Freenet Not So Dark

The Register runs an art­icle today on poten­tial insec­ur­it­ies of The Freenet Project.

Freenet is designed to be a fairly anonym­ous P2P net­work, where each node can relay data for oth­ers as well as receiv­ing for itself. Data is cached loc­ally in an encryp­ted file, and, sup­posedly, it is not pos­sible to tell the dif­fer­ence between data that has been relayed to other nodes, and data that has been reques­ted by the local cli­ent. This is sup­posed to offer deni­ab­il­ity to users found to have naughty files in their caches.

However, The Register found that using a com­bin­a­tion of pub­licly avail­able node uptime data and file requests, it was pos­sible to determ­ine whether a file had been down­loaded by a node, or just par­tially relayed. Bye-bye deniability.

True, in order to be effect­ive, the per­son doing the detect­ive work has to have phys­ical access to your machine, but in Patriot Act–crazy America, that’s not such a remote pos­sib­il­ity from a law enforce­ment point of view.

The issue is set to be remedied in the next release of Freenet, sched­uled for later this year. The Freenet News page also men­tions The Register’s piece.

Posted May 13th, 2005

« Next: Covering Your Ass With PeerGuardian
Previously: Firefox 1.1 Preview »
   

Comment

You can also Register for more profile options.

There are no comments yet — why not start the discussion?

© 2003-2010 — Contact