Skip to content

Node Harvesting

Stephen Oliver edited this page Mar 30, 2017 · 1 revision

In the simplest possible terms: If you connect a node to an Opennet, you will have a few initial nodes in the seednodes file. These are not enough for good performance, your node will automatically find more nodes from the nodes you already have.

The problem is, an attacker can also put a node on the network, and identify nodes in the same way. Once he has found all the nodes on that particular Freenet network, he can attack them or block them, for example on the golden shield.

Darknet is immune to harvesting because all connections are fixed, between hopefully trusted peers, added manually via invitations.

All nodes on Freenet 0.5 were opennet. Freenet 0.7 supports both Opennet and Darknet, and hybrid modes involving both. To go darknet-only, and thus "disappear", get at least 5 friends to connect to you and then increase the network security level to HIGH.

In more detail: Every time your node does a successful request on Opennet, the node which is the source of the data will include its own node reference on the StoreData message. This may be reset by other nodes along the chain, with a low probability. Your node will then, if it needs more nodes, or at random, connect to that node. This process establishes and constructs a small-world topology for the network.

An attacker can then simply keep a list of all the node references he has seen in response to requests - either requests originated by him or requests which he has relayed. He can map out the entire network simply by running a node.

To counteract this, Freenet needs a big legal main use (eg. see recent arguments in Youtube v. Viacom case). Freenet integration into operating systems has the potential for this.

I2P is even more vulnerable to harvesting than opennet. (explanation?)

Clone this wiki locally
You can’t perform that action at this time.