What about a "Dataflood" attack?


#1

I’m reading about the possible attacks on the network:

http://maidsafe.net/SystemDocs/attacks/README.html

What about a dataflood attack? let’s say I have some money and I want to bring down Maidsafe. I go into the sourcecode of the software and make it so that the software goes online, creates a random inlog, pin, pass etc. Maybe I get some free 3 gigs of storage to use without the need for any safecoin. I upload random data tot the account to fill up the 3 gigs, disconnect and than re-connect some time later to do this again. Maybe I can create like 100 fake accounts a day to hurt the network. The data will never be asked for again, but nobody knows what it is, who filled up the fake accounts etc.
Even if we have 1 corrupt regime somewhere with a dictator who doesn’t like Maidsafe there can be trouble…

Is there any protection to this type of attack?


Network protection against garbage
#2

We are still debating any free space at all. If somebody has enough money though they can bring down any system :slight_smile: we are not alone there. The biggest threat to free space is this one, it can be tempered with privacy erosion (use facebook accounts or similar) but it’s dangerous. The debate is not complete and will do in testnet3 though.

We opine in the office that humans are probably the only species that do harm to themselves in this manner, the amount of code and protection against malicious humans who the system is created to help is immense and does add complexity and slows it down. It is unfortunate but its the territory.

The other side is how easy this attack is though, i…e google allowed folks to use gmail to store data via fuse etc. and did not even try to ban it, you could create a ton of dropbox accounts and do the same, you could create a simple app that aggregates all free space providers into a large free space, but it’s either not happening or not making a difference. So there is a chance technically possible may not mean its an issue. Another element is the network will archive older data in a manner that makes it very cheap to maintain (almost zero) and this attack may be futile in any case.

Welcome to the decentralised crazy world of SAFE, we are not short of variables for sure.


#3

It’s correct that Google and Dropbox could suffer the same, but when they have a inactive account for let’s say 18 months they will remove them. Maidsafe will store our stuff forever, preventing anyone kill any data!
I think people should pay some safecoin for an upload. The first 1 gig could be free, but if you want more… run the client long enough to earn some coins. This will make it a bit harder for an attack like that.


#4

Yip that’s the debate :smiley: No simple answers I am afraid though. Storing forever is not really an attack to bring it down. Say others did delete after 18months (imagine hiking for 2 years to come back to no data) then this attack needs to last longer than 18 months to be equivalent?

Run a client to get coins, well then do you get an overdraft amount as you cannot expect to run for a few weeks then store data ? Then the overdraft amount is used like the attack you mention.

Force buying safecoin - it’s hard and not readily available?
etc.
It rages on, no simple answers I think. There are some discussions though and a team to focus on it, we will get a great answer for sure.


#5

Dropbox, etc are the owners so they can delete at will.

There should be that minimum barrier of entry where a user must provide to the network before receiving from the network vs no barrier of entry. No loss, no gain.

Therefore, each user who does not own SafeCoins from someone else, will wind up providing resource even temporarily to the network in order to utilize the service that is the planet’s network.
I see what @janitor meant when he said that it was weird to give totally free storage. It is too easy to earn safecoins; and if the algorithms are fair enough, the amount of coin for a person to use gmail-esque service of 10 gigs of free storage will be fairly easy.

Browsing SAFE Network for free is fair enough;


#6

If you want to go “hiking for 2 years” then you must share 100 more times data than you want stored for one month, accumulate necessary maid coins and offer them for storing your data for 2 years.