From the article, (slightly modified). My karma is capped anyway, so...
What the hell can I do with that?
Well, many things. When I was thinking about it, I have found two ways to use it. One of them is making any filesystem on that and mounting it somewhere, the other is more sophisticated: meehow:~# mkswap/dev/mtdblock0 meehow:~# swapon/dev/mtdblock0
Later on, more possibilities occur. You can use this methon in X11 terminals, to limit network bandwitch for example. During bootup such terminal would load kernel and compressed filesystem. The FS may be placed then on such mtdblock device and kernel may boot from it. Using console-only server with some kind of modern 32MB gfx card may use the vram as huge swap (which is way faster than swap on disk). New ideas are welcome:)
I have to concur with these people. Leave now! Leave while you still have your physical and mental health. Leave before you burnout.
Reading that again, it's strongly coloured by my experience. Talk to management. Tell them how you feel. But chances are you're going to get fired anyway for refusing to work 16 hour days.
I want^H^H^H^HNEED to know if my machines are vulnerable. There is your legitimate use. Maybe they should have linked to the patch, but the patch is where you would expect to find it.
As for, Free exchange of knowledge is all fine and dandy, but you can't have freedom without responsibility. Anarchy is not freedom. I would rather know that the security hole exists, and know that there is an exploit for the hole, and have a copy of that exploit, than know that there is an important patch for something, but not have any knowledge of what that something is.
This isn't exactly yelling fire in a crowded theatre, when there is no fire.
My mistake. I did some research, and I misparsed that comment. They distribute a binary only command line application for Linux that isn't GPLed in any way. I parsed it as releasing a binary that had GPL code in it.
Wait a minute. They distribute a linux binary? Is it the same company?
If so, they just licensed their patent to anyone who cares to use the GPL. (I really hope that they did so, and this isn't just a figment of my reading.)
A simple way to sour their database is a cookie sharing scheme.
You have a P2P cookie sharing proxy server.
You get sent a request for a cookie.
Your proxy computes a random chance of creating a new cookie, or using an existing one
If it decided to use an existing cookie, it searches the P2P network for a cookie that matches the requested cookie, and uses that cookie.
If it decided to create a new cookie, or if it didn't find any existing cookies, then it requests a new cookie, and uses that one.
Whatever the new results of the cookie are are saved, and shared over the P2P network.
Cookies are used consistently per session. ie. you only request one cookie per website per 20 minutes, for example.
Another mechanism that may be necessary is a cookie checkout mechanism, where each cookie is used in only one session at a time.
The two problem with this is that you have to explicitly decide which cookies you want to share, as I'm sure not everyone wants to share their cookie saved slashdot login. And you'd have a problem with the possibility of your bank account being linked to a randomly generated browsing profile, or something similar. Neither of these problems are insurmountable, but they need to be addressed.
From my reading of the press release, they're looking to start a registry for old email address to new email address translation, in order to handle bounce messages more cleanly.
Doesn't seem very useful to me. Just adds another layer on top of SMTP that fits a tiny niche. And this layer is dependent on some random startup still being in business.
Maybe some kind of distributed delivery system, with encryption of bounced messages...
OK, here's my solution to their problem. All email is signed, and the recipient's public PGP or GPG key is sent with the message. If the message bounces, it gets sent to usenet. The recipient scans usenet for their PGP or GPG key. If they come across it, then the message gets delivered to them. This method has a problem dealing with spam, especially since the disk space cost and bandwidth cost increases dramatically for each bounce.
The spam problem could be solved by limiting the number of bounced messages that can be sent from one host (NNTP-Posting-Host:, or even Path:), but that's only a partial solution.
Another business model would be to license the toolset under GPL, and sell a different license to anyone who wishes to make a non-GPL product. This has the added benefit that anyone can start working on a project, and once they're done checking the feasability, then they approach you for licensing. While the company may lose some sales from that, (fewer unnecessary sales), they will have more user satisfaction.
This business model can be stretched to include distributing the API in a closed source way, but free (beer), if you license it properly.
I think the real issue is advertising the product. How do you get your name out? If you can get on slashdot, that's good. Advertising on google seems to be pretty good too.
I've been using Perl for quite a while now. I've fallen in love with it. It's my first choice language, (when I do have a choice).
That said, I'm very nervous about Perl6. What if it ends up suffering from second system effect? What if it just isn't very good? Theory and practice being so different, it's possible for you to be completely wrong about where Perl needs to improve.
In short, what would be your course of action if Perl6 isn't very good in the real world?
I'm not sure I understand what you're saying. And I'm not sure of your ASM proficiency level, so I'll go into some details that may be redundant to you. And I think you might have said you resolved the problem, so I dunno if this matters anyway.
Interrupt 0d is the general protection exception and is generated by any protection violation that does not generate some other exception. See the above question for a more complete description of the problem. Common causes of this problem are network boards and certain hard disk controllers.
Interrupts can be either software generated, or hardware generated. Assuming this is a hardware generated interrupt, it's set when the processor receives an IRQ (Interrupt ReQuest). In this case, the processor recieved an IRQ for int 15. From the article, we get that IRQ 15 is our old friend, General Protection. Here, General Protection is (most likely) protecting us from bad hardware. If you trace through your code, or set AfxMessageBox() calls in your code in key places, you should be able to trace where the fault occurs. (AfxMessageBox() does block the thread until you hit OK, BTW.) At this point you should have figured out where the fault gets flagged, and from here you diagnose exactly which hardware is bad.
If you haven't figured out the problem this way, generate checksums of the file, both on the faulty hardware, and the good hardware, to see if it wasn't changed due to a faulty HDD. If the checksums look OK, then test your memory. If that tests OK, then you may be looking at a faulty CPU. Check to see how hot the CPU gets, that may be what's generating the error.
Or it may be something else entirely. Debugging flakey hardware in software is often quite tricky. I've thrown out MoBos before after diagnosing that something on the MoBo was broken, but never knowing exactly what it was. And I'll do it again. Oftentimes, diagnosing hardware isn't worth the headache.
Ah, OK then. I rejected those out of hand based on philosophical arguments. Assume I don't exist. Assume Thinking doesn't imply Being. Just make the base nihilistic assumption. Now what. There is nowhere to go from this assumption. You discount your existence, therefore, no arguments are valid. There is no point to anything. #include <teen/angst.h> That was why I dismissed it out of hand. Nihilism is self indulgent BS, and there really is no point in arguing about it. And I don't see any time/spaceless solutions that don't devolve into nihilism, which is not to say they don't exist.
If you have a nice solution that doesn't include time and/or space, and doesn't say that there is no existence, I'm interested.
Oh, and as to the web page presented earlier, which states v = dt/dt is equivalent to v = 1, try v=dt1/dt2, where t1 is time according to the traveller's frame of reference, and t2 is time from an independent frame of reference. I'm not positive that refutes the argument, but it seems to.
The first is one of (mostly) three dimensionality. Travel backwards along the time dimension is impossible. It may be possible to vary your speed along the time dimension, but it is impossible to travel backwards in time. This is (more or less) the generally accepted solution, because it is the simplest.
The second solution is the "jigsaw effect". In it, everything fits together like a jigsaw puzzle. There is no free will. A rather bleak view of things, but the second most likely solution due to its simplicity.
The third solution is one of many coexisting realities. The "tree" view of the spacetime. If you travel back in time, you will move forward along a different branch of the probability tree. (ie. everything that is possible happens simultaneously along the tree, you just need to travel to the right branch of the tree.) This theory works pretty well, but runs up against infinity repeatedly. Not likely, but it seems possible.
From the third solution, we can extrapolate a fourth possibility. Take the universe as a whole, as it is right now. Take all permutations of the locations and states of all energy and matter. Apparent movement in time is meerly jumping around different permutations of the universe in a haphazard manner. It fits all possibilities, but only by encompassing all possibilities. Not very elegant.
For a fifth solution, each instance of time travel creates a new universe in which to exist. This, again, is similar to the probability tree solution, but only takes into account paradoxes created (and inherent in) time travel, and mystically "removes" them to an alternate time stream.
Then there are the solutions that do away with time and or space entirely. These are all rather nihilistic, and not worth going into, as if they're right, what's the point of anything? So we might as well assume they're wrong, as there seems to be a chance of that.
If any of this doesn't make sense, it may either be that I didn't explain it properly, you didn't understand things what I meant, or I may be wrong. But this is what feels right to me.
I've been thinking about this, and consider the following. A normal IP network, similar to the internet. The CA assigns IPs in a similar manner to ARIN, but does not disclose the owners of the IPs. There is no such thing as reverse lookup, and traceroute type mechanisms are disabled.
I think this network would fit your spec pretty well. A country would have to query a significant number of nodes to find the location of an IP. I removed the "over national borders" requirement, as that can be implemented via wetware. (human social interaction)
And even today, you can chain a number of open HTTP proxies (for example) together, crossing international borders, and be near impossible to trace.
----
The other thought I had was to implement a TCP/IP stack for the major OSes, and link it to your anonymizing network, and have the connection come out of the anonymizing network in a somewhat consistent manner.
Basically: [CLIENT] --> { ANONYMIZING NETWORK } --> [SERVER] but using winsock and a TCP/IP stack to make it transparent to the end user.
It's right there. Again, this doesn't belong in Ask Slashdot. It belongs on usenet, in one of the asm groups. Alternately, just use google, it's right there. Blargh. Why don't people do basic research before posting an ask slashdot?
There is an online version of Tradewars written in PHP. Check out http://www.blacknova.net/. I wasted three or four days on it, but it didn't grip me like the original.
After carefully scouring her weblog page, I found a 14x10 pixel image linking to a form to email her. It's right there underneath the XML boxes, and is near impossible to see.
I think it's only a matter of time until real world laws become too large a burden for the internet to bear, and it needs to declare independence. (I'm anthropomorphizing a bit here, but still.) That said, we can hack around it. We can use technology in such a manner as to make real world laws irrelevant. And if we do that, we need to have some type of social controls.
As there is no way that everyone will agree as to what social controls are necessary, some may say none. Some may say IP protection. Some may say strong copyrights, but no patents. Some may say no spam and no hate speech. Some - no bulk email, but completely free speech otherwise. etc.
People disagree. And rather than have them try to enforce their views on the whole of the network, they should have options. We don't need to support them. We don't need to share our bandwidth or disk space or data with them. But we should at least give them freedom to try it on their own. And rather than fragmenting into a dozen incompatible, disconnected networks, we should have some social agreements as to who we share our (data|bandwidth|disk space) with.
I think that sums up that point pretty well, and I'm not sure what more can be said.
On to the technical side.
Please excuse the rough edges, this is fresh off the brain.
If we allow anyone to register an IP or subnet or whatever, (let's call it a routing token), then we need some method of preventing people from registering a routing token that is already taken. Central authorities are great at this. Central authorities are also a single point of failure. Routing without a CA is a bit like the dining philosophers problem.
Also, in order to make sure that each hop crosses national borders, we need some kind of way of checking national location. It's a good idea, but seems difficult to implement without leaking information to someone. With a CA, it's trivial to implement, but also trivial to bypass. Find the CA, and get a court order breaking the privacy of the CA.
Without a CA, assume an initiating node, and a receiving node. The initiating node is the client, the other the server. (It's not exactly perfect use of the words, but they fit well enough.) We'll have to have standardized ways of expressing countries. That's an implementation detail.
Anyway, both the client and the server have a secret (again, the country). They want to check if the secrets match. Neither the client nor the server can trust the other one. The client can probably trust the server a bit more than the server can trust the client, as the client initiated the connection. Given how easy it would be to brute-force guess the country, we'll have a hard time coming up with a secure algo here. Example attack to demonstrate my point: Assume that there are 500 different countries. Assume the attacker has 500 clients. Attacker makes 500 attempts (over time) to connect to the server, each time inputting a new country of origin.
Very hard to protect against, but not impossible. We just need to create a very stable network. One where the attacker doesn't get a chance to make 500 connection attempts.
Discovery also presents a problem. How do we discover a routing node to connect to? Assuming we broadcast a packet that states our country and that we're looking for a routing node. oops, now everyone knows our country, and that we're participating. Broadcast a datagram that says we're looking for a node to connect to. Everyone knows we're participating, but not our country. But in this process, we discover everyone who is participating. Then we're clear to attack all participants in the country. Limit the broadcast distance significantly, and things get a bit better.
Alternately, have a tree structure, where each node decides how much they want to participate. Have some kind of automated election process, where a well functioning node that's been up for a while gets elected upward along the tree. This should minimize disturbances. Net splits would still happen though. But the basic idea would be to stabilize the top of the tree as much as possible, and when someone attempts to start a new node, the request would flit along the bottom of the tree, until it encountered an empty position Have some kind of balanced tree type structure. If someone drops out, and stops participating, they need to rejoin at the bottom, as other nodes would get promoted to take their spot.
The tree won't work, but the concept might work if a proper structure was designed.
OK, brain is now drained again. And I'm enjoying this discussion too. Getting the ideas out there, and refining them in the same step. And it is really sad and disenheartening that we would need this. That we need to code our way around stupid laws.
Slashdot Mirror
So all ebay needs to do is come up with a mathematician working on game theory to write a paper about an online auction.
From the article, (slightly modified). My karma is capped anyway, so...
/dev/mtdblock0 /dev/mtdblock0
:)
What the hell can I do with that?
Well, many things. When I was thinking about it, I have found two ways to use it. One of them is making any filesystem on that and mounting it somewhere, the other is more sophisticated:
meehow:~# mkswap
meehow:~# swapon
Later on, more possibilities occur. You can use this methon in X11 terminals, to limit network bandwitch for example. During bootup such terminal would load kernel and compressed filesystem. The FS may be placed then on such mtdblock device and kernel may boot from it. Using console-only server with some kind of modern 32MB gfx card may use the vram as huge swap (which is way faster than swap on disk). New ideas are welcome
I have to concur with these people. Leave now! Leave while you still have your physical and mental health. Leave before you burnout.
Reading that again, it's strongly coloured by my experience. Talk to management. Tell them how you feel. But chances are you're going to get fired anyway for refusing to work 16 hour days.
This makes me glad I've got a wireless mouse.
Actually, your home network has equal protection as your office network, both of which are slightly reduced, due to the implicit trust relationship.
This isn't a direct answer to your question, but if you want to be secure in your email, you should be using HTTPS, (or some other secure protocol).
BOFHs everywhere have been doing this for ages using proxy servers and/or ethernet sniffers. POP3, SMTP, IMAP and all those aren't safe either.
Their server seems to be withstanding the slashdot effect quite nicely...
Nethack.
Not quite GPL, but still, it is open source. And it still has managed to steal quite a few man-months of work from me.
I want^H^H^H^HNEED to know if my machines are vulnerable. There is your legitimate use. Maybe they should have linked to the patch, but the patch is where you would expect to find it.
As for,
Free exchange of knowledge is all fine and dandy, but you can't have freedom without responsibility. Anarchy is not freedom.
I would rather know that the security hole exists, and know that there is an exploit for the hole, and have a copy of that exploit, than know that there is an important patch for something, but not have any knowledge of what that something is.
This isn't exactly yelling fire in a crowded theatre, when there is no fire.
Oh great, and I thought Norton's "Quarantine" was a good thing.
My mistake. I did some research, and I misparsed that comment. They distribute a binary only command line application for Linux that isn't GPLed in any way. I parsed it as releasing a binary that had GPL code in it.
Wait a minute. They distribute a linux binary? Is it the same company?
If so, they just licensed their patent to anyone who cares to use the GPL. (I really hope that they did so, and this isn't just a figment of my reading.)
That's why you encrypt it using PGP or GPG. See alt.anonymous.messages to see how it's done.
The two problem with this is that you have to explicitly decide which cookies you want to share, as I'm sure not everyone wants to share their cookie saved slashdot login. And you'd have a problem with the possibility of your bank account being linked to a randomly generated browsing profile, or something similar. Neither of these problems are insurmountable, but they need to be addressed.
From my reading of the press release, they're looking to start a registry for old email address to new email address translation, in order to handle bounce messages more cleanly.
Doesn't seem very useful to me. Just adds another layer on top of SMTP that fits a tiny niche. And this layer is dependent on some random startup still being in business.
Maybe some kind of distributed delivery system, with encryption of bounced messages...
OK, here's my solution to their problem. All email is signed, and the recipient's public PGP or GPG key is sent with the message. If the message bounces, it gets sent to usenet. The recipient scans usenet for their PGP or GPG key. If they come across it, then the message gets delivered to them. This method has a problem dealing with spam, especially since the disk space cost and bandwidth cost increases dramatically for each bounce.
The spam problem could be solved by limiting the number of bounced messages that can be sent from one host (NNTP-Posting-Host:, or even Path:), but that's only a partial solution.
Another business model would be to license the toolset under GPL, and sell a different license to anyone who wishes to make a non-GPL product. This has the added benefit that anyone can start working on a project, and once they're done checking the feasability, then they approach you for licensing. While the company may lose some sales from that, (fewer unnecessary sales), they will have more user satisfaction.
This business model can be stretched to include distributing the API in a closed source way, but free (beer), if you license it properly.
I think the real issue is advertising the product. How do you get your name out?
If you can get on slashdot, that's good. Advertising on google seems to be pretty good too.
Mr Wall,
I've been using Perl for quite a while now. I've fallen in love with it. It's my first choice language, (when I do have a choice).
That said, I'm very nervous about Perl6. What if it ends up suffering from second system effect? What if it just isn't very good? Theory and practice being so different, it's possible for you to be completely wrong about where Perl needs to improve.
In short, what would be your course of action if Perl6 isn't very good in the real world?
I'm not sure I understand what you're saying. And I'm not sure of your ASM proficiency level, so I'll go into some details that may be redundant to you. And I think you might have said you resolved the problem, so I dunno if this matters anyway.
According to http://swatch.binary.com.tw/delphi-ti/19057.html, found with Google,
Interrupt 0d is the general protection exception and is generated by any protection violation that does not generate some other exception. See the above question for a more complete description of the problem. Common causes of this problem are network boards and certain hard disk controllers.
Interrupts can be either software generated, or hardware generated. Assuming this is a hardware generated interrupt, it's set when the processor receives an IRQ (Interrupt ReQuest). In this case, the processor recieved an IRQ for int 15. From the article, we get that IRQ 15 is our old friend, General Protection. Here, General Protection is (most likely) protecting us from bad hardware. If you trace through your code, or set AfxMessageBox() calls in your code in key places, you should be able to trace where the fault occurs. (AfxMessageBox() does block the thread until you hit OK, BTW.) At this point you should have figured out where the fault gets flagged, and from here you diagnose exactly which hardware is bad.
If you haven't figured out the problem this way, generate checksums of the file, both on the faulty hardware, and the good hardware, to see if it wasn't changed due to a faulty HDD. If the checksums look OK, then test your memory. If that tests OK, then you may be looking at a faulty CPU. Check to see how hot the CPU gets, that may be what's generating the error.
Or it may be something else entirely. Debugging flakey hardware in software is often quite tricky. I've thrown out MoBos before after diagnosing that something on the MoBo was broken, but never knowing exactly what it was. And I'll do it again. Oftentimes, diagnosing hardware isn't worth the headache.
Ah, OK then. I rejected those out of hand based on philosophical arguments. Assume I don't exist. Assume Thinking doesn't imply Being. Just make the base nihilistic assumption. Now what. There is nowhere to go from this assumption. You discount your existence, therefore, no arguments are valid. There is no point to anything.
#include <teen/angst.h>
That was why I dismissed it out of hand. Nihilism is self indulgent BS, and there really is no point in arguing about it. And I don't see any time/spaceless solutions that don't devolve into nihilism, which is not to say they don't exist.
If you have a nice solution that doesn't include time and/or space, and doesn't say that there is no existence, I'm interested.
Oh, and as to the web page presented earlier, which states v = dt/dt is equivalent to v = 1, try v=dt1/dt2, where t1 is time according to the traveller's frame of reference, and t2 is time from an independent frame of reference. I'm not positive that refutes the argument, but it seems to.
I can think of five general space-time solutions.
The first is one of (mostly) three dimensionality. Travel backwards along the time dimension is impossible. It may be possible to vary your speed along the time dimension, but it is impossible to travel backwards in time. This is (more or less) the generally accepted solution, because it is the simplest.
The second solution is the "jigsaw effect". In it, everything fits together like a jigsaw puzzle. There is no free will. A rather bleak view of things, but the second most likely solution due to its simplicity.
The third solution is one of many coexisting realities. The "tree" view of the spacetime. If you travel back in time, you will move forward along a different branch of the probability tree. (ie. everything that is possible happens simultaneously along the tree, you just need to travel to the right branch of the tree.) This theory works pretty well, but runs up against infinity repeatedly. Not likely, but it seems possible.
From the third solution, we can extrapolate a fourth possibility. Take the universe as a whole, as it is right now. Take all permutations of the locations and states of all energy and matter. Apparent movement in time is meerly jumping around different permutations of the universe in a haphazard manner. It fits all possibilities, but only by encompassing all possibilities. Not very elegant.
For a fifth solution, each instance of time travel creates a new universe in which to exist. This, again, is similar to the probability tree solution, but only takes into account paradoxes created (and inherent in) time travel, and mystically "removes" them to an alternate time stream.
Then there are the solutions that do away with time and or space entirely. These are all rather nihilistic, and not worth going into, as if they're right, what's the point of anything? So we might as well assume they're wrong, as there seems to be a chance of that.
If any of this doesn't make sense, it may either be that I didn't explain it properly, you didn't understand things what I meant, or I may be wrong. But this is what feels right to me.
I've been thinking about this, and consider the following. A normal IP network, similar to the internet. The CA assigns IPs in a similar manner to ARIN, but does not disclose the owners of the IPs. There is no such thing as reverse lookup, and traceroute type mechanisms are disabled.
I think this network would fit your spec pretty well. A country would have to query a significant number of nodes to find the location of an IP. I removed the "over national borders" requirement, as that can be implemented via wetware. (human social interaction)
And even today, you can chain a number of open HTTP proxies (for example) together, crossing international borders, and be near impossible to trace.
----
The other thought I had was to implement a TCP/IP stack for the major OSes, and link it to your anonymizing network, and have the connection come out of the anonymizing network in a somewhat consistent manner.
Basically:
[CLIENT] --> { ANONYMIZING NETWORK } --> [SERVER]
but using winsock and a TCP/IP stack to make it transparent to the end user.
Parent is right.e =utf-8&q=%22Unexpected+Interrupt+0D%22&btnG=Google +Search
http://www.google.com/search?hl=en&lr=&ie=UTF-8&o
It's right there. Again, this doesn't belong in Ask Slashdot. It belongs on usenet, in one of the asm groups. Alternately, just use google, it's right there. Blargh. Why don't people do basic research before posting an ask slashdot?
There is an online version of Tradewars written in PHP. Check out http://www.blacknova.net/. I wasted three or four days on it, but it didn't grip me like the original.
After carefully scouring her weblog page, I found a 14x10 pixel image linking to a form to email her. It's right there underneath the XML boxes, and is near impossible to see.
But you're right, it is there.
I think it's only a matter of time until real world laws become too large a burden for the internet to bear, and it needs to declare independence. (I'm anthropomorphizing a bit here, but still.) That said, we can hack around it. We can use technology in such a manner as to make real world laws irrelevant. And if we do that, we need to have some type of social controls.
As there is no way that everyone will agree as to what social controls are necessary, some may say none. Some may say IP protection. Some may say strong copyrights, but no patents. Some may say no spam and no hate speech. Some - no bulk email, but completely free speech otherwise. etc.
People disagree. And rather than have them try to enforce their views on the whole of the network, they should have options. We don't need to support them. We don't need to share our bandwidth or disk space or data with them. But we should at least give them freedom to try it on their own. And rather than fragmenting into a dozen incompatible, disconnected networks, we should have some social agreements as to who we share our (data|bandwidth|disk space) with.
I think that sums up that point pretty well, and I'm not sure what more can be said.
On to the technical side.
Please excuse the rough edges, this is fresh off the brain.
If we allow anyone to register an IP or subnet or whatever, (let's call it a routing token), then we need some method of preventing people from registering a routing token that is already taken. Central authorities are great at this. Central authorities are also a single point of failure. Routing without a CA is a bit like the dining philosophers problem.
Also, in order to make sure that each hop crosses national borders, we need some kind of way of checking national location. It's a good idea, but seems difficult to implement without leaking information to someone. With a CA, it's trivial to implement, but also trivial to bypass. Find the CA, and get a court order breaking the privacy of the CA.
Without a CA, assume an initiating node, and a receiving node. The initiating node is the client, the other the server. (It's not exactly perfect use of the words, but they fit well enough.) We'll have to have standardized ways of expressing countries. That's an implementation detail.
Anyway, both the client and the server have a secret (again, the country). They want to check if the secrets match. Neither the client nor the server can trust the other one. The client can probably trust the server a bit more than the server can trust the client, as the client initiated the connection. Given how easy it would be to brute-force guess the country, we'll have a hard time coming up with a secure algo here.
Example attack to demonstrate my point: Assume that there are 500 different countries. Assume the attacker has 500 clients. Attacker makes 500 attempts (over time) to connect to the server, each time inputting a new country of origin.
Very hard to protect against, but not impossible. We just need to create a very stable network. One where the attacker doesn't get a chance to make 500 connection attempts.
Discovery also presents a problem. How do we discover a routing node to connect to? Assuming we broadcast a packet that states our country and that we're looking for a routing node. oops, now everyone knows our country, and that we're participating. Broadcast a datagram that says we're looking for a node to connect to. Everyone knows we're participating, but not our country. But in this process, we discover everyone who is participating. Then we're clear to attack all participants in the country. Limit the broadcast distance significantly, and things get a bit better.
Alternately, have a tree structure, where each node decides how much they want to participate. Have some kind of automated election process, where a well functioning node that's been up for a while gets elected upward along the tree. This should minimize disturbances. Net splits would still happen though. But the basic idea would be to stabilize the top of the tree as much as possible, and when someone attempts to start a new node, the request would flit along the bottom of the tree, until it encountered an empty position Have some kind of balanced tree type structure. If someone drops out, and stops participating, they need to rejoin at the bottom, as other nodes would get promoted to take their spot.
The tree won't work, but the concept might work if a proper structure was designed.
OK, brain is now drained again. And I'm enjoying this discussion too. Getting the ideas out there, and refining them in the same step. And it is really sad and disenheartening that we would need this. That we need to code our way around stupid laws.