I2P dev meeting, August 6, 2013 @ 20:00 UTC
dg, kytv, topiltzin, welterde, zzz
20:00:08 <zzz> 0) hi 20:00:23 <zzz> 1) RI verifies disabled in a point release? 20:00:30 <zzz> 2) misc. topics led by Meeh 20:00:33 <zzz> 3) baffer by Meeh 20:00:36 <zzz> ------------- 20:00:36 <zzz> 0) hi 20:00:51 <zzz> 1) RI verifies disabled in a point release? 20:01:02 <zzz> welterde brought this up the other day 20:01:33 <zzz> if I'm going to do it it has to be in the next few days, as I'm AFK ~ 13th - 29th 20:01:53 <zzz> echelon is traveling but for the moment we'll assume we can get a hold of him and he can do the news 20:02:14 <zzz> so welterde, please make your case for why we should do this 20:03:08 <welterde> the attack outlined in the paper is quite an serious attack for your not-well used destinations, as the required statistics are not very large 20:04:14 <zzz> does it attack the server dests, or the (client) users that connect to them? 20:04:21 <welterde> and for long-lived destinations it's even more dangerous as you can keep the attack going for as long as it takes to get enough statistics 20:05:08 <welterde> zzz: the client that connects to some dest... say irc link tunnels over dedicated destination would be a prime target (if you get hold of the destination somehow) 20:06:29 <welterde> zzz: however.. there is an option to disable RI verifies in the advanced options.. maybe news update to users to disable it? 20:06:29 <zzz> have you always considered it serious or have you changed your mind recently? 20:06:56 <zzz> I thought I just added that option last week? 20:07:15 <welterde> oh 20:07:18 <dg> you did, I made the same mistake. 20:07:34 <welterde> thought you just changed the default value of that option.. ok.. not an option then 20:07:57 <zzz> maybe I didnt explain it well in some post... 20:08:59 <welterde> zzz: and in the paper they also didn't take timing into account.. I guess that can be used to further improve the attack 20:09:02 <zzz> We've had a preprint of their paper for almost 5 months, since March 10. If this is a drop-everything problem, we've done an incredibly poor job of responding. 20:09:33 <zzz> So I'm wondering if you have always thought it critical or have changed your mind recently, if so why? 20:10:33 <welterde> well.. I was under quite a bit of stress until recently.. so didn't really take a look until now 20:11:30 <welterde> zzz: buts it's really hard to say as we don't really have that much data on these things.. 20:11:48 <zzz> what happened to that page on trac with our openitp responses, and our lack of security criteria... 20:12:11 <dg> If it is a drop-everything problem, waiting 1 1/2 more months is a problem too. 20:12:30 <zzz> sure 20:12:40 <zzz> but is it 20:13:12 <zzz> is the problem the RI verifies or is it Sybil? If it's Sybil then we don't have any near-term fixes 20:13:27 <welterde> zzz: it's the RI verifies 20:13:46 <zzz> i.e., is there a large class of hostile-ff attacks 20:14:16 <welterde> zzz: and an variant of the attack might be possible with RI lookup and then waiting for an connect as well.. but that attack would be magnitudes more difficult.. so I wouldn't worry about that one just yet 20:14:35 <zzz> if an attacker takes over a portion of the keyspace, isn't there any number of things he could do? 20:15:20 <welterde> zzz: given enough time the attacker doesn't have to occupy an large portion of the keyspace 20:15:23 <zzz> I guess I always looked at this as a Sybil issue. Doesnt me I was right. 20:15:30 <zzz> *mean 20:16:07 <welterde> he only has to occupy the space surrounding the target LS 20:16:53 <welterde> zzz: hmm.. what would be nice for stats.i2p or so would be an visualization of the ff over the keyspace.. (if there is no such thing yet) 20:18:50 <zzz> ok thanks for making the case welterde. Let me now ask for others to jump here with their opinions 20:18:53 <welterde> non-subtle attacks might be visible there then 20:19:00 * welterde looks for the openitp page you mentioned 20:19:22 <zzz> str4d set it up but I don't see it linked on the home page any more 20:19:35 <dg> q: Could someone pull off the RI attack without full keyspace Sybil? 20:19:45 <dg> I think yes but ??? 20:20:05 <zzz> http://trac.i2p2.i2p/wiki/OpenITPReview/Criteria 20:20:35 <zzz> Vulnerability Response Process Maturity and Transparency 20:21:20 <zzz> we aren't ever talking about full keyspace sybil here. You're targeting a particular slice 20:21:31 <welterde> dg: he only has to capture most LS lookups.. and as many RI lookups as possible; the latter portion only depends on how much time he has for the attack 20:22:17 <dg> "most"? For the network? 20:22:20 <zzz> it's just really bugging me that we could have done this months ago for no effort. 20:22:39 <dg> right. it looks shit if we do it now, really. 20:22:49 <zzz> but I guess that's irrelevant 20:23:14 <zzz> who else has an opinion, please speak up 20:23:43 <topiltzin> dd if=/dev/null of=opinion.txt 20:24:13 <zzz> last call. we doing this? 20:24:27 <welterde> of course if someone was bored he could whip up an simulation.. that would certainly help ;) 20:25:09 <zzz> maybe I'm just pissed at myself that I didn't think of just turning off the verifies. 20:25:32 <dg> zzz: don't worry about it. you aren't expected to cover everything always. 20:25:43 <zzz> ok everybody with an opinion please enter yes to do a release this week or no for don't 20:26:06 <welterde> (or i am here if you don't care one way or the other..) 20:26:58 <zzz> If I don't see any votes we arent doing it 20:27:21 <topiltzin> will the release contain *only* disabling RI verifies? 20:27:32 <topiltzin> vs. whatever is in trunk now? 20:27:35 <welterde> maybe we shouldn't have skipped the who is here phase of the meeting 20:27:54 <dg> I'm just not qualified enough. 20:27:57 <zzz> I don't care who is here. I care who has an opinion. 20:28:24 <welterde> zzz: well.. who isn't here doesn't have an opinion ;) 20:28:46 <welterde> zzz: I guess we are talking more about an small release, right? 20:28:59 <dg> welterde: what do you mean 20:29:02 <zzz> It would be just RI verifies + anything else tiny we decide to pluck from trunk 20:29:17 <zzz> and probably called 0.9.7.1? 20:29:28 <welterde> yeah.. that's what I had in mind as well 20:29:39 <kytv> no knowledge of this topic therefore no opinion, if we do it i'll of course be able to do the uploads to the various places, etc. 20:29:58 <zzz> for gods sake somebody vote. welterde at least 20:30:13 <zzz> who else has read the UCSB paper? 20:30:16 <welterde> oh I am for it if that's not clear ;) 20:30:41 <dg> I've read it.. 20:31:16 <topiltzin> I'm anxious to test the other stuff in trunk so the more we decide to pluck the more "Yes" my vote becomes. No opinion strictly on RI verification. 20:31:54 <welterde> str4d: your opinion? you were quite active in the discussion on the forum ;) 20:33:56 <welterde> zzz: maybe we should do the vote on the paper thread.. so str4d and tuna (and the others in the thread who are not here) have a say as well.. 20:33:56 <zzz> I would want to keep the "other stuff" list very short as I would be doing this very fast and then blowing out of town, unable to fix problems 20:33:59 <zzz> tuna is almost completely afk for a while yet 20:34:51 <dg> a no would be better than silence 20:35:03 <welterde> zzz: well.. or kytv could do the build.. 20:35:10 <zzz> in theory kytv can do releases too, he's the other one with signing keys, yes 20:36:35 <zzz> ok then lets do it. I'll put a thread up on zzz.i2p if you want to propose other stuff to go in, final decision in about 24 hours, and I'll do the build maybe thursday. Can somebody contact echelon? 20:36:53 <zzz> anything else on this topic? 20:37:37 <dg> I don't think so. 20:38:23 <zzz> http://zzz.i2p/topics/1443 20:38:40 <zzz> please review the 17K line diff from 0.9.7 and history.txt for other pluck candidates 20:38:47 <zzz> 2) Meeh's topics 20:38:50 <zzz> take it away Meeh 20:54:33 <topiltzin> zzz: the tag is "i2p-0.9.7" 20:54:36 <topiltzin> not "0.9.7" 20:54:47 * topiltzin preparing his plucklist 20:55:26 <welterde> same here 20:55:32 <zzz> thx 20:55:47 <dg> zzz: pm ok? 20:57:06 <zzz> only if it's of zero interest to anybody else 20:58:51 <dg> draft for email to zooko 20:58:55 <dg> http://pastethis.i2p/show/0bZ3iFeE9uABCORkfXV6/ 20:58:58 <iRelay> Title: Paste #0bZ3iFeE9uABCORkfXV6 | LodgeIt! (at pastethis.i2p) 20:59:10 <dg> I didn't include status or anything yet. I may be way off base. Feedback appreciated. 21:01:00 <zzz> 3) /me *baf*s the meeting closed for Meeh 21:03:29 <zzz> dg that's a really great start.