Slashdot Mirror

It is possible to get Freenet working on OSX, take a look at the Freenet website here, and email support@freenetproject.org if you need any help.

As long as the Freenet project continues distribute its main download in the form of a Java class and not platform specific binaries, it will *never* work well enough to be useful to people in the same manner that Kazaa, or even Gnutella are.

You can whine and kvetch all day long about how wondeful are, but the simple fact of the matter is that the fact that you have to install a virtual machine to run Freenet makes it useful only to people who understand how to install a virtual machine.

There are ways to compile Java to platform-specific binaries that don't require a virtual machine to run. The freenet project should make binaries like this available for download for PC and Macintosh. Doing otherwise is shooting themselves in the foot for the sake of shooting themselves in the foot.

...do your bit to make sure that the RIAA will never stamp out P2P.

It is finally starting to work well enough to be useful. It still needs people to create mp3-specific freesites to allow people to find mp3s easily, but this could be the motivation.

So, like Freenet, then?

One way to look at it is that if (due to encryption) person who is holding the data can not (automatically) figure out what is stored, it seems that they can not be held accountable for the material (bit like if somebody buried a corpse in your backyard while you were away or such).

The way Freenet accomplishes this (if I remember correctly) is that the only way to find actual content is to try to search for documents using its key (which although not required, usually is a filepath/URL-like construct). This id is hashed and used as a key (plus used for encryption/decryption). There are no ways to do wild card or fuzzy searches. And this is also why Freenet isn't ideal for Gnutella style "sharing" of copyrighted data.

So what's the point if only person who created the document knows its id? There are lists of "well-known" ids that are published on Internet, that can be used for fetching the data. Thus, "directories" are decoupled from actual data.

In fact, it would seem to be that some of Freenet's ideas would be VERY interesting to use with the distributed backup projects as well? (for example; on top of Freenet's model, just encrypt your backups with your private key... if someone tries find your backups, they first have to figure out the id, and then try to crack it open... split the backups into multiple pieces and make tasks even more difficult)

Of course, all this data security may mean trading the actual backup feature to higher security; someone may overwrite your backups if they can figure out the id, even if they can not acces sit.

It's called Freenet

It's 2003 AD, and all the Internet is occupied by the powerful IP empire. All? No, a little village of indomitable freedom fighters still hold out, assisted by their druid Getafix's magic potion, freenet.

I seem to remember an article in a LinuxJournal a while back talking about uploading the entire Debian archive onto freenet and then using apt-get to download it. If that's the case, then you just have to point it to the correct freesite and let apt-get do the rest for you. I'm sure that a similar program, if not apt, can be created to automatically download and update new opensource programs. So maybe instead of trying to reinvent the wheel, they could just do that. Plus, maybe then, there'd be a decent number of people with semi-permanant nodes on freenet.

Just my $0.02,
La Camiseta

While the OCN does not make it easy to discover what other users are downloading, it is not anonymous like Freenet.

However, the problem with systems like Freenet is that the latency is incredibly high and has no way to leverage the existing mirrors that host much of the open source content today.

Since the OCN is built around HTTP, it can start its downloads immediately from the network of mirrors and as peers are discovered, it moves more of the burden onto the peers.

The end result is that the OCN has about the same latency as normal web browser, but can provide very fast parallel downloads when leveraging existing mirrors.

That said, if high latency isn't a problem, then we highly recommend using Freenet. We think its a great project and look forward seeing more and more applications built on top of it.

While the OCN does not make it easy to discover what other users are downloading, it is not anonymous like Freenet.

However, the problem with systems like Freenet is that the latency is incredibly high and has no way to leverage the existing mirrors that host much of the open source content today.

Since the OCN is built around HTTP, it can start its downloads immediately from the network of mirrors and as peers are discovered, it moves more of the burden onto the peers.

The end result is that the OCN has about the same latency as normal web browser, but can provide very fast parallel downloads when leveraging existing mirrors.

That said, if high latency isn't a problem, then we highly recommend using Freenet. We think its a great project and look forward seeing more and more applications built on top of it.

Ah yes. I actually installed FreeNet a couple days ago, at the suggestion of another /.er, but couldn't get it working. I guess it just required more effort.

Indeed. It's a shame no one thought of it sooner.

To recap:

• Reliable
• Anonymous
• Totally decentralized
• More popular files are more widely distributed thus avoiding any /. effect

And what's the point in that?

People can still connect to your IRC server using a standard SSH transport the same way that you are - no matter where it is in the world.

All IRC servers allow you to easily access the IP addresses of the people you're talking to (It's part of the protocol - WHOIS). Once they have the IP, they can look up your ISP from the netblock and lean on them to reveal who you are!

Also, whilst you encrypt your normal IRC traffic, DCCs will not be similarly encrypted, since they are simply a TCP socket opened between the two machines with the raw data of the file dumped down.

You'd be better using your encrypted IRC in conjunction perhaps with FTP over SSH. Got to make sure then that you only give out passwords to people you know - but who can you trust?

Something like Freenet may work a little better (http://freenetproject.org). Ok, your ISP could probably tell that some kind of encrypted traffic is going on, but that's it (I believe Freenet uses a standard 128-bit cipher).

I think there may be some flaws still in this due to TCP itself - any decent packet monitoring program could still determine the destination IP address on packets going to particular nodes, so you could still discover who was hosting a freenet site (ie. government agencies/RIAA etc. could simply join freenet as other people do with a packet sniffer on their machines, find a site they don't like, get the IP, etc. etc.)

That's really what it comes down to - if you are hosting something for others, all it takes is for someone to get your IP and they can find out who you are (eventually).

I believe ISPs should not be allowed to reveal who its customers are to third parties. Perhaps some kind of privacy law should be passed to deliberately prohibit ISPs from keeping email/traffic logs (although this requires so much hardware that it is already expensive to do this - the UK government tried to get ISPs to keep email logs, but they simply can't afford it), and more importantly if they issue dynamic IPs, no logs of who held which IP at what time.

Here in the UK, a government crackdown is being run on people just accessing child pornography (a heinous crime indeed, don't get me wrong). However, they have no co-operation whatsoever from the ISPs - the only way they are tracing these people is by getting lists from credit card companies of people who paid money to known child porn sites.

Anyway, bottom line - nobody is safe. Be afraid! Very afraid!

...use Freenet. Strong encryption and practically dripping with plausible deniability.

Of course, there's still the "pre-dawn-raid-and-seize-hard-drive" tactic which I've heard makes that moot...

What is FreeNet?
Freenet is a large-scale peer-to-peer network which pools the power of member computers around the world to create a massive virtual information store open to anyone to freely publish or view information of all kinds. Freenet is:
* Highly survivable: All internal processes are completely anonymized and decentralized across the global network, making it virtually impossible for an attacker to destroy information or take control of the system.
* Private: Freenet makes it extremely difficult for anyone to spy on the information that you are viewing, publishing, or storing.
* Secure: Information stored in Freenet is protected by strong cryptography against malicious tampering or counterfeiting.

I don't know the implications, or even if it is a feasible task to port P2P to FreeNet, but I think something like this is a necessary step as time marches on and as the red tape and legal woes thicken. (Maybe the implicit anonymous nature of the FreeNet doesn't allow for the same P2P processes to work -- then again maybe it's ideal) .Right now FreeNet is very slow and the last time I used it (version 0.4) was buggy. However I haven't tried the latest 0.5 release.

Of course this won't necessarily prevent the companies that create and distrubute the P2P software from being prosectued. However it might provide the anonymity that these companies need to distribute their software and keep operating -- provided they don't make themselves known to the public. If they are not known, then nobody can find them. Which begs the question: Then how would these companies get advertising revenue if nobody knows about them? Well, they could advertise on a webpage on the FreeNet and accept credit card payments over the FreeNet, and then the advertiser's content would magically appear in the P2P application. This would take a lot of trust on behalf of the advertisers.

Just a thought. I'd like to hear a response from developers who are involved with the FreeNet project and/or P2P clients about the feasibility of all this.

Freenet has much better data integrity and trust mechanisms.Someone could upload a bunch of crap files but you could download from SSK's of trusted sources and know they are good.

Download it here. Note that it has no search feature. You'll need to link it from 'freesites'. Visit the site for more details.

Even if a jury is somehow made to understand how freenet works, they will interpret it as deliberately evasive (and they'd be right), and will find guilt based on that fact.

...the node operator can plausibly deny any knowledge of the contents of her datastore, since all she knows a priori is the file key, not the encryption key. The encryption keys for keyword-signed and signed-subspace data can only be obtained by reversing a hash, and the encryption keys for content-hash data are completely unrelated. With effort, of course, a dictionary attack will reveal which keys are present--as it must in order for requests to work at all--but the burden such an effort would require is intended to provide a measure of cover for node operators.

Indeed, there is legal precedent for the prosecution of those anonymously or indirectly involved in a crime - posession of stolen property.

Thanks for the heads up regarding the differences in traffic analyzability between gnutella and freenet; I hadn't followed this aspect of the two systems, but am now intrigued enough to learn more.

Perhaps someone familiar with the Gnutella protocol can say whether this has been fixed yet.

This is one of the reasons that Freenet exists. There comes a time when simple civil disobedience is in order and appropriate.

Break the law. Period. Publish the works that would have fallen out of copyright without the Sonny Bono Copyright land grab on the dates when they should fall out of copyright. That means early recordings, very early films, comic strips like Krazy Kat, Thimble Theater (where Popeye eventually shows up), Little Nemo, all of it. With Freenet there is no way for anyone to trace anything back to you. It's a far from perfect system at the moment, but it's steadily getting better.

As long as there are files to be shared, people will find ways to share them. Napster is down, Scour is down, now Kazaa will probably go down. I guess it's back to using IRC until someone figures out how to make a free, open source P2P network that costs nothing, isn't incorporated, and doesn't rely on a central server so that the courts can't sue any single person. Hopefully it will last longer.

You mean like Freenet? The freepages don't have everything, but they are often completely anonymous.

A billion! So they only had a bazillion gajillion to go.

What if the encryption was broken anonymously? A group could form and distribute software using a Freenet-style network and the page providing the files and info for the project could also be hosted on Freenet.

What is going on in this country (and others) is the creation of freenet, a system that lets you surf anonymously, post anonymously, create web sites anonymously.

What about freenet? They hold many of the same ideals about a 'free' (freedom) Internet, but have gone about it a somewhat different fashion from what you describe.

Your suggestion is somewhat intriguing though, and sounds (at least to me) like it has the potential to be a lot quicker than freenet's method of guarding anonymity (all my experiences with freenet are that it is quite slow to access due to what I understand is the way files are retrieved).

The internet is a breeding ground for free information. Not all of it is quality information.

The problem is that when quality information is provided, it is popular. This in itself is not a bad thing, but people that write good content should not have to deal with the side effects of that popularity. The side effects are increased bandwidth costs to Webhosts. These people are good at writing content and shouldn't have to deal with the administrative responsibility of collecting micro-payments and advertising-revenue.

The solution? Something like freenetproject - where the content author can freely distribute his/her information without the dreary side effects of popularity.

If you have knowledge of value, it is your responsibility as a human being to give it to other people. This is why humans talk.

I followed the link in your sig and skimmed the text.
It seems like what you want is basically this right?

Someday's, I think that might be a good thing

Then again, there is OpenNIC and Freenet, so this may be already be happening in a minor way.

Yup, yup, yup.

I use Gnutella and Overnet to share some free 3D & Poser files I've created; I also do a lot of animations just for the heck of it that are not really something I want to include in my regular portfolio, so they get shared also.

If I wanted to do any up or downloading of anything illegal, I would surely not use a service that reports exactly who I am to anyone who wants to know, when there are fine packages like Freenet freely available (something I also share on gnutella; I had the thought once or twice that countries that block Freenet installer downloads might NOT be able to block one of the gnutella clients....just doing my part for world freedom).

There are many, many legitimate uses for P2P.

Wow. I really got Link-Happy on this one.

Um, let's not forget that the internet started out as a governmental network. In a sense, it has always been heavily regulated by the government. It only gained the reputation as a place for free speech because the government chose not to do anything about it (in regards to monitoring it) until recently.

Also, on the topic of a secure and anonymous application, I suggest that you use FreeNet and IIP.

I think most of those questions can be answered by the other messages in these threads.

• there will always be stragglers, and nothing can reverse that
• Please explain the inefficient parts of DNS so I can understand what your DNS replacement would do.
• There is nothing to stop you from referring to your web site as 1.2.3.4 and telling people to find it by typing "this is my site" into the Google toolbar
• I'm saying that name resolution system could stand some improvements. Such as?

To sum up, DNS is not a good 'average joe user web lookup system', in fact, it's a pretty poor one.

DNS is designed to map domain names to IP addresses, and not designed to help the user find information.

What is needed is something like a combo of realnames, dmoz, yahoo, google and your local yellow pages.

Are you a patriot, or are you a terrorist?

Because if you're not with us, you're against us.

And if you're not a patriot, you're a terrorist.

A patriot has nothing to hide from his [sic] Country. A patriot is glad, glad with all his heart to hear that his country is taking the initiative, a patriot supports the party -- if the party wants to know whom Sam or Sally is speaking with, let the party know. If the party wants to know where every Citizen is, what every Citizen does, what every Citizen knows, then let the party know.

A patriot believes. A patriot is the opposite of the dissident.

A patriot does not support laws that allow terrorists, those who do not believe in the strength and ideals of our country, to hide behind anonymity. A patriot does not support anarchy, the total chaos that results when you allow dissidents to mess with public awareness, to spread their lies about our country.

And a patriot does not call for public hearings, checks and balances, handcuffs to hold the hand of Justice, to keep our men [sic] in uniforms -- who believe -- from doing what they believe in, what Americans -- real Americans, not bleeding-heart-liberals need for their protection.

A patriot does not question.

You're either with us, or against us.

If you're not a patriot, you're a terrorist.

I guess I'm a terrorist.

Using P2P technology (I'm thinking Freenet may be the best starting point) it should be possible to build a distributed file system with built-in redundancy and access permissions such that every PC shares files with every other PC, yet none are dependent on any one other workstation. Everyone can reach the files they need no matter where they are (ideally they don't even know which files are local and which are remote), nobody can reach files they shouldn't see (e.g., personell records), and every file is backed up somewhere else. If Joe's PC crashes, just plug in another one and Joe's back in business. All of Joe's data is backed up elsewhere on the network, and all the backups on Joe's PC lost in the crash are restored (re-backed up) onto the new PC.

Feasible? Perhaps, but unfortunately I don't have the time to persue it. Still, if it could work it's an example of legitimate Peer to Peer file sharing.

if the distro's started using P2P for their distro's, or a P2P based web server/browser

Sourceforge? ...
Why do these sites need to be blocked?

Sourceforge probably hosts software that could be used to bypass such filters. But most importantly, they host the development of Freenet, a thorn in web censor's side =)

You can just get the abandonware version for PC; there are a few sites that have it up, including even the star map. Works great on multiboot OS/2, but then again, everything not expressly designed to be incompatible works great on OS/2.

Enjoy Freenet & Frost while you can.

I'd put the whole damned thing inside Freenet.

...DUH!

Hey man, I agree with you about all of this, and there have been days recently with all of the malarky passing into law where I almost felt the urge to chuck it all - and live like it was 1975 - paper and all. But by the time they manage to get this huge bureacratic behometh to do this type of dirty work we could very likely see a massive decentralized ad-hoc and an emerging phenomona called Smart Mobs and anonymous surfing provided by Hacktivismo, censorship-free and anonymous information via Freenet, open spectrum and finally perhaps anonymous digital cash from Yodel Bank.

Planet P - Liberation With Technology.

You might want to check out FreeNet then.

...host it here

Whoops! Correction: host it here.

Very good point about peer-peer distribution. The availability increases with demand.

A big potential problem I can see is the cost for the peers. We're already seeing some ISP implement bandwidth caps. If we take this concept to the extreme example of everything becoming peer-peer then I would expect consumer bandwidth costs to skyrocket, at least for any constantly utilized p2p nodes.

Another problem may be reluctant node operators. I just recently read into FreeNet. I feel a bit unconfortable with the idea that my node may be used to assist with untraceable kiddie porn or cult/nutty militia propoganda or other material that I find objectionable or even illegal. (Read the FreeNet faq about this very concern and counter points.) I'll probably get over this and give it a try, but I expect many others won't get over it.

This would be an excellent model for much of the type of things we read on Slashdot, such as a geek with a cool project and a low-bandwidth server that gets pummelled for two days and then is far less busy afterward. A FreeNet-distributed site would respond to the demand but not cost the author additional money or grief. Or perhaps a programmer starts and open-source project that gets ignored until version 0.4 and then people notice it does something cool and works and then the demand skyrockets. Typically projects have to relocate to handle the traffic, but no relocation would be necessary in a FreeNet-like distribution system.

The real irony with this story is that mail is peer-peer, anyway. Yahoo is basically charging for high availability online storage, otherwise you could just have a service that knows when you're online and points to your local SMTP agent when you're online. The sender's SMTP agent already holds the email if the receiving server is unavailable and retries periodically. The only problem with this would be if both sender and recipient ran their own SMTP agents and were never online at the same time.

The only thing that seemed to bother me was the simple availability of IP addresses gathered from the client. IP addresses = ISP = Account Name = RIAA & MPAA & everyone else knocking on your door.

This is a problem inherint in most Internet based sharing systems (as that damn annoying popup ad says, you're broadcasting your IP address (duh, it's how the Net works, you can't stop that (well, see below)).

There are alternatives however, the much proclaimed FreeNet, and IIP, however, with IIP, (which is secure & anonymouse IRC) sending/receiving files is, afaik, still in heavy alpha testing.

FreeNet, as a concept works, and as a product, is usable, however, due to the complex nature of the task it does (complete anonimity), it is slow. Frost is the best way currently to swap files. Frost is (imho), NNTP for freenet.

With every other system, your IP address is available, this includes Gnutella and Fasttrack. If you want to hide who you are, you need to use Freenet. Take a look at the "bad" stuff on FreeNet (I mean figuativly, not literally). The reason why there is so much, is because its SAFE to put it there (unless you are really stupid).

The only other thing you could do is find an ISP that guarentees to destroy any record of who used what IP address at what time. However, that doesn't stop a court ordered tapping being placed to monitor you in real time.

This idea is right on, imho. Gnutella and its progeny need to do a lot more to enable collaborative filtering and ratings - of media and nodes, as well as groups and producers.

P2P could be so much more than efficient ''pr0n & britney'' distribution... more even than the ''universal digital library'' that first Napster and now Kazaa have promised... but it has to get much smarter before that will happen. I feel like Freenet, by tackling the much more difficult problem of anonymous p2p, has been confronting these issues for longer, and by implementing such "smarter network" features may gain a leg up on the competition (and the last shall be first)... I don't know why the commercial Gnutella folks aren't setting the pace in this area (instead of bulking up on, no kidding, their chat and music capabilities), but really, they're not.

-renard

I agree, a traditional website wouldn't work. This is where distributed networking comes in. You'll have to give a little to get a little. I suspect freenet will play a role in this. It's distributed nature is often overlooked.

This Big Brother crap is over the top. The ISPs are protecting themselves from legal ramifications. They probably don't really care about the users that much .. the benefits brought about by PenTeleData covering their own butts just filter down to the users which is arguably good. No Big Brother entity is pushing anything here like propaganda. The two ideas don't correlate well at all, except that a few angry users are making over-the-top comments because they'll say anything to garner arguments for getting their precious P2P back.

A world without free flow of P2P access! We've had our cake and ate it too. Expect the world to change. Maybe something better will come about.

Giving bandwidth and taking it away -- that's another meaningless argument. Just as you have to pay for your bandwidth usage, so does your ISP. Do you think they get it for free to give to you? Most purchase bandwidth from other companies.
Maybe the price of gas shouldn't increase either. Maybe the gas station should pay more over time, but never pass those costs onto the drivers. It doesn't take a business mind to see the problem here.

I certainly am willing to pay more to use P2P while it's still here. However there is increasingly more focus on the law surrounding illegal P2P content. How much longer will be *want* to use P2P, even if we can? How many of us are already in future legal battles that we don't know about yet?

The idea about encrypting the content is cool. It's already being done over at the FreeNet Project, but it's so slow! However leave it up to somebody to sooner or later write a P2P app on top of the FreeNet network.

What if ISPs close all unusual ports to prevent against P2P? Well then somebody can write encoders/decoders that work over normal ports like ICQ, HTTP, etc. and format that file parts in that protocol. Wouldn't that be cool.

However what starts to freak me out is no matter how many times P2P succeeds at getting around the barriers, those barriers exist for many reasons -- many are legal reasons -- and soon that may come down on P2P users like a tonne of bricks. And I certainly don't want to be there when it happens. Nobody does. It's seeming like more of a gamble each day.

That is, unless all the root servers mysteriously die one day. That would make surfing for your pr0n a thing of near impossibility.

I have NEVER seen a p2p system address this issue.

This is exactly the issue that FreeNet addresses.

I have NEVER seen a p2p system address this issue.

Ever heard about freenet? It's too unreliable for now, but it's improving with time, and one of its goals IS to solve this issue.