Revamping Freenet

N3wsByt3 writes "Many will have heard about the anonymous P2P-system Freenet. What many probably don't know is, that a big change is at hand: the Freenet developers have decided to drop all support for the 0.5x version, to skip version 0.6 and to completely revamp the 0.7 build into some kind of poorly described, presumably scalable darknet. The main coder even threatened to quit if such a darknet would be rejected. So, is it finally going the right way with the development of Freenet? Maybe not, since they seem reluctant to provide real data and rather rely on security through obfuscation, and then there is still the problem of their general inability in regard to pooling human resources, which, for any OSS project, is of the utmost importance." Obviously, the article submitter has his own feelings on Freenet, but notwithstanding that, what's the latest scuttlebutt from within the Freenet crowd?

How many revamps

[News for nerds (448130)]

will it take until it becomes something that can be used as easily as an web browser?

Freenet is not so anonymous

[Aviran (806737)]

A very interesting article [theregister.com]about flaw in Freenet

Perhaps, BUT....

[FooAtWFU (699187)]

We ran these observations by Freenet founder Ian Clarke. He agreed that the caching behavior does reveal far too many clues. But the next major revision is expected to eliminate the problem. Sometime later this year, it is hoped, the Freeenet developers will release a version that employs premix routing.

Newsbyte is a well known troll

[Sanity (1431)]

Newsbyte is a well known on the Freenet mailing lists as a troll who likes to criticise Freenet's developers, yet hasn't actually contributed a single line of code to the project in his several years of trolling the mailing lists. Needless to say that this doesn't prevent him from lecturing the Freenet developers at every opportunity. I personally routinely ignore his emails.

Matthew has indeed indicated that he believes it is essential that we support "trusted links" in Freenet, and the other core Freenet developers, myself included, agree with him - so Newsbyte's attempt to stir that up into some kind of controversy is just another example of his trolling.

I have no idea where Newsbyte's accusation that we are relying on security through obscurity comes from, certainly the archived email he links do doesn't seem to support any such claim.

As for the blog entry he links to, it essentially boils down to whining about why we don't implement each and every one of his suggestions.

When considering the value of Newsbyte's opinions, I would urge you to look first at what he has actually contributed to the project, versus those that he seeks to criticise.

Re:Newsbyte is a well known troll

[Sanity (1431)]

How about using this opportunity of discussion on Slashdot to bring up some of your own thoughts on Freenet?

With pleasure. Freenet has indeed had its fair share of problems, including an increasingly complex codebase that suffers from a lot of legacy code and abandoned ideas. That is why Freenet 0.7, the next major release, will be quite a significant rewrite.

Here [gmane.org] is a recent email I sent describing the plan for 0.7:

People could be forgiven for thinking that the project had somewhat
stagnated given the lack of activity on these mailing lists, so I
wanted to provide an update because this could hardly be further from
the truth.

Oskar Sandberg, Matthew, and I have been developing some ideas for 0.7
which represent an even more fundamental architectural shift than have
been proposed to-date, and which should address one of the most
fundamental shortcomings of Freenet as it relates to Freenet's usage in
a hostile environment, and which I believe represents a significant new
innovation in the P2P-space.

As most people will be aware, Oskar was one of the core Freenet
developers in the first few years of the project. He is now working on
a PhD in Mathematics. Over the past few months he and I have been
collaborating on gaining a much deeper mathematical understanding of
how Freenet does what it does. While this work is far from complete,
it has given us some extremely useful insights and much more confidence
in determining what aspects of Freenet's design work well, which don't,
and why.

To understand the new idea, I should start with some theoretical
background. Consider a simple "graph". A graph in the mathematical
sense consists of a set of nodes, some of which are connected to
each-other. At this stage nodes don't have a position in space, all we
know or care about them is which nodes are connected to each-other. We
can assume that connections are bi-directional.

The "diameter" of a graph is the minimum number of nodes you must go
through to get from any one particular node to any other particular
node in the graph. Note that it may not be easy to find this path, but
the important thing is that it exists.

There is a mathematical result which tells us what kind of graphs have
a small diameter. Basically imagine we have three nodes, A is
connected to B, and A is also connected to C. The mathematical result
says that if, given that both are connected to A, there is an increased
probability that B is connected to C, then the graph will have a small
diameter.

So, if we have a graph that has this property then we know that we
*can* get from any one node to another in a small number of steps, but
we don't necessarily know *how*.

Now imagine that each node in the graph has a position in space, this
can be 1 dimensional, 2 dimensional, 20 dimensional space, it doesn't
matter too much. Imagine that we want to get from one particular node
in this graph to another particular node. A simple approach is, from
our starting node, go to whichever node we are connected to is closest
to the node we want to get to. This approach will work quickly in a
graph that is a "small world". In essence, a small world graph is
where there is a higher probability that nodes which are close together
are connected than nodes which are far apart.

In the ideal case, the probability that two nodes are connected is
proportional to 1/(d^n) where d is the distance between them, and n is
the number of dimensions in the space in which our nodes reside. This
mathematical result is due to Kleinberg.

A small-world graph therefore not only has a small diameter, but
provides an efficient means to find it.

Anyway, back to the story. One of Freenet's weaknesses in terms of its
usefulness in a hostile environment, is tha

speed

[capoccia (312092)]

when the speed of freenet comes within an order-of-magnitude of the normal internet, people will start using it again. right now, it's just a nifty way to do things 100 times slower than you could otherwise.

Please ignore flamebait

[dj28 (212815)]

For anyone who reads the freenet mailing list daily (me), you'd know the the submitter of this article (Newsbyte) is a known troll who doesn't actually contribute to the project.

I suggest that people who want to know the whole story check out the mailing lists going back a month or so.

Less talk, more code

[m50d (797211)]

Freenet gets more attention because its developers are very vocal, but it sucks as a working network. You can hardly get any speed off it, you have to use the stupid browser interface, it's bloaty java, and there's no working search. Switch to gnunet, it has decent speeds, working search, and has a graphical client (not a very nice one as yet, but that could be improved).

bait

[capoccia (312092)]

with comments like these:
5. Slashdot effect doesn't write off the network for a month after release; if we grow by invitation, it will take longer to grow, but we will end up with a better network, and we won't generally have the collapse we have seen every time we've done a release.

this might just be an attempt to bait the slashdot crowd into trying out freenet so that freenet's userbase grows and the speed become reasonable.

Re:bait

[Bobdoer (727516)]

Defiantly not. Whenever Freenet's point releases have been advertised on /., Freenet slows to a crawl simply because its not designed to handle a ton of people turning it on for five minutes, saying "this sucks" and pulling the plug. It takes time for Freenet to acclimate itself to new nodes, and that amount of time is far greater than most Slashdoter's attention span.

Nothing wrong with obfuscation

[anti-NAT (709310)]

A lot of people seem to be confused about obfuscation / obscurity.

Obscurity or hiding things is a perfectly valid security technique, and can be used as a component of a defense in depth strategy. One of the main reasons people love NAT boxes is because they provide this property automatically. (I don't like them for other properties they have, and a firewall combinded with public address space will be just as effective at providing this specific property).

People are stretching the meaning of Kirchoff's theorm. Krichoff was refering to crytographic algorithms when he said that there is no security in obscurity - the security of a crytographic algorithm should only rely on the secrecy of key. You should assume that the functioning of the algorithm will eventually be discovered by your adversaries, and therefore shouldn't make the security of the system depend on the functioning of the algorithm being kept secret. That being said, restricting knowledge of what algorithm you're using will make a contribution of the system being secured, as it can add to the depth an adversary has to penetrate.

Great, here come the CP trolls

[Laxitive (10360)]

Every time there's a freenet article on /., the usual comments about child pornography and other "bad stuff" are bandied about.

Personally, I see Freenet as an experiment in what's possible. There's an abstract problem statement: how do you share data anonymously? And Freenet attempts to provide a solution to that problem. There are many valid uses for a solution to that particular problem. The canonical example is "dissidents in ". But it goes beyond that. Everything from corporate and government whistleblowers even in relatively free countries, to those who want to expose sensitive information they might be privy to without giving themselves away.

The problem is that such a system, by design, is necessarily going to be useful for people that organize activities and spread information that has little redeeming value. If dissidents and whistleblowers can obtain anonymity when sharing information, then so can child pornographers and terrorists and gangsters and whoever else.

This dilemma occurs with many systems based on an ideology of freedom and opposition to censorship. The US constitution's first amendment guarantees the right of NAMBLA to express their views on a public webpage.

The point is, freedom to any extent in the public commons will, necessarily, support both good and bad uses of that freedom. The question people have to ask themselves is wether their belief in the ideology behind that freedom is worth the tradeoff or not.

If you believe that the "bad guys" should be kept off of Freenet, then you don't believe in Freenet, or any other truly censorship-free information sharing system.

-Laxitive

Re:Great, here come the CP trolls

[evanbd (210358)]

Yup, you're welcome to express those views. And yes, there is CP on Freenet. There's also a lot of other stuff.

The point of view of most of the developers (and myself), however, is that you can be either for or against absolute, anonymous free speech. You clearly fall into the "against" camp. Most of those working on the network, however, believe that the benefits of having uncensored speech outweigh the cost. That the gains in human rights from publishing police brutality videos outweigh the losses from making terrorist discussion easy. That the gains from making DeCSS available outweigh the costs of copyright infringement. That the gains from proof of election fraud outweigh the losses from child porn. You're more than welcome to disagree with that point; I understand your position. However, there is another side, and it's more complex than "I want my child porn."

Me, I think I'll support Freenet and all that it entails, even if the results aren't perfect.

Re:Great, here come the CP trolls

[KagatoLNX (141673)]

Since we're exercising our rights, I agree with your point.

After careful consideration of your point, I realize the error of my ways.

Specifically, I realize that by running a Freenet node, I would be allowing others to use it the way you've said. I would be providing support to a system that, as a whole, exploits children.

I have since determined that telephones and video cameras are used in the production of CP. I can no longer supply the phone company or video empires with the money I pay for their products, since their products are used for bad things, as well as good.

I think we should do the same to the gun manufacturers, since we all know how guns are used.

Seriously though, the technology (Freenet) does not exploit children. People exploit children. Don't ban technology because it is effective. Freenet has NEVER exploited a single child any more or less than a telephone, the US Postal Service, and the entire line of Sony Handicam(TM)'s.

You do realize that by the time the video hits whatever distribution system that it's already too late, right? If you want to protect the children...why not actually protect the children. Don't use abused children further as an excuse because you're uncomfortable with other people expressing their rights outside of some sort of central control--because that's the object of Freenet--for better (political reform) OR worse (abuse of children for profit).

Finally, realize that the First Amendment is not what it used to be. There was a time that speech and thought could not be ultimately suppressed. Given the current state of technology, I'm not sure that will be sustained. Disturbing as it may be, someday the First Amendment may not be a nod to an unsupressable reality, but it will be that last bastion between an unscrupulous bureacratic machine and individual freedoms.

Same old, same old

[0123456 (636235)]

I haven't tried Freenet in quite a while, but when I did use it now and again before (in the 0.3-0.5 days, AFAIR), the main problem was that they'd get a network that kind of worked, lots of people would start posting stuff, it would be usable for a few months, and then they'd break it to introduce the 'next big thing'. And it would stay broken for six months, during which time most people stopped using it.

Frankly, for Freenet to have any future, I think the developers need to get used to the idea of _not breaking it_ every six months. Otherwise the few people with the enthusiasm required to keep it operating are going to find better things to do with their time.

You can either have a research network or a viable, usable system, you can't have both. If it ever gets to a viable, usable network, I might give it a try again, but it's pointless when you can't insert anything and can barely retrieve anything.

Re:Unfortunately, not a troll

[Fëanáro (130986)]

how do you know what was on your node?
I thought that was one of the points, that noone can reasonably find out what is on his node?

Re:FreeNet Is Lost

[EnglishTim (9662)]

I hear the accusation of Kiddy Porn quite a lot about FreeNet, but how does anybody actually know? I thought the big idea was that you don't know what's stored on your node - unless you're actually downloading FreeNet kiddy porn, how can you tell?

Re:FreeNet Is Lost

[dj28 (212815)]

You can't tell what's stored on your node very easily.

However, it is relatively easy to see what is on freenet at large. There are several spiders that roam freenet and index freesites they come across. It's sort of like what Google does. So all one has to do is load up these indexes and see how many of the sites are child porn related. Another way to tell is load up Frost and see how many of the boards of child porn related.

There's a very large number of them.

Re:Child pornography

[Kihaji (612640)]

The problem with anonymous freedom of speech is you eliminate the responsibilty of speech. Sometimes it's difficult to decide what is worth more.

Re:Child pornography

[mmkkbb (816035)]

See, the wonderful thing about such loaded language is that even if you tolerate the existence such content, by using Freenet you are being FORCED to distribute it. Isn't that lovely? And if you complain, the powers-that-be make YOU the bad guy!

Re:Child pornography

[Rei (128717)]

So where do you draw the line as to what one is allowed to post and what they aren't?

* Should people be allowed to post any pornography at all? (illegal in a number of countries)
* Should people be allowed to post a glowing post of support for Falun Gong? (illegal in China)
* Should people be allowed to publish a diatribe denying that the holocaust occurred? (illegal in much of Europe)

Etc. You can claim that, "Well, allowing the posting of child pornography or terrorism-related materials offends universal sensibilities", but this obviously isn't true, or the material wouldn't be being posted in the first place (not to mention, one person's terrorist is another person's freedom fighter). Just as a demonstration of how much people's sensibilities are different in different parts of the world, this [afghannews.net] (originally posted on msnbc.com) covers an interview with an Afghan mother who supported her daugter's execution by stoning for the crime of adultery ("My daughter is a criminal. If she hadn't been killed, I could never hold my head up again in my community.")

If the data is being created through abusive means, go after the source of the data. If the data is being used to plan violent action, use proper security at likely targets (not like it's hard for people to hatch plans in secret anyways - this is nothing new). The fact of the matter is that data wants to be free.

Re:Child pornography

[Ars-Fartsica (166957)]

If the data is being created through abusive means, go after the source of the data.

Uh, if you are hosting child porn, you are the host of the data, under current law. Many nations are now erasing the line between being a "distributor" of this material and being in possession of it. Really, you need to know this, because you will find very few individuals in Western societies who will vigorously defend you in public or the courts. You will find out what "pariah" means.

And in the strict sense, with Freenet you are a distributor in any case - you are providing a service to obtain this material - remember under the law ignorance is not an excuse, you could find it difficult to claim you were an unwitting accomplice.

Re:Child pornography

[willfe (6537)]

Why do you get that impression? "Child pornography" is just the red herring people always trot out when they want to censor speech.

You've heard the expression "I disagree with what you say, but I'll defend to the death your right to say it," yes? Your idea of "offensive content" may differ wildly from someone else's; the question becomes "who is right?" Sure, you can refuse to run a FreeNet node because you're scared some evil recipe for "instant terror version 3.4" might get stored there or a nasty evil child pornographer might post some horrid icky pictures you don't like onto FreeNet and your node happens to harbor some of the data, but in that case you really are censoring in your own way.

The FAQ's response to this concern is dead-on right. Even with child pornography, you're trying to treat the symptoms instead of the disease when you reason like this -- "oh I'm not running that because it doesn't actively stop child pornographers!" Bad news, buddy, the internet itself doesn't "actively stop" any pornographers. Are you just going to unplug so your browser cache doesn't accidentally store a thumbnail with content that offends you?

If you want to censor what you participate in on a free speech-centric network, you don't belong there. If you believe that, ultimately, full-fledged freedom of speech is more vital to our society than taking a sad, impotent stab at a group you don't like, then run a damned node and deal with the fact that you may not like what lives on it. Remember, there's a far better chance that text a government doesn't like (but that you do like) will be stored on your node than pics of little Suzie.

Claiming FreeNet was just "designed" for child porn is like saying Slashdot was designed to attract trolls. Sure, it happened, but that wasn't the original intent; back when it started, I think they honestly wanted to encourage and support open, public debate on important topics. Heh. Whoops. :)

Re:Child pornography

[finkployd (12902)]

I think the point is that every government draws the line somewhere else. In some places a naked 16 year old is child porn, in other places it is not. One man's terrorist is another man's freedom fighter.

There is not a universal code of what is acceptable to everyone, there is just your own personal code. This may fit the mold of where you live or it may not. The question is not "Should a line be drawn?", everyone would agree there is a line. However "Where do you draw the line on issue X?" is something that cannot be answered globally. The freenet people have taken the approach that since the line cannot be drawn in a specific place, let's just ignore it altogether and let anything go. Interesting experiment if you ask me. I'm not interested in using it, but I am not morally opposed to it just because it does not stop those I disagree with from communicating. As a user of PGP that would be damn hypocritical of me wouldn't it?

Finkployd

Re:Is Freenet doomed to failure by design?

[evanbd (210358)]

That's odd, because PGP is then "terrorist-friendly" and "pedophile-friendly," yet an awful lot of people support it (you included, I'm guessing from the bit about keeping your communications private). The problem is that if you make the network decentralized, private, and resistant to government censorship, then it seems to be the case that you have made it inherently content-agnostic and secure enough for terrorist use. Some people are willing to make that tradeoff, some aren't. But being willing to make that tradeoff for PGP but not Freenet seems... hypocritical.