i then have a target
This is not always the case in overlay networks, in SAFE it certainly is not. You will see the IP of the last node in the route, but not the sender, unless the sender is the last node.
This is what we mean when we say IP address is scrubbed on hop1.
3 Likes
You still don’t understand how it works, stop assuming how it works and go learn it for Spaghetti Monster’s sake!
yes but that last node is someones home computer not a hardened websever
Nobody is debating that and it’s a different model then. I am trying to help you here 
1 Like
im not after the data…im after the control of your pc
Well the last pc in the route is not me, if that’s what you mean (i.e. I am the sender).
1 Like
im not after any specific person i just want a computer to control
Why not simplify the PEN test a little.
So self-encryption is a crate in it’s own right with plenty of docs/papers etc. and gets argued a lot. So test that with all you have first, then move onto crust (there is a weakness there already I can tell you, secure_serialisation not enabled and also not protected against replay there right now (it needs an incrementing nonce in secure serialisation))
Then you can eat the elephant a bite at a time. I think otherwise you may be burdened by the number of things we have in place. It will allow you to creep through and find interesting things.
5 Likes
I understand what your are saying but masses of people are not going to install the software if it exposes there computer to attacks. To me this would be a high priority for the project
So start with 1.0.0.0 and work your way up.
I mean, if you’re not interested in who you go after just run the whole damn gambit. This isn’t pentesting anyways. This is just asking for help to control other people. No thanks.
im not after any specific person i just want a computer to control
Your call, please proceed as you want, those statements are pretty clear and obvious though. So perhaps working with guidance would help, but there is also a good train of thought that says tear away and grab what you can. I think though in Alpha you could stumble over WIP and that is gonna make you feel like you have found something that is already covered.
It may be easier for us to say, here this is production ready as we move on? I would not try and guide you though as it may defeat the purpose, but some small help could save you a ton of time.
Anyway I hope you can find something, but I think you do need a bigger picture though, to get started. The wiki and related videos/papers etc. should help there.
4 Likes
ill take that as i’m not welcome then…goodbye
Please explain how they are not applicable ?
my point applied to both vaults or clients. yes i accept that the same applies to p2p. But from what I’ve read so far this is a different beast. because most torrents have a few thousand seeds. When this goes live there should be far more clients. and i understand that you can only see other clients that are in your “pool”. but a script could be automated to turn on and off a few thousand times and boom you can map most of the network.
And saying this is all hypothetical is fine if its never been done before but i be leave it has (obv not on this network), so there is nothing wrong with making this assumption.
Lmao, if you figure out another client’s IP ADDRESS then the Network is super broken.
With non-persistant vaults, sure. But with data chains comes persistant vaults which would mess that up big time.
And BTW - that’s the network of vaults, not the network of clients. Despite everything, you still haven’t done any research!
Protip: The only vault that sees a client’s IP address is it’s relay. Don’t know what a relay is? Check it out:
For clients:
This is the case. Your close groups (clientManagers) are passed a relay address type. At the moment it includes a way to get your public IP but will not at release. So your address can be considered scrubbed at the relay node. It means then nobody but a relay knows your IP but then it does not know what you are doing. So it works out very well.
– @dirvine - “What can my client manager group know about me?”
When did I use the word “hypothetical”?!?! Please stop putting words in my mouth.
You making assumptions (both here and above) tells me that you were too lazy to do the research and just filled in the massive holes in your knowledge base with assumptions. That’s not very professional…
I’m just going to presumpt your next assumption: You can’t choose to become a relay node.
3 Likes
Well amusing that the software is the only process receiving communication you could say that those IP’s are other clients or vaults on the network. You cannot link them to an account but you could be certain that it came from network.
do the vaults and clients communicate the same way ? if they do…then i’m correct
your still assuming that i’m trying to target a specific person.
your deliberately interpreting what i’m saying in such a way that you can argue back…
you know what point im trying to make because you called me a hooligan for saying it
No.
Therefore, you are incorrect.