On 01/31/2019 04:04 PM, Punk wrote:
On Wed, 30 Jan 2019 20:51:44 -0700 Mirimir <mirimir@riseup.net> wrote:
However, all of these distributed storage systems are similarly vulnerable, more or less. You are potentially screwed if an adversary can 1) peer directly with you, and get your IP address; and 2) send you file fragments that are (even though encrypted) identifiable by hash or whatever.
Well by running freenet or something like it you are guaranteed to store and forward fragments of 'bad'(LMAO) files. That's the basic design of the system. And that means an 'adversary' like the american nazi govt can persecute any freenet user if they so choose. They don't even need to explicitly send parts of an 'ilegal' file to a particular client.
Yes, they can probably calculate hashes for fragments of any files. But generally, they do need to peer directly with you. Although some systems enable request forwarding, and nodes can see the names of indirectly connected nodes. But they can't see those IPs, just the IP of the node that handled the forwarding.
If you didn't encrypt locally, they may find bad stuff (even if only as temp files). And if you did encrypt locally, they may jail you for contempt unless you reveal the passphrase(s).
in other words, if you live in a police state you are fucked. There clearly is no crpytographic 'workaround' here.
Yeah, basically. Your only hope is not attracting attention.
So anyway, if you use any of these distributed storage systems, make sure that you peer only with people you trust,
that may be better but it's not too practical.
I agree. But it's what Freenet devs recommend. And not only is it not practical for many new users, it's not very reliable. Because you have no way to know which of your "friends" are state agents, or informers.
and make sure that you encrypt everything, locally and in transit. And if you must peer promiscuously, make sure that you obscure your IP address. Use a VPN, at least. And better, use a VPN plus Tor or I2P.