Fling:Anonymous Protocol Suite

_endgame writes "Fling is a new suite of internet protocols that perform the function of DNS, TCP, and UDP in a manner that's both untraceable and untappable. Fling protects clients from servers, servers from clients, and both from an eavesdropper in-between. The result is that anyone can serve or retrieve any data, without fear of censure."

Don't Want To Be A Spoilsport But...

[Carnage4Life]

...this project is less than a week old and consists of some theories bandied about by a developer and he's friend (who is providing the crypto knowledge).

Wouldn't have been better to post this when there was actually news to report? Simply because someone has an idea and backs it up with a webpage does not a headline make.

PS: That said, I wish them luck. :)

Re:Don't Want To Be A Spoilsport But...

[phil+reed]

What better way to attract attention and get some serious development effort aimed at it? For those of us who don't want solutions handed to us on a silver platter, this is the best time to get involved.


...phil

Re:Don't Want To Be A Spoilsport But...

[Harri]

Do we really need a way for people to pass around child pornography without having a way to find out who they are (so we can stop them)?

In a word: Yes. We do. For the simple reason that there _is no way_ for any of us to exert our simple right to anonymity without having a way to pass round child porn too.

This is one of those circumstances where people will have to choose between a greater evil and a lesser evil. At risk of making myself very unpopular, I would suggest the evils that can come from denial of freedom of speech could be an awful lot worse than the evils coming from the hampering of one of the ways the police use to track down a class of particularly unpleasant criminals.

Put it this way: would you like every tiny piece of data about yourself in big government database, even though this would clearly help to catch many criminals, probably including some child pornographers? Supposing you didn't mind this. Now would you make it compulsory for _everyone_ to be in this database? That's what you're asking.

Supposing the goverment could identify the profile of a child pornographer with 90% accuracy from this data. So they imprison all the people with these characteristics. This is another way the government could reduce child porn, but few would argue that the benefits outweighed the drawbacks.

Falacies

[hardaker]

Glancing through the web page quickly I note a few things:

1. He's basically just adding a seperate data routing layer over the top of the standard IPv4 addressing space. Hence, data doesn't get routed only based on the IPv4 routing tables, but gets routed fairly randomly around above this. This has 2 problems:
   1. You still know the IPv4 address of the destination (regardless of weather or not DNS is protected) and hence can still trace the ownership of that address.
   2. Since data is no longer taking the shortest path, it'll get routed many times around the network and hence will increase the overall traffic level of the network at large (possibly sending the data over a given physical segment multiple times).
2. He's assuming that by routing things around the network using different paths that it'll be harder to pick up all the traffic by way of a sniffer. This may be true if the physical internet truly had different physical routes. I suspect most sniffers you have to worry about are the ones at the end points, not the ones in the middle. It's the box next to mine thats more likely to be sniffing my traffic and hence that this protocol won't help. Now, it will encrypt it multiple times with possibly multiply different keys, but it won't prevent the majority of that traffic being sniffed.
3. Root domain name ownership is not based on a pricing model. Hence I can:
   • for i in `cat /usr/dict/words`; do register $i; register $i.$i; done
   And the internet is hereby mine!!! Muhahahaa.
4. Protocols designed by a few people quickly, possibly inexperienced in the world of security, will certainly run into security related implecations they hadn't thought of. I hope that something like this would go through a lot of peer review by cryptologists before being trusted.

Two issues

[Nyarly]

I've got three unrelated problems with Fling.

1. Technical The crypto as described seems to add very little apart from immense delays to transmission. Unless you use Fling for everything, it doesn't even begin to protect you, and using a multi-host route is going to probably multiply latency by the number of hosts you add. Frankly this looks like a half-baked MixMaster anonymous email scheme applied with broad strokes to all of low level networking.
2. Adoption It won't be. You have to write this into any client you want to use it? Name service is a completely seperate entity? This would basically mean redoing the whole networking thing from square one (UDP), and the people who have to implement it are exactly the ones you're try to hide info from. Do you really think MS would ever put truly secure transmission protocols in their TCP/IP package?
3. Philosophy The entire philosophy behind it is repugnant to me. The conclusions are somewhat accurate, in that there ought to be a means to be anonymous on-line, but the basis is in Objectivist Libertarianism, and implies a freedom from obligation to others and debt to forebearers. It's a selfish, twisted, flawed philosophy, evident of weak thinking and small souls.
   1. I for one doubt it will really go anywhere.

Ushers will eat latecomers.