[briar-devel] Threat model
Brought to you by:
akwizgran
Menu
▾
▴
[briar-devel] Threat model
|
From: David F. <da...@fe...> - 2012-07-23 16:05:20
|
Hi, I'm a bit of a newcomer to the security field, so please bear with me for asking what my seem to you like naif questions. The threat model at the bottom of this page http://briar.sourceforge.net/overview.html contains a couple of things I have questions about: 1. "There are some users who can keep their nodes secure - those who can't are considered, for the purposes of the threat model, to be controlled by the adversary." Given that any node could be compromised, how is information about such a compromise disseminated? What precautions, if any, are in place around using that dissemination system as an attack vector, e.g. falsely accusing one or more nodes of being compromised? 2. "The adversary has a limited ability to persuade users to trust the adversary's agents - thus the number of social connections between the adversary's nodes and the rest of the network is limited." In places like the former East Germany, this assumption was wholly false. To what extent is the Briar system sensitive to its being true? Thanks in advance for your patience :) Cheers, David. -- David Fetter <da...@fe...> http://fetter.org/ Phone: +1 415 235 3778 AIM: dfetter666 Yahoo!: dfetter Skype: davidfetter XMPP: dav...@gm... iCal: webcal://www.tripit.com/feed/ical/people/david74/tripit.ics Remember to vote! Consider donating to Postgres: http://www.postgresql.org/about/donate |
