Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] CJDNS hype

Mitar mmitar at gmail.com
Sat Jul 13 18:25:20 PDT 2013


Hi!

On Sat, Jul 13, 2013 at 1:15 PM, Gregory Maxwell <gmaxwell at gmail.com> wrote:
> That said CJ is, in fact, aware of these issues

Are they described anywhere? There is nothing about that in the whitepaper:

https://github.com/cjdelisle/cjdns/blob/master/rfcs/Whitepaper.md

I would assume there would be a section on this and an analysis and
conclusions? So that we could understand why they assume it is secure.
Maybe I am missing something.

> — and CJDNS is at least
> intended to be resistant to sibyl attacks under some assumptions (I
> believe the main assumption is that you choose honest peers for your
> transport links (and that your honest peers also do so), because it
> isn't simply a topology blind DHT).

>From what I understand, it is a topology blind DHT. (Which makes me
wonder why I see suggestions to use it for wireless mesh networks.) It
takes Kademlia distance and then it routes to this next hop. So if I
manage to populate the network with so many fake IDs which are so
similar to anything people want to route over, I can black-hole all
those packets going over me?

>  The system is setup to require
> manual peering, so it isn't just a handwave— it's how you're expected
> to use it.

So, web of trust is their security model for DHT? And isn't this a bit
contrary to their idea that security should be easy and out of the
box? So that users should just run CJDNS and should not have to make
any security decision? Hm hm hm.

> Some of the other concerns about CJDNS is that its not— by itself— an
> anonymity network.

Yes. I am not concerned about that. That's something it is written and
said around about CJDNS. But what is also said is that the plan is "to
replace current internet infrastructure with a massive secure mesh
network to prevent corporate and government censorship."

And using Kademlia-based routing to prevent censorship seems a bit silly to me.

But I think I don't understand something.

One similar project in the past, if anybody is curious:

https://en.wikipedia.org/wiki/Netsukuku


Mitar

-- 
http://mitar.tnode.com/
https://twitter.com/mitar_m



More information about the liberationtech mailing list