gpg: Signature made Sun Apr 6 12:27:03 2008 UTC using DSA key ID 715FC6D7
gpg: Good signature from "NextGen$ <nextgens@laposte.net>"
gpg: aka "NextGen$ <nextgens35@laposte.net>"
gpg: aka "Florent Daignière <florent.daigniere@laposte.net>"
* Peter Rosenmai <prosenmai@???> [2008-04-06 22:03:15]:
>
> Hello all,
> I've looked around and have been unable to find an answer to the following questions. I hope I am posting these to the right group.
>
> 1. Suppose Freenet were to prove such an irritant to the mainland Chinese government that they decided to shut it down altogether within China. How great a technical challenge would this present? I understand that the PRC farms out much of the responsibility for censoring internet traffic to ISPs: Chinese ISPs could simply look for and block the Freenet protocol, couldn't they?
>
Blocking opennet is easy if not trivial, blocking darknet is way more
complicated.
How exactly would you fingerprint the Freenet protocol ? To block
something you've to discriminate it from the background "noise". No
doubt they are ways of doing that but it's a non-trivial problem... Only
one technique has been brought to our attention so far and we are going
to mitigate its effectiveness soon implementing something we call
transport-plugins (a steganographic layer on top of the protocol).
> 2. Would it be possible for the PRC to run Freenet nodes in order to determine the IP addresses of other nodes within China?
>
They could determine the IP addresses of opennet nodes, yes. That
wouldn't work for darknet nodes of course and it's why growing a real
darknet is so important.
> 3. Is it true that the PRC has previously blocked Freenet? If so, how was this achieved?
>
Yes, using deep-packet-inspection on their firewalls : the old version of the protocol had some matchable session bytes.
They have also been blocking the website since ages.
