undefined | Better HN

0 pointsLMYahooTFY5y ago0 comments

>However as they're both communication networks they do not provide censorship-resistance. The endpoints you're connecting to are central servers and can be taken down.

Can you elaborate on this? This reads as essentially false to my understanding. If by endpoints you mean 'relays', those are not 'central servers'. If you mean directory authorities, then yes, those are centralized.

With that said, I'm still not sure what you mean by 'they do not provide censorship-resistance.'

They absolutely have and do provide censorship resistance.

0 comments

eMGm4D0zgUAVXc75y ago

> Can you elaborate on this? This reads as essentially false to my understanding.

No, it's not false AFAIK :)

By 'endpoint' I mean what an address on those networks actually *addresses*.

Both a Tor-address (a .onion hostname, or a regular web address if you use Tor to access one), and an I2P-address, are essentially similar to an IP-address in terms of being the address of a *machine*.

They are anonymized, but the data is routed to the very specific machine which the address is of.

A Freenet address on the other hand is the address of a *file* - basically a hash.

So in Tor and I2P, even though the machine behind the address is anonymous, you can still DoS it because you have the address of the specific machine where the data is at.

In Freenet, you cannot DoS the machine because the address does *not* tell the network where the file is stored. It only tells what file you get. Any machine on the network can serve the file to you!

And in fact, if you try to DoS a file by requesting it very frequently on Freenet, it will instead be distributed MORE on the network: Machines along the path where the data is routed will cache the file.

That's what provides the censorship resistance.

bawolff5y ago

The wording can be a little confusing, because i believe in tor when people talk about censorship resistance they mean censorship of the whole network - e.g. blocking all the entry nodes, trying to find bridges and blocking them, which is a different type of censorship. I imagine freenet is just as vulnerable to that, and i would imagine that is an easier thing for powerful entities to do than to push GB of data into the tor network for an extended period of time to hopefully knock out a single hidden service.

eMGm4D0zgUAVXc75y ago

Freenet in fact is less vulnerable to that because they aim to prevent that specific attack you described with the following feature:

It offers a "darknet" mode where you manually add peers by exchanging cryptographic keys with them.

The connections to those peers are fully encrypted then and thus very difficult to block because you can't detect Freenet with merely packet inspection anymore.

Besides, the ability to censor individual Tor sites is *bad enough* already IMHO.

LMYahooTFYOP5y ago

The properties of Freenet you describe are extremely intriguing.

However, I'm asking about your description of Tor and I2P

>However as they're both communication networks they do not provide censorship-resistance. The endpoints you're connecting to are central servers and can be taken down.

This is technically incoherent, and I'm not sure what you mean by it.

As far as I'm aware, at no point does your TCP traffic from your tor client connect to a 'central server'. I'm not familiar enough with I2P to comment.

MrCapybara5y ago

I think they meant servers as in the machine hosting the content you are acessing, such as the machine that hosts HN. Not that every connection goes through a central server, but your content is hosted on a central server, as opposed to FreeNet where your content is distributed and so can't be taken down like a server can.

1 more reply

j / k navigate · click thread line to collapse

0 comments

eMGm4D0zgUAVXc75y ago

> Can you elaborate on this? This reads as essentially false to my understanding.

No, it's not false AFAIK :)

By 'endpoint' I mean what an address on those networks actually *addresses*.

They are anonymized, but the data is routed to the very specific machine which the address is of.

A Freenet address on the other hand is the address of a *file* - basically a hash.

So in Tor and I2P, even though the machine behind the address is anonymous, you can still DoS it because you have the address of the specific machine where the data is at.

In Freenet, you cannot DoS the machine because the address does *not* tell the network where the file is stored. It only tells what file you get. Any machine on the network can serve the file to you!

That's what provides the censorship resistance.

bawolff5y ago

eMGm4D0zgUAVXc75y ago

Freenet in fact is less vulnerable to that because they aim to prevent that specific attack you described with the following feature:

It offers a "darknet" mode where you manually add peers by exchanging cryptographic keys with them.

The connections to those peers are fully encrypted then and thus very difficult to block because you can't detect Freenet with merely packet inspection anymore.

Besides, the ability to censor individual Tor sites is *bad enough* already IMHO.

LMYahooTFYOP5y ago

The properties of Freenet you describe are extremely intriguing.

However, I'm asking about your description of Tor and I2P

>However as they're both communication networks they do not provide censorship-resistance. The endpoints you're connecting to are central servers and can be taken down.

This is technically incoherent, and I'm not sure what you mean by it.

As far as I'm aware, at no point does your TCP traffic from your tor client connect to a 'central server'. I'm not familiar enough with I2P to comment.

MrCapybara5y ago

1 more reply

j / k navigate · click thread line to collapse