Re: Fwd: [DES-ANNOUNCE] New clients and 'spamming'

Nelson Minar (nelson@media.mit.edu)
Mon, 5 May 1997 13:48:35 -0400


concerning this announcmenet from SolNet:
>As many of you noted some machines in Finland have spammed the
>server with fake reports.

I'm suprised this hasn't happened earlier. If nothing else, just as a
reminder that it *can* happen.

>I wanted to know what was preventing this from happening to the
>DESChal effort?

I'd be curious about that too. I gather there's some hope that in not
releasing the source code it'll be harder to spoof the server. That's
not much protection though - reverse engineering is unlikely to be
difficult.

There are some serious, realistic threat models on a distributed
attack like deschall. On a discussion on coderpunks a few months ago
the consensus was that the only really safe solution was a completely
uncoordinated one - every client pick random blocks. That was
estimated to be 2-3 times as slow as the completely coordinated attack
deschall is doing.