As can be concluded just from the above, China’s firewall policy isn’t to block all access to blacklisted sites, it’s to raise the technical bar required to access blacklisted sites. They essentially want to make it inconvenient enough that only a small minority bother on a regular basis, and otherwise leave the ability to read blacklisted content deliberately open. Other countries such as those you mentioned actually do want to ban blacklisted sites entirely, and still others (North Korea) make the internet a whitelisted only place. Interestingly, the current British government also wish to make the UK internet a whitelisted only place by default, but I digress.
Things have changed since the OP last year. There has been a move from C++ to Rust, and RUDP no longer exists. I am not competent in Rust, so it was a bad idea for me to lead out any development or design there, so I am now merely a least level programmer on Maidsafe Rust who modifies existing code mainly to fix problems. I don’t write any fresh code because it takes me forever as I don’t know enough Rust.
So as I mentioned, I’m definitely the wrong person to ask. I can say there is a pluggable transport facility in there, and before my contract ends I may try adding rust-utp as a second available transport to TCP. Past that I don’t know what the plan is (I should add that in April I was on vacation, and most of May I was in conference season mode so I missed all the design and planning meetings at Maidsafe. I really do genuinely not know what’s planned nor do I entirely understand the big picture, I’m too out of the loop to say anything with any confidence).
I understand that it’s not instantaneous - from the time you connect it takes them a while to start dropping packets or doing other tricks (similar to your experience), so it’s enough time to download news, books, blog postos and things like that. That’s what matters.
I don’t know how bootstrapping works with MaidSafe, maybe the initial list is indeed static.
The trick really will be gaining corporate users early on – SAFE is a great technology for replacing data centers for a lot of small and mid-sized businesses. It turns security inside out and upside down - so normal hacking avenues are all defeated…
Once there is a compelling business interest in SAFE operation, ISP’s and governments will have an uphill battle to try to block it…
As a contractor for Maidsafe it isn’t appropriate for me to comment here except in a factual context…
I don’t see why, and for me it would be a real loss, and perhaps contrary to the spirit of the project!
Yes the thread went off topic, and we mods have not been jumping in to affect that… but it was quality discussion! And nobody complained… (Yet) always my yardstick for when to pay more attention.
Well, thank you for saying so. I’ve actually always been here just not posting, I check for new topics every week or so. However the part of each year leading up to May is exceptionally busy for me, so from January to end of March I was up till 4am each night working on the next release of Boost.AFIO after pulling a work day for Maidsafe and spending time with the family. In April I took an extended vacation to recharge the batteries, and then got to work on my C++ Now presentation and accompanying Handbook of Best Practices in C++ 11/14 libraries, again after Maidsafe and family hours, until I presented two weeks ago in Colorado. The next big deadline for me is end of July when Boost.AFIO comes up for peer review, so plenty of after hours work to do between now and then to prepare for that!
Anyway, if you look back on all my posts here, they have always been factual corrections or factually driven. On more than one occasion I have refused to present my non-factual personal opinions on topics, and the above earlier discussion is a good example. It simply isn’t professional in a contractual situation to discuss politics/religion/beliefs, unless your contracted role is to do so.
If anyone has got access beyond an aggressive firewall, they can then save that to their vault inside the firewall.
Maybe these uber firewalls attempt to filter peer to peer too, but wish mesh nets in the mix, it would only take one leak for it to be out on the wild locally.
Its going to be an arms race and SAFE is the spirit of a new network that can win the race. There will be apps built on top of SAFE, but SAFE will also develop down through a SAFE OS into a network made up of end user owned and controlled hardware. That hardware will be optimized to run SAFE and make use of tech like SDR mesh and LiFi. If SAFE coin is successful and can incentivise the build out of these pieces, they will deploy very quickly. The bitcoin specialized hardware build out set a precedent.
[quote=“ned14, post:41, topic:1851”]
So as I mentioned, I’m definitely the wrong person to ask. I can say there is a pluggable transport facility in there, and before my contract ends I may try adding rust-utp as a second available transport to TCP. Past that I don’t know what the plan[/quote]
Thanks very much for that Niall. It would be very interesting if someone dealing with the details of the protocol obfuscation system could weigh in sometime. As in Tor/OpenVPN-UDP examples linked above, protocol obfuscation is a make or break issue for maintaining a SAFE Network connection from many countries.
Yip, crust is multi protocol, randomised port networking. With added encryption then it’s pretty obfuscated. Later on data flows will also get attention making deep packet inspection harder. Measures such as counting entropy and flow rates can be overcome as well. So beyond existing mechanisms.
Thanks David went off to read more on Crust. Defiantly interested in the Crust API for adding new pluggable transports and although it is early days yet, looking forward to seeing how new transports/timings etc are to be added/updated and shared between nodes etc. Since it is a whack a mole game I guess it will mostly be being constantly updated and refined by us users most affected by censorship. Simply looking like https/443 works very well in some places while Tor PTs such as obs/dust2 in others. Encrypted packets on random ports are being blocked by the Great Firewall of China (GFC) and other countries for some time now and it seems to take less time to be detected and blocked each year. Best results if you look like some other “approved” protocol and can change between them as then they have to separate from the herd which takes much more detective work.
The Chinese are one of the biggest adopters of Bitcoin and I am sure the privacy and security of SafeCoin will be a big draw card there. It would be a shame if Safe Network cannot not get through the GFC reliably, but maybe very damaging if it got through long enough for widespread adoption only for the GFC to suddenly cut off a large amount of users, and Crust pluggable transports is not nimble enough to gracefully recover using a different transport.
Law makers are adding another vote for the protocol obfuscation system, i.e. ability to disguise encrypted traffic using skype, game, VOIP, … headers and packet signatures.
From /. (emphasis mine): Europe’s ‘Net Neutrality’ Could Allow Throttling of Torrents and VPNs
TorrentFreak reports that the European Parliament is approaching a vote on new telecom regulations that aim to implement net neutrality throughout EU member states. Unfortunately, the legislation hinges on a few key amendments, and experts are warning about the consequences should those amendments fail to pass. “These amendments will ensure that specific types of traffic aren’t throttled around the clock, for example. The current language would allow ISPs to throttle BitTorrent traffic permanently if that would optimize overall ‘transmission quality.’ This is not a far-fetched argument, since torrent traffic can be quite demanding on a network.” That’s not the only concern: “Besides file-sharing traffic the proposed legislation also allows Internet providers to interfere with encrypted traffic, including VPN connections. Since encrypted traffic can’t be classified though deep packet inspection, ISPs may choose to de-prioritize it altogether.”
Just on this forum, anyone can see the enormous amount of spilled keystrokes that Net Neutrality fanboys spent on trying to persuade free market supporters that Net Neutrality is going to be great for everyone. Just leave it to the State and everything will be sorted out.
Probably not worth rehashing the almighty free market vs net neutrality rules debate here - it has been done to death elsewhere on this forum.
What is important/relevant to this thread is that a “protocol obfuscation system, i.e. ability to disguise encrypted traffic using skype, game, VOIP, … headers and packet signatures” is on the table - AFAIK it is not currently(?). This news just highlights that relying on encryption alone will not be good enough - we need to be able to actively disguise the encrypted traffic as any kind of “approved” protocol, preferably in a dynamic modular fashion that does not require upgrading clients.
Yes. I brought that up. I am just posting that news to help make the case to the developers/designers that protocol obfuscation is worthwhile. AFAIK it is not currently part of the Crust design.
Note that when @dirvine says “obfuscated” in this context he is not talking about protocol obfuscation as in disguising the traffic as another protocol. As I read it David is just saying that by encrypting (and randomised ports), traffic is “pretty obfuscated”. From above post:
So AFAIK true protocol obfuscation like the Tor references above are not currently part of the Crust design. If the EU passes that legislation then it could become a must-have.
Yip, crust is multi protocol, randomised port networking. With added encryption then it’s pretty obfuscated. Later on data flows will also get attention making deep packet inspection harder. Measures such as counting entropy and flow rates can be overcome as well. So beyond existing mechanisms.