Talk:Security concerns

From The Okopipi Wiki

Jump to: navigation, search

Hi folks. Andrew van der Stock here. If someone else is contributing to this page, please e-mail me (vanderaj<at>greebo.net) if you want to hook up. Doing threat models is my day job, so feel free to ask about anything and everything.

If you disagree with an existing rating, please discuss it here first, and we'll go back and change it after consensus is reached. My initial go should be considered a first-draft status.



What's a "binomial attack"? I searched on google for it and found only 3 unrelated hits. Frog 16:56, 19 May 2006 (PDT)

A binomial attack is where the attacker attacks half of the network at once and observes the results. If the p2p network is ravaged by this, they will then go and carve up half of that, and observe if that half has the same effect, or less. They keep on doing this (which is easier and easier) until they have pinpointed the AS's that contain the hidden servers. Then those servers (and everything in those AS's) will not be on the Internet any more. Checkout Peacock Maps. They have a diagram of how the Kosovo war affected Internet connectivity during that time. The attacker has the resources to take out entire AS's, so I would imagine it wouldn't take them long to figure out where our "hidden" servers are. That's why I don't think the old Blue Security model of central office (even if it's distributed and virtual) will not work. Andrew van der Stock



Just a minor suggestion, to prevent privilage elivation perhaps the hidden servers should have to request info from the superhandlers, that way no amount of privilage elivation will get the hidden server to connect. - Tortanick



You speak of life threatening danger, yet you give your real name here (or so it seems). Is that wise? --Poltergeist 09:09, 21 May 2006 (PDT)



-- There are a lot more General Concerns. For example, when the P2P network is "poisoned" and causes massive damage to legitimate companies, what is to prevent these companies from taking legal action against it's users. P2P did not protect people who download music from the RIAA.

"Valid" mass poisoning.

"Valid" mass poisoning: A spammer might install altered Okopipi clients to 100K bots; these would simply submit randomized, false (or joe-job) spam reports at normal activity rates. (from article)

Just an idea. Human/bot test should be applied when anyone tries to join to the network. Recognition of text on an image may work. Of course every client should have capability of performing such a test for a newcomer. Delama 08:37, 26 May 2006 (PDT)
The problem being, Spammers have worked around these 'bot checkers' on major email sites by iframing the actual test into "free porn" registration screens. In order to fight this, we'll have to be pretty original. Oriumpor 10:15, 26 May 2006 (PDT)

Handler vulnerability

Random handler rotation and nomination might be a way of maintaining a dynamic environment that would make it difficult to attack. With batters on deck as it were it would make attacking handlers nearly pointless. If you treated nominees and handlers the same and made sure to send flagged entries to both, you could use current handlers as a baseline for nominee consistency and rate them accordingly; or perhaps use them as human-sanity checkers. Oriumpor 10:31, 26 May 2006 (PDT)

Retrieved from "http://wiki.okopipi.org/wiki/Talk:Security_concerns"
Personal tools