-
Notifications
You must be signed in to change notification settings - Fork 48
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Security claims on BT Mainline DHT #1
Comments
My claim was not that it doesn't have any vulnerabilities, but that in spite of the vulnerabilities it is still one of the largest distributed networks on the internet. Personally I think that nobody is damaging it because (i) it would still require some economical effort to accomplish and (ii) there wouldn't be much incentive in actually carrying out such attacks. (it's not like Bitcoin where there's money on the line). |
I guess it's fine if you think these attacks don't hurt this system. I even think this system is a really interesting case study despite any attacks on the underlying DHT. However I'd still suggest you update the first line of that README, as this line is, strictly speaking, false and might give someone without a background in distributed systems a false impression of the kind of guarantees any such system can provide given the current state of technology. If you want I can send you a PR on that line, but I don't know whether I'd manage to make it have the right ring to it. Maybe something like "most widely used distributed system". |
@jaseg it says "probably" and also the BT mainline DHT is the largest DHT in existence - and the larger such network is the more resilient and censorship-protected it is. I do agree that the message can be re-worded, but it's not completely wrong |
I agree that there is an issue in presenting it this way. This issue can be mitigated in various ways:
Regardless, you should ceate a new research section to explore some of the Sybil-resistant DHTs out there. Don't marry yourself to one. Use IPFS, as I believe it has support for arbitrary DHTs. |
(serious, please correct me if there is something I overlooked)
What do you base that claim on? As far as I know, there is an attack vector on the Mainline DHT that has been published for years[0] and that is being exploited in the wild[1]. As far as I can tell, the only reason the Mainline DHT still works is that nobody wanted that badly to damage it.
[0] Wang, Kangasharju: Real-world sybil attacks in BitTorrent mainline DHT; DOI:10.1109/GLOCOM.2012.6503215
[1] Wang, Kangasharju: Measuring Large-Scale Distributed Systems: Case of BitTorrent Mainline DHT; DOI:10.1109/P2P.2013.6688697
The text was updated successfully, but these errors were encountered: