On 7/26/2013 10:45 PM, Randolph D. wrote: > Does anyone know, if this tool is really secure?
Based only on their press release, this seems like a completely unscalable bucket of failure. > The so called "Echo" creates a peer-2-peer (p2p), respective > friend-2-friend (f2f) network, which sends every (strong encrypted) data > packet to everyone connected in that network to your node. When you can > decrypt the packet, it is yours and readable, if not, you share it with > all your connected neighbors. So far so simple. And this, right here, is why it's such a colossal disaster. It cannot scale. Let's say that you're connected with 1,000 other users, and each of those users is connected with another 1,000. Someone sends you an echo packet that you can't decrypt. You then send it to 1,000 others. 999 can't read it and the last one can. Each of these 999 users then sends it on to *their* 1,000 contacts... Remember, this is delivery to a user *adjacent to you in the graph*. It doesn't get better or easier than that. And for a delivery this simple, we're still talking about spamming the network with a million packets (your original 1,000, plus 999,000 others) just to deliver a single packet. This is not a communications protocol. This is a denial of service attack against a network. Now, maybe the people behind the "echo network" are world-class network engineers who have already accounted for this, and the person writing the marketing copy is a brain-dead marketroid who started sniffing glue at a tender age. That's possible. But, based on the marketing copy, the entire idea looks bogus to me. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
