Revamping Freenet 541
N3wsByt3 writes "Many will have heard about the anonymous P2P-system Freenet. What many probably don't know is, that a big change is at hand: the Freenet developers have decided to drop all support for the 0.5x version, to skip version 0.6 and to completely revamp the 0.7 build into some kind of poorly described, presumably scalable darknet. The main coder even threatened to quit if such a darknet would be rejected.
So, is it finally going the right way with the development of Freenet? Maybe not, since they seem reluctant to provide real data and rather rely on security through obfuscation, and then there is still the problem of their general inability in regard to pooling human resources, which, for any OSS project, is of the utmost importance." Obviously, the article submitter has his own feelings on Freenet, but notwithstanding that, what's the latest scuttlebutt from within the Freenet crowd?
Freenet is not so anonymous (Score:5, Informative)
Newsbyte is a well known troll (Score:5, Informative)
Matthew has indeed indicated that he believes it is essential that we support "trusted links" in Freenet, and the other core Freenet developers, myself included, agree with him - so Newsbyte's attempt to stir that up into some kind of controversy is just another example of his trolling.
I have no idea where Newsbyte's accusation that we are relying on security through obscurity comes from, certainly the archived email he links do doesn't seem to support any such claim.
As for the blog entry he links to, it essentially boils down to whining about why we don't implement each and every one of his suggestions.
When considering the value of Newsbyte's opinions, I would urge you to look first at what he has actually contributed to the project, versus those that he seeks to criticise.
Perhaps, BUT.... (Score:4, Informative)
Re:Child pornography (Score:4, Informative)
I don't want my node to be used to harbor child porn, offensive content or terrorism. What can I do?
The true test of someone who claims to believe in Freedom of Speech is whether they tolerate speech which they disagree with, or even find disgusting. If this is not acceptable to you, you should not run a Freenet node.
Re:How many revamps (Score:3, Informative)
Having said that, right now you basically install the software, and open your web browser - and you are surfing Freenet. Its only in "outlying" cases that things are significantly more complcated than this (ie. with firewall issues), and we are working on that.
Re:Unfortunately, not a troll (Score:2, Informative)
Re:FreeNet Is Lost (Score:5, Informative)
However, it is relatively easy to see what is on freenet at large. There are several spiders that roam freenet and index freesites they come across. It's sort of like what Google does. So all one has to do is load up these indexes and see how many of the sites are child porn related. Another way to tell is load up Frost and see how many of the boards of child porn related.
There's a very large number of them.
Re:Newsbyte is a well known troll (Score:5, Informative)
With pleasure. Freenet has indeed had its fair share of problems, including an increasingly complex codebase that suffers from a lot of legacy code and abandoned ideas. That is why Freenet 0.7, the next major release, will be quite a significant rewrite.
Here [gmane.org] is a recent email I sent describing the plan for 0.7:
Re:Less talk, more code (Score:2, Informative)
Re:Unfortunately, not a troll (Score:3, Informative)
By the article, you can't actually see what's been downloaded, but if your local fascist government wants to determine if you downloaded file XX, they could try downloading that file from your node. If the performance is very good, then there's a good probability that the encrypted chunks are cached locally and in neighbour nodes, thus they can determine that you did download it.
Re:Perhaps, BUT.... (Score:4, Informative)
It so happens that they can do something about this specific attack, and they will. But it was never an objective and it won't stop a really determined attacker.
Networks with similar goals -- (Score:3, Informative)
Tor is simply an anonymous p2p proxy:
http://tor.eff.org/ [eff.org]
i2p is a fork from freenet. Similar to Tor but you can host your own site off it.
Both are not nearly as freenet. I'm loving i2p though because it's much more practical.
For a lowdown from the i2p people on these and more similar technologies see here:
http://www.i2p.net/how_networkcomparisons [i2p.net]
Re:How many revamps (Score:3, Informative)
Re:FreeNet Is Lost (Score:3, Informative)
Comment removed (Score:3, Informative)
Re:How many revamps (Score:3, Informative)
I don't see freenet having those issues though. Node administrators for sure, but not freenet users. Freenet users don't really have keys or even any necessary knowledge of the technical layer of encryption. They need to know how to connect to a node.
You have a misunderstanding. Every freenet user is a node administrator. The freenet node is what actually does all the work. Every user runs a node, and every node has a data store. The node has a web interface on port localhost:8888, to which a browser can connect, so that the user can see the files in freenet in a comfortable and familiar environment.
Beyond that, if the user plans to publish content within freenet, then he must understand the basic freenet concepts of keys, keypairs, hops to live, and so on.
Re:Unfortunately, not a troll (Score:3, Informative)
When you retrieve a file from Freenet (at least the current "stable" implementation), your request is bounced through several other random nodes on the network; and relaying a request for another node looks exactly the same, protocol-wise, as initiating one. They call it "plausible deniability;" if a person's node contains stuff considered "bad," or illegal, then there's absolutely no way of knowing (as long as the person frequently clears their browser history and cache) whether the user of that node initiated the requests for any of that content or if they were just unknowingly relaying it for someone else.
A while ago, I saw a Freesite linked on the Freedom Engine (one of Freenet's most popular portals, probably because its operator links to kiddy porn and murder pictures, considering them to be "free speech") which claimed to filter content matching a certain list of hashes out of your node, so that your node would neither store that content nor relay requests for it. It came preloaded with a filter-list (somehow obfuscated so the real file keys couldn't be extracted by people who like that kind of stuff) of miscellaneous generally-objectional content. I'm not sure what the reaction to that was, if there was much.
But there's no way of finding out who's actually storing and retrieving that content. The current Freenet implementation leaves absolutely nothing to "security through obscurity." The only way to censor it would be through legal means, perhaps by declaring that allowing one's Freenet node to be used for illegal things is a contributory crime. But due to the nature of Freenet it would still be very hard to enforce.
Re:Newsbyte is a well known troll (Score:2, Informative)
Because its a fallacy. This is how Amway builds its pie-in-the sky "network marketing" pyramide scams. The way it works in the real-life is that the "trust" networks are very fragmented and dis-continuous. A small number of people to a cell, dis-separate from all other cells. More oppressive the conditions, smaller cells. Attempting to establish a new link is the greatest risk action in such a network and thus taken very rarely and with paranoid precautions. People who equate "random forum posters who know secret l33t handshake" with establishing trust in a life-or-death situation are laughable.
That's exactly the point of trusted links. If the node addresses aren't published, and the links are relatively stable, then those links can be camouflaged as other traffic. If you don't have trusted links, then you can spider the network to find nodes.
I dont care for either model, they are both useless. In the first case, steganographic email is far more efficient and safe as it involves no suspect software such as Freenet client and in the second case... the churning and other nonsense are artifacts of useless design. Whichever way you look at it Freenet brings nothing positive to the world of dissidency. Worse, it needlessly exposes naive people to additional danger by persuading them that it is somehow "safer" while being the exact oposite.
Oh, now I know you're trolling. Never mind.
Oh far from it, although the users of the questionable contents of Freenet seem determined to troll rate me off this discussion. The main reason the "darknet" is more suitable for criminals is because contrary to the claims of the developers, no large-scale network can be made of dissident cells in this manner. Only small criminal gangs can find use of this system, hoping to bamboozle authorities by hiding behind "free speech".
Re:Unfortunately, not a troll (Score:2, Informative)
To get back on topic, it is possible to decrypt a given file in your cache if you already know its key. If the police/FBI/whoever want to know if the key CHK@iPw3Grf-hV7d8IQF2-WXFByWfzMQAwI,FGJqABIFcBZ91I qayz6aew is in your cache, it's trivial to check for that key, but if they grab a random file from your cache and want to decrypt it, the only way to do that is by trying every possible key.
Re:Newsbyte is a well known troll (Score:1, Informative)
But, the real problem is this -- if you might be commiting a crime by hosting a freenet node, then the state will just go ahead and make hosting a freenet node (or similar type of node) a crime in and of itself.
Now, how do you host a freenet node with no one except other members of the network knowing you're hosting a freenet node?
In the current architecture, you can scan the traffic of a node, and observe the behaviour and how it relates to other hosts on the internet, and determine not only if a user is running a freenet node, but where the connecting nodes are on the internet.
Solve that problem.
Comment removed (Score:3, Informative)
Fork oh yes... (Score:3, Informative)
"you can always fork. If you do not agree with the current developers' direction, fork. "
People tried to fork Freenet a couple of years [slashdot.org] ago (October 2003) when it started going down the shitter (in April 2003). The forkers tried to be as nice as can be about such an issue, but the current Freenet developers told them in effect to 'Get the fuck out of here' and they did not bother.
What one of the would be forkers (jrandom) did do though which is a nice kind of tasty ironic desert is make I2P [i2p.net] instead. Kinda nice, time that would have been spent on Freenet now made an application that in many respects meets or exceeds the abilities of Freenet.
I really do not want to make this sound like a bitter tale, it really isn't. I believe both projects (are?) seem to be getting a long since everyone has the goal of working anonymous p2p. This newest idea of Freenet is looking towards the future when our government (Western governments) try to outlaw anonymous p2p like current dictatorships are or have done.
Re:Child pornography (Score:2, Informative)
Doctor, it hurts when I go like this.
As the faq itself notes no one is forcing you to do anything. If you are not comfortable with the idea of absolute free speech, do not run Freenet since that's what it's all about. It's that simple.
And that is the issue with truely free speech you understand? It's inherently an all or none sort of deal.
And I see any particular impediment to your writing your own "Kinda, sorta Free around the edges accept for the stuff we don't like Net."
If you think that will protect you from the powers-that-be though you aren't paying attention. One power's kiddy porn is another power's freedom tract.
KFG
Re:Child pornography (Score:1, Informative)
-Noam Chomsky
Re:Newsbyte is a well known troll (Score:2, Informative)