Ian Dickson on Tue, 16 Mar 2004 08:49:22 +0100 (CET)

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: <nettime> OpenP2P.com: Next-Generation File Sharing with Social Networks

Nice to see some sense about Darknets.

I also have a lot of respect for his position re Tribes and Elders 
controlling the extent to which tribes interlink. (This is much more 
widely relevant than the simple case of file sharing. It's essential for 
community software).

However what wasn't made really clear was that a Darknet whose purpose 
was swapping illegal files has a serious problem - the social hack. 
Discussed but underplayed I felt.

I call it a Trust Hack.

Think of an illegal operations Darknet as having the same security 
problem as would face a terrorist cell or criminal gang. In essence, to 
avoid a security compromise through a Trust Attack (undercover cop, spy 
etc) you must remain small and tight knit.

As soon as your numbers exceed those where every member has input to 
controlling who joins, you have a big security issue.

This is perfectly OK for civil rights groups and political activists, 
where small is effective, but doesn't really work in developing critical 
mass type file sharing libraries.

Summary - Darknets will always have their place, but any Darknet system 
designed to support more than a couple of hundred members will be at 
high risk of a Trust Attack, and any such attack could (when combined 
with legal attacks once core data collected) expose ALL Darknets 
connected directly or indirectly to the one penetrated.
ian dickson                                  www.commkit.com
phone +44 (0) 1452 862637                    fax +44 (0) 1452 862670
PO Box 240, Gloucester, GL3 4YE, England

           "for building communities that work"

#  distributed via <nettime>: no commercial use without permission
#  <nettime> is a moderated mailing list for net criticism,
#  collaborative text filtering and cultural politics of the nets
#  more info: majordomo@bbs.thing.net and "info nettime-l" in the msg body
#  archive: http://www.nettime.org contact: nettime@bbs.thing.net