the hacker has full control of your pc.
they have an address to connect to and a exploit to enter
without safe they dont have a target
its not the fact that the safe software is vulnerable but the fact its communicating with large amounts of other computers. which are not subject to the same scrutiny as an actual web sever
Ok , to cut down on circle-jerking around a hypothetical penetration test ,
let us find the first problem first , where is the first hack into the network ?
Please use the edit tool if you want to add some extra text.
No, correct but then the only option is to never connect to anything at all. IP’s are the basis of the internet.
1 Like
no because like i said youtube and most other sites are held to high standards. and someone in their datacentre cannot see the ips connecting to youtubes sever. somone siting at home there is nothing to prevent this.
if its operating like a torrent that’s ok, i got the wrong view
scrap that the people in the datacentre prob could see your ip…but there are auditing tools in place that the company will know.
the question is do you trust the pc that your connecting to
i’m not trying to hack the network
i hope everyone can see the point i’m trying to make.
Even if the computer you connect to is manned by Mr. Robot who wants to take down the world, the only damage he can do is to the machine he is on. You can not control, monitor or inject anything into the network from the users PC.
Think of it as a distributed web server. Each vault is wrapped in vetted security layers as part of the whole network, so it is secure regardless if the hardware it is running on is compromised. you dont need to trust the computer you are connecting to which is the beauty of the network itself…
1 Like
Yes, on SAFE people connect to each other and now they know your IP and might come after your system. Like I said, best to not use any P2P tech. As people connecting to each other is the basic of these systems.
But then that infected computer does the same thing. and that infected computer does the same thing…if you where just browsing the internet it would be very hard for it to spread
Is there an estimate on how many users are on the network atm ?
over 3000 people downloaded the software but they only connect when they start the Launcher. No Vaults running at people’s homes at the moment. Another test with that on Tuesday.
You are assuming that the infected computer can compromise the vault (it can not, if you have an example of how this is possible it would be VERY helpful for the devs for sure!) and that the infected vault can then discover, communicate with and infect other vaults…again, the devs have gone to unfathomable lengths to ensure this is not possible, such as vaults having rankings where bad acting or underacting vaults get less data or get dropped…so if you can help find a way to penetrate a vault on a machine and get it to do bad stuff, please let them know! 
And when the project is ready for full public release, what is the best case scenario for adoption ? If your aiming to replace the internet this should be top priority
how many people do you think run flash ? alot
or even windows
yes, lots of people run flash and windows. both have had security flaws in the past and will most likely continue to do so, I am just not understanding how this is related to the Safe Network security…I think we are chasing our tails with this thread now…lol.
again its not about safe network security its about the users computer. and both have had flaws. but how worse would it be if millions of home pc where connecting to millions of others. At the moment torrents do this but only in a few thousand
The SAFE network is a great idea that’s why i’m here i want it to succeed. But this needs to be solved some how…you can brush it off by saying it hypothetical and i know nothing about the project…but i do think this is a problem.
If you could give an example of how SAFE could cause more vulnerability than the current system of connected computers (the internet), please do!
Currently we have some missing details that are crucial to your concern:
- I install and run a vault that may be running on a compromised computer.
- This computer is now able to do bad stuff to the vault running on it by ____________.
- This enables the vault to discover and attack other vaults by doing _________ which infects the whole network and all connected computers.
Your concern is appreciated, but until we can fill in the blanks here with specifics, I don’t see a vulnerability or additional threat to a user by installing SAFE and running a vault…
2 Likes
@ifindproblems I think you have been assuming that an infected computer that is part of SAFEnetwork is a risk to other computers connected to the network.
If so, you haven’t stated this clearly, so people have not been able to correct your assumption or indeed ask why you think this to be the case. I’m guessing from what you’ve said that you think this because you think each computer is acting like a server to the other connected computers, but this is not the case.
If you think that an infected computer is a risk to the network you need to explain why, by explaining exactly how.
If you think this because the computers are acting like web servers you are incorrect, because the network performs this function in an entirely different way, and you’ll need to learn how the network operates before you can even begin to think about these kinds of vulnerability.
Take it from me, you can’t infect the network by infecting one computer, in fact, to control even one part of a file you would have to control at least 80% if the nodes on the network.
Rather than suggesting that the network has weaknesses that you are not yet able to explain, I think you’d be more productive reading up or asking questions about how the network works, because I think it is fundamentally different to many of the assumptions you are making.
8 Likes
I’d like to point out that tools currently exist which can port-scan the entire IPv4 address space in a reasonable amount of time, so exposing users’ IP addresses isn’t a very big deal since malicious actors can find those easily using other means. You should focus specifically on vulnerabilities in the launcher (/client) or vault program, since any vulnerabilities in other software running on users’ computers would have been just as open to exploitation without the SAFE Network.
4 Likes