Pages:
Author

Topic: BitDrop (or ShadyDeliveryNetwork), a non-robotic courier system - page 8. (Read 30381 times)

sr. member
Activity: 322
Merit: 250
I think runners should specify whether certain routes will have privacy or not. For example, for local destinations, a runner could safely not look at packages and post his promise so as to attract more packages. However, if the runner is about to take a trip by airplane, he will have to peek at any packages that he’s carrying, and should specify that condition on his profile.
hero member
Activity: 602
Merit: 513
GLBSE Support [email protected]
skittixch you've created a monster.

I'm running with this (although I won't start until next week, kind of busy).

Also it's on Cypherpunked, I gave them an interview yesterday, should be available as a podcast in a day or so here. http://agoristradio.com/?p=285
sr. member
Activity: 322
Merit: 250
I think that nodes should be able to specify their schedules as well as weight and size limits, but I don't think any should know the contents of the package. Otherwise, senders will simply lie about the contents. If the nodes really wanted to know, they could just peek.

If authorities compromise a node, that person can log into the site with a second password that will stop the system from routing packages through that node.
newbie
Activity: 57
Merit: 0
I think we're focusing too much on filling every possible security hole with measures that would stifle the proliferation and usability of such a network.  Think about the calamity that is the TSA, and the fact the people are choosing not to fly simply because the security measures have gotten so invasive. We might be venturing down a path of total anonymity, but at what cost?  I think simple, cost-effective, common sense steps can be taken (I love the tin foil packing idea) to reasonably protect all points in the chain.  If there's reason (i.e. high value, illicit, etc packages) to be paranoid about the possibility of an aggressive attack, dark runners can advertise their own methods for protecting the packages in transmission.  Instead of trying to centralize the security system, let it grow naturally out of necessity.  The runners will have reason to do this, as they'll be able to charge more for their security expertise and practices, further making a flourishing ecosystem of professional/entrepreneurial skill-sets to meet the demands of their clients.  The danger from the outset isn't outside aggression; rather, it's from setting up a system so complex that it makes people not want to try it in the first place.  Sending a package should be as easy as sending bitcoins to an acct and defining a start/end point. Any further complexity will limit the use of the system, and will run a risk of things drying up completely.  Total systemic failure is far worse than the remote possibility of an aggressive attack on a node by node basis, imo.
hero member
Activity: 602
Merit: 513
GLBSE Support [email protected]

 
Putting the object in a Faraday cage (yes, wrapping in foil) could provide a defense from live location tracking. But once the package is opened its location could be reported. So, this would provide a measure of security to the delivery network, but not to the recipient.
Interesting, I was going to say that someone would need to have the address of the recipient to send the package to them in the first place, but then I remembered the system does.

Also a package that could transmit it's location over a reasonable distance would need to be reasonably powerful and not small in size, larger than a 19inch crt monitor?

Quote
However, I do not know what you would do with a data-logging device that uses accelerometer input to reconstruct location by dead reckoning, a Faraday cage would not help in this case, it could penetrate the security of both the delivery network as well as that of the recipient. It need not even be terribly accurate, with enough samples routes can be reconstructed with a very high accuracy if they are re-used... Even completely random routes and drops would only have the effect of limiting the degree of accuracy such a attack could deliver. It could also reveal a lot of other information, including the transportation mode of the carriers, (walk/run, bike, car, etc.) as well as gait, which could be used to identify individual carriers. With enough time/space data the travel path could be also be correlated to video surveillance.

Now you're being more paranoid than I.

Quote
The best defense in this case would be to severely limit the size/weight of packages delivered, and also wrap them in foil, to prevent RFID tracking.

I agree. Any other suggestions to prevent the network being attacked?

What about law enforcement using entrapment against entry nodes? For example, they have an entry node (first person to collect package from user) collect the package which they have put illegal items such as drug into, and then proceed to arrest the entry node.

I'm thinking that you will need some reputation to be able to send packages too, this should help the network to resist.
hero member
Activity: 602
Merit: 513
GLBSE Support [email protected]
The result is each node knows only a portion of the route, it increases privacy, and the strngth of the delivery network.

Unfortunately, delivering physical objects has a very different security/threat profile from delivering data packets. All one need do to compromise the security of such a system is to send through location tracking devices. It makes no difference if delivery is done by human or non-human agents.

I was thinking about this, someone sending through a gps tracker that records the trip, but how useful would that be in reality(as long as the package is not brought to some location that is tied to the runner, i.e. their home or office or something)?

All that would say is about the pay being taken, and nothing about the person delivering.

Could lock the packages up in a faraday cage type box so they can't get a gps signal. Would wrapping it in foil work?
sr. member
Activity: 294
Merit: 273
...is exactly the future we have in store.
I've made a career out of predicting the future--and I would never, ever use this phrase Wink
hero member
Activity: 602
Merit: 513
GLBSE Support [email protected]
Oh I see, the character of the game is Faith.

That is actually a cool video (seems a realistic storyline, at least from the intro), and is exactly the future we have ins store.
hero member
Activity: 616
Merit: 500
Firstbits.com/1fg4i :)
hero member
Activity: 602
Merit: 513
GLBSE Support [email protected]
Seems you didn't see what i did there

The opening line of the WHAM song?

I missed what you did there too.
hero member
Activity: 616
Merit: 500
Firstbits.com/1fg4i :)
Seems you didn't see what i did there
legendary
Activity: 2058
Merit: 1452
This system needs Faith
we can start with PGP signatures :p
hero member
Activity: 616
Merit: 500
Firstbits.com/1fg4i :)
This system needs Faith
staff
Activity: 4270
Merit: 1209
I support freedom of choice
Yes! You have understood perfectly Grin
hero member
Activity: 602
Merit: 513
GLBSE Support [email protected]
Great! Anyway this should be an "option".
So it will be possible to chose the level of security, and also "drone" should have the possibility to chose to be a tor-like drone or not.

Example: I'm a drone, but today I just want to take flowers/pizza/cake/... things Smiley

Sorry for my bad english, I hope that you understood my idea ...
I think I understand what you're saying.

You would like to be able to opt-out of packages that are risky(unknown, possible illegal contents), this can be done.

If someone wants package privacy then it's marked as a dark package, and only nodes(couriers) who have said they will accept dark packages will get it. Normal packages get inspected and signed off by the first delivery node, or something like that.

Dark packets because they are higher risk cost more, someone willing to deliver them can charge more.

Right?
staff
Activity: 4270
Merit: 1209
I support freedom of choice
Great! Anyway this should be an "option".
So it will be possible to chose the level of security, and also "drone" should have the possibility to chose to be a tor-like drone or not.

Example: I'm a drone, but today I just want to take flowers/pizza/cake/... things Smiley

Sorry for my bad english, I hope that you understood my idea ...
hero member
Activity: 602
Merit: 513
GLBSE Support [email protected]
BitDrop implementation

Along with the initial idea (the subject of this post) some extra details.

1)Use Tor style onion routing to deliver packages.

What does this mean?

Every node(person doing delivery) must have a gpg key.
When a new package is to be entered into the system the sytem works out the route, selecting the appropriate nodes.

It then uses the nodes public key to encrypt the nodes delivery location.
The result is that each node can only know the location they deliver to and not the final destination of the package. If geocaching is used then each node doesn't even know who the previous node was.


Example.
Person in New York wants to deliver a package to Washington D.C.
Logs into the system, gives the pickup(either someone comes to collect the package, or the user delivers it to the first drop off point), and the final destination.

The system works out the optimal route, notifies all the soon to be involved nodes, and gives the user the first drop off point for the package (or someone will come and collect it).

The person who collects the package first is the first node, the only information they have been given is where to collect the package and where to deliver it to, the next location is the collection point for the next node and so on.

The result is each node knows only a portion of the route, it increases privacy, and the strngth of the delivery network.

I'm also thinking of having an android app that each node can use to sign the delivery of the package to the next node (using gpg), so if something happens to the package we know who's responsible, it also allows some measure of package tracking for the customer.

Each node gets a portion of the overall payment for it's delivery.
sr. member
Activity: 294
Merit: 252
Nefario,

I'd be interested in doing some coding for this project. I'm new to Python (I assume you'd use the same language), but not to the programming world.
hero member
Activity: 602
Merit: 513
GLBSE Support [email protected]
Down to be a runner in my area can carry anything and have certain experience doing it already.
During the summer we had this local wargame with about 100 people playing and i was one of the messengers.
shit was so cash.

Did you get chased do this or shot at(bb gun, paintball gun?)?

Sounds like a lot of fun.
full member
Activity: 308
Merit: 100
Down to be a runner in my area can carry anything and have certain experience doing it already.
During the summer we had this local wargame with about 100 people playing and i was one of the messengers.
shit was so cash.
Pages:
Jump to: