#saltr (irc2p) | I2P+ 2.10.0-10+ >> i2pplus.github.io | skank.i2p | git.skank.i2p | purokishi.i2p | vituperative.github.io/i2pchat | notbob.i2p | ramble.i2p | drop.i2p | shinobi.i2p | wall.i2p | /msg an op for voice

#saltr

/2023/05/01

Online: 57

~dr|z3d

@RN

@RN_

@StormyCloud

@T3s|4_

@eyedeekay

@orignal

@postman

@zzz

%Liorar

%cumlord

+BeepyBee

+FreefallHeavens

+H20

+Onn4l7h

+Sh0ck

+bak83

+onon_

+qend-irc2p

+uop23ip

+xHarr

Arch

BubbRubb

Dann

DeltaOreo

Irc2PGuest10122

Irc2PGuest16211

Irc2PGuest16546

Irc2PGuest35641

Irc2PGuest35761

Irc2PGuest61752

Irc2PGuest82658

Irc2PGuest84025

Irc2PGuest974

Maylay

Meow

T3s|4

ac9f

acetone_

anontor

duck

halloy13412

leopold

makoto

mareki2p_

nZDoYBkF_

not_bob_afk

ntty`

poriori_

profetik1

r00tobo[2]

simprelay

snex

solidx66

thetia

vivid_reader56

zer0bitz

orignal I would suggest to send some block with SessionCreated contain Bob's ident hash

orignal so Alice would know who she is talking to

obscuratus For those on Java I2P who want to play around with some of this, you can tune sybil in a few ways.

orignal so my another idea is static keys profiling

obscuratus For reference, the configuration variables are in: router/java/src/net/i2p/router/sybil/Analysis.java

obscuratus You can turn off sybil with: router.sybilEnableBlocking

orignal if a static key received from Alice it's good key

orignal if someone else has this static key but points ot different ident

orignal we drop such router as fake

orignal rememeber most of time floodfills publish themselves as Alice

orignal and a fake router can't be Alice

not_bob That sounds simple enough.

eyedeekay Makes sense but requires you to have met router as Alice before, right?

orignal that's a low hanging furit

orignal yes

orignal if we don't have this static key in table we presume that router is good

orignal it will take some time to sort things out but i exepect to collect all static keys of floodfiils in few hours on a FF and in few days on a non-FF

dr|z3d -15+ uploaded with more aggressive mitigations for the current attack.

obscuratus When I'm able to pull up these rogue FF routers with the browser NetDB entry page, these routers all have exactly the same information shown.

obscuratus Yet, they're getting different entries in the NetDB. What's the non-viewable parameter that's different, and why can't we just use that to ploink the duplicate entries?

eyedeekay obscuratus I think we can ploink them, I am in the ER right now but as soon as I get my laptop here I'll show you what I have