Excellent posts,
alphabeater and
SA_Dave!
Quote:
Originally posted by alphabeater
my favourite idea, as i've mentioned before, is to use the dns for this.
|
Dynamic DNS makes a good route via a public namespace to the fluctuating IP configuration of the p2p network. It should definitely be utilized as one of entry mechanisms when possible. Note that we don’t have to limit the use of DNS merely to mapping IP numbers of single peers. We can as well publish lists of active peers (with identity, IP and port data) on any DNS-mapped public space, your homepage being the natural candidate. Millions of people have FTP-accessible webspace at their disposal. With a simple FTP interface this public DNS-mapped webspace could be used to open an arbitrary number of public gateways to the network. You wouldn’t even have to reveal your own p2p identity while allowing your webspace to serve as a gateway. It would be enough to list a random selection of active and willing entry point peers.
Quote:
Originally posted by SA_Dave
Secondly, what about all the situations where people wouldn't want to use this feature? Reasons for this are that you want to share different collections under different logins, you share a computer with other family members whom you do not want to inconvenience by binding their identitiy to that of the machine or simply that you are antisocial & do not want to participate (in this case it could be to the benefit of the community if you share virii & fakes or not if you are just a "fly on the wall".) I'm sure that many users fall into this "stealth" category, and they like it that way.
|
The solution here is to bind the identities to user profiles rather than to the machine the client is running on. If each user profile has its own independent shares, hotlists etc. there is no reason why family members could not run simultaneously their own instances of the client on the same computer (perhaps using different ports). You yourself might want to use different identities to access different communities (movies, music etc), each identity having its own specific shares and social history.
Quote:
Originally posted by SA_Dave
Third, you are assuming that the user is very savvy. Would they really backup all their keys to a floppy, as tg suggested in another thread? Formats seem to be an almost communal experience nowadays.
|
If you have a HD failure and have no backups, losing your p2p identity is probably the least of your worries. There are people who trust their luck and people who make backups. It usually takes a major HD crash to convert somebody from a truster to a backupper...
Quote:
Originally posted by SA_Dave
What's to prevent malicious users from remotely deleting keys or formatting drives, installing trojans, backdoors and the like or even using a compromised "trusted" system to cause major damage to communities, friendships, trusted states and even data?
|
I think this is a general security issue that applies to all computing and networking. If a malicious outsider owns your box, there is not much to do but to clean it up and protect yourself better next time. The only countermeasure that comes to mind is to store all identity data as encrypted so that possible intruders cannot use it without knowing the correct password. But there is no real security on a compromised computer. The hacker might be able to monitor all your actions, including the keystrokes you type when entering your password.
- tg
