bound on the number of people you can serve before somebody reports you and the whole block is blocked
[13:48] <linyos> worst case: you expand the pool of IPs somehow
[13:48] <toad_> hobx: was that particular comment aimed at me or linyos?
[13:48] <linyos> with a p2p redirect network, or with subversive routers that
[13:48] <linyos> redirect packets
[13:48] <toad_> oh yes! harvesting! yay!
[13:49] <toad_> and yes of course if you can hack routers you can beat the firewall (it consists of routers!)
[13:49] <linyos> it relies on thousands of providers (at this scale)
[13:49] <toad_> linyos: thousands of providers that nobody can find and therefore have no business and therefore go out of business
[13:50] <hobx> aimed at: rich are part of the system, and they don't care about anything except staying rich
[13:50] <toad_> ahhh
[13:51] <toad_> okay, maybe i should /leave this channel... that might be the most effective way of getting some work done... except that the 7MB zipfile hasn't arrived yet, so i can't debug the Big Bug :<
[13:51] <hobx> Some defcon photos:
[13:51] <hobx> http://hobx.mine.nu/usa2005/
[13:51] <linyos> toad_: just focus on what led me to consider this: if i were behind the wall, the first thing i'd want would be a shell on the outside.
[13:51] <toad_> hobx: obviously the poor don't deserve to live, and the rich are interested in nothing but helping each other, the poor being not worth helping :)
[13:51] <hobx> (You have to scroll down 3/4ths)
[13:51] <linyos> toad_: so, the question is can i get it?
[13:52] <linyos> by some means, in some way?
[13:52] <toad_> linyos: yes, if you have friends on the outside
[13:52] <linyos> for free, or for a price i can afford?
[13:52] <linyos> toad_: so how can we make it easier?
[13:52] <toad_> if you have friends on the outside, and you don't share it too widely, you can get one
[13:52] <linyos> to expand the set of people who can have this desirable service?
[13:53] <toad_> not by centralizing it to push the cost down
[13:53] <linyos> that is a legitimate challlenge
[13:53] <toad_> that will only result in it being blocked
[13:53] <linyos> indeed
[13:53] <toad_> how you can expand the set is by making it possible for 10,000 people to share 10 links to the outside and get something vaguely usable
[13:53] <toad_> while still not being obviously all connected to a single IP block
[13:54] <toad_> or worse a single IP
[13:54] <linyos> i don't propose that really, but i do suspect any solution will entail renting colo space to access the economy of scale in bandwidth
[13:54] <linyos> ok, sure
[13:54] <linyos> that is another way
[13:54] <linyos> it has its own challenges though
[13:55] <toad_> yep
[13:55] <toad_> but i'm paid to address those challenges
[13:55] <toad_> so how much shall i subtract from today's hours for that little rant?
[13:55] <toad_> :|
[13:55] * toad_ supposes it's legitimate to talk to linyos, within reason
[13:56] <linyos> sort of... a DHT is not a shell, it is less flexible
[13:56] <toad_> now where is my log? i seriously hope it's not been eaten by the wall...
[13:56] <linyos> with a shell you can run a DHT, but you can't really run a shell on a DHT
[13:56] <toad_> obviously a shell would be nice
[13:56] <toad_> but you can get a shell over a DHT
[13:57] <linyos> i mean a file publishing network
[13:57] <toad_> you can run a DHT inside the wall
[13:57] <linyos> wrong term, of course you can route ssh links any way you want over an overlay network
[13:57] <toad_> you can have a small number of connections, and a large amount of internal storage, and efficient routing
[13:57] <toad_> and it's all F2F
[13:58] <toad_> which means there are no big central points of attack
[13:58] <toad_> e.g. "hmmm, why does 25% of the university population rent a shell from EasyShells Inc ? Lets talk to them...."
[13:59] <linyos> they would be traded indirectly, i guess..
[13:59] <toad_> it is surely much easier to monitor the interface to the rest of the world than to do traffic flow analysis on the entire internal network
[13:59] <linyos> yes. but monitor for what? you have strong plausible deniability.
[13:59] <toad_> so what?
[13:59] <linyos> "i was just admining random box X"
[13:59] <toad_> if you have nothing to hide you won't mind us monitoring a random subset
[14:00] <linyos> as opposed to "i just felt like sending wacky freenet packets at all times of the day"
[14:00] <linyos> oh, sure
[14:00] <toad_> linyos: indeed, but at least with freenet most of your connections are internal, and therefore very expensive to analyse properly
[14:00] <linyos> but we've been over that: if regulation is going to clamp down, we are fucked no matter what.
[14:00] <toad_> linyos: no
[14:01] <toad_> there is a difference between them making deals with external SSH providers, and them completely blocking everything
[14:02] <linyos> they would need to set up an authority to regulate and license ssh connections
[14:02] <linyos> or ban them in favor of some new key escrowed protocol
[14:02] <toad_> they don't even need to do that
[14:02] <toad_> they just block specific IP ranges
[14:02] <toad_> just as they do now
[14:03] <toad_> any big providers will show up sooner or later, and they can deal with them
[14:03] <linyos> i admit that is a challenge
[14:04] <linyos> excuse me for being optimistic!
[14:04] * linyos moans
[14:04] <toad_> it just doesn't seem a general solution to me
[14:05] <toad_> nor is it one that fits with the general mandate of Freenet, although it might be compatible with its nominal founding principles
[14:05] <linyos> there's no such thing, the design parameters are too uncertain. we don't know what steps they will take to rein in a wayward internet
[14:05] <linyos> there are only a bunch of potential things to attempt
[14:05] <linyos> and fingers to cross
[14:05] <toad_> we don't know a lot, but we DO know that freenet is very promising for dealing with a wide class of attacks
[14:06] <toad_> and in particular it is useful even in the absence of money, friends in the west, and so on
[14:06] <toad_> in fact it is useful even if we have heavily regulated computer networking
[14:06] <toad_> which you certainly can't say for "just rent a shell, you stupid chinese pig!"
[14:07] <linyos> except it stands out like a sore thumb wrt traffic analysis and is easily filtered out by a lockdown proxy just like every other protocol-X in the world
[14:07] <linyos> and it may yet be floodable to death, we don't know...
[14:07] <toad_> the collateral damage from completely locking down the internet would be massive, more even than the collateral damage resulting from blocking SSH
[14:08] <toad_> but as I have explained they don't need to block SSH in general to stop such schemes because they are inherently centralized
[14:08] <toad_> now, you've had your whatever
[14:08] <linyos> obviously, a chain is only as strong as its weakest links. strength against a million attacks is worthless if you fall to one..
[14:08] <linyos> yes
[14:08] * toad_ /ignores linyos due to the need to get some work done... somehow... without the gold-plated logs that would have let me fix the bug... :<
[14:09] <linyos> though we're not seeing eye to eye about how centralized it would have to be
[14:10] <linyos> oh well, toad is pretty damn stubborn but i am certainly worse.
[14:47] * toad_ (I=toad@pdpc/supporter/active/toad-with-underline) Quit (Remote closed the connection)
[14:52] * toad_ (i=toad@pdpc/supporter/active/toad-with-underline) has joined #freenet
[14:52] * ChanServ sets mode +o toad_
[15:01] * Ves007 (n=ves@ip503c7828.speed.planet.nl) has joined #freenet
[15:40] * linyos (n=linyos@AC940CB9.ipt.aol.com) Quit ()
[15:41] * Ribs (n=ribs@riblet.plus.com) Quit ("Leaving")
[15:41] * Ves007 (n=ves@ip503c7828.speed.planet.nl) Quit ("2.0 Build 3515")
[15:43] * Ribs (n=ribs@riblet.plus.com) has joined #freenet
[16:46] * LeeFi (n=LeeFi@pool-71-112-111-15.sttlwa.dsl-w.verizon.net) has joined #freenet
[16:59] * dentini (n=chatzill@24-51-93-67.kntnny.adelphia.net) has joined #freenet
[17:03] * TheSeeker|zzz is now known as TheSeeker
[17:21] * LeeFi (n=LeeFi@pool-71-112-111-15.sttlwa.dsl-w.verizon.net) Quit ("ChatZilla 0.9.61 [Mozilla rv:1.7.11/20050728]")
[17:22] * toad_ (i=toad@pdpc/supporter/active/toad-with-underline) Quit (Remote closed the connection)
[18:18] * RichK (n=rich@intranet2.valkyrie.net) has joined #freenet
[18:24] * Hory (n=Miranda@82.78.27.85) Quit ("CyberLore.net - Recommendations on the best games, freeware and websites.")
[18:37] * HalfEmpty (n=HalfEmpt@sip.nurotek.net) has joined #Freenet
[18:41] * goron (n=ron@zonnebloem.demon.nl) has joined #freenet
[18:42] <goron> Where can I find up to date browser configuration information?
[18:42] * Hory (n=Miranda@82.78.27.85) has joined #FreeNet
[18:52] * goron (n=ron@zonnebloem.demon.nl) Quit ("Lost terminal")
[19:23] * RichK (n=rich@intranet2.valkyrie.net) has left #freenet
[19:42] * Hory (n=Miranda@82.78.27.85) Quit ("CyberLore.net - Recommendations on the best games, freeware and websites.")
[19:44] * HalfEmpty (n=HalfEmpt@sip.nurotek.net) Quit (Remote closed the connection)
[20:00] * stoner691 (n=jamie691@c-67-171-223-21.hsd1.or.comcast.net) has joined #freenet
[20:17] * stoner691 (n=jamie691@c-67-171-223-21.hsd1.or.comcast.net) has left #freenet
[20:28] -lilo- [Global Notice] Hi all. We're currently testing a patch which should resolve some kline removal issues. At some point this weekend, we're probably going to want to do a network-wide reup. We'll keep you posted.
Archived Logs
These logs were automatically created by Jay Oliveri with his gimp hapi on
irc.freenode.net.