Scrubbing IP addresses

I hope I am posting this in the right place. This blogging thing is new to me.
In a document entitled “Security of the MaidSafe Vault Network” I read “The client’s identity is protected, as its IP address is scrubbed by its managers prior to any request being processed.” What if the manager is running a tampered version of the manager persona code such that it forwards IP addresses to the government, or a data miner? Is there anything built into the Network code to verify that only un-tampered code is being run by the managers? Can I know that the persona code entity that is receiving my IP address is not some malicious third party? Should I care about this? Do the four managers receiving my request verify with each other that they are all running the same manager persona code?
Thanks

No you cannot (tell what code somebody is running), the issue is figuring out what manager to hack to track you. Your ID is unknown even to you (you can find it) so how to track you is an issue and then who you are is a secondary issue then of course how to become one of your managers is a really hard thing to do.

If you also consider the current testing is for randomised connections to the network (paralleled) then even getting all the above and performing the hack means the node probably wont connect to you either. So this becomes very difficult.

There is also the possibility of random addresses for read access so then it’s pretty crazy.

The best attack will be get to your ISP and try from there, but then it’s encrypted data so that get’s blocked. All this makes it very difficult to really work out what somebody is doing and it should be difficult.

The final piece to be really concerned about is that if you are using a closed source operating system then the parties over for your privacy in many ways. If you are targeted it won’t be the network that exposes you, it will be much cheaper and easier to huckle your computer.

That is the area we need to see more innovation in, there are of course options that help a lot (tails like OS’s, but still out of reach of many). We solve a great many of the problems but not all of them unfortunately. Enough though for an amazing start.

6 Likes

I was thinking of partitioning my drive to run Linux on my Mac which I believe is possible but then I wondered Yosemite OS for Mac is open source correct? Do you have an opinion of this as far as how secure @dirvine?

Sorry I have never dug into that at all so in the wilderness for me. I was intrigued recently by GitHub - dirvine/seL4: The seL4 microkernel but again no experience of this one either. If anyone has I would appreciate a heads up. I use ubuntu/debian with much of it removed (especially the window managers).

2 Likes

No worries :smile: I appreciate the response. I have some investigating to do!

As a longtime debian user (still run in it on my servers) I absolutely love arch on my laptop. Installed it about a year ago, no problems since then.

The thing about arch is, it’s a rolling release with the newest packages. You just update the packages as soon as they come in and again, this has never caused a problem for me. Be sure to subscribe to the mailing list where they announce stuff that needs to be fixed after an package upgrade. Happened three times in that year.

No more tinkering with outdated ppa’s. arch has an additional package archive (called AUR) where everybody can upload the build instructions for a specific package and it is just one helper command away. When the package is outdated, flag it in the repo and the author gets notified about it.

Since there is no installer for arch, you basically boot the live environment (just cli), mount the partition you want to install arch on, chroot to it, install the base packages (even there you can decide which ones you wan), install a bootloader (grub/gummiboot) and you have a running system. From there you can decide what your system should look like. (i3 as a window manager for example, the latest gnome desktop, etc.)

Sorry for OT, but you seem like the ideal candidate for arch :wink:

4 Likes

The kernel is open source. The user interface and all the applications that the OS comes with are not. So it is a nightmare from a security standpoint, not much better than windows.

2 Likes

Thanks for the heads up, what a strange thing to do. Oh well.