This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/

[atlas] Reasons to celebrate - passed 1K active probes :)

Previous message (by thread): [atlas] Reasons to celebrate - passed 1K active probes :)
Next message (by thread): [atlas] Reasons to celebrate - passed 1K active probes :)

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Philip Homburg philip.homburg at ripe.net
Tue Dec 27 11:58:24 CET 2011

On 12/25/11 20:45 , Simon Josefsson wrote:
> fre 2011-12-23 klockan 19:33 +0100 skrev Philip Homburg:
>> (From a technical point of view) releasing the source is not an issue.
>> The probes come with key material that allows them to connect to the
>> Atlas infrastructure. In theory you can get that out of the probe. But,
>> you would violate the agreement as a probe host and it would be quite
>> tricky to do. And, you can take over only one probe at a time which has
>> to be in your physical possession.
>>
>> If we would allow 'third party' probes to connect to the Atlas
>> infrastructure then all of that changes. No need to physically obtain a
>> probe. Just download the source, request a key. And start hacking away.
> How does this keying work today?  I haven't seen this documented
> anywhere.
The slides should give you a general idea of how it works:
<http://ripe61.ripe.net/presentations/269-20101118-RIPE61-MAT-Robert.pdf>
>
> If you embed a symmetric or asymmetric key in the probes, which sounds
> like what you are suggesting (and is more advanced than what I
> expected), there shouldn't be any threat to publish source code for the
> firmware: people will not have access to any private key that you will
> trust.

That's right.
>
> My proposed solution to send a hash of the firmware was to be able to
> diagnose on the server side which firmware sent what information and to
> do larger-scale data mining.  It is not a solution to malicious probes.
> Sorry if anything I said implied that.
>
>
So, assuming for a moment that we cannot let 'third party' probes 
connect to the Atlas infrastructure, because we cannot trust the 
results, what would be the point of releasing the source? One is that 
somebody may want to run his own private copy of the whole Atlas system. 
But that is going to to be a lot of work setting it all up.

If we would allow third party probes to connect, but it ignore their 
results and not schedule any UDMs on those probes. Just publish the raw 
results somewhere. Would that be a net benefit to the community, or just 
a PR disaster waiting to happen?

Previous message (by thread): [atlas] Reasons to celebrate - passed 1K active probes :)
Next message (by thread): [atlas] Reasons to celebrate - passed 1K active probes :)

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

[ ripe-atlas Archives ]