Slashdot Mirror

You made the contention that additional traffic is added to prevent traffic analysis. That simply is not true in any of the typical military encryption setups. Not for networks, radio coms, or any other communication methods I work with.

I can believe this, and my initial claim that you didn't know what you were talking about was clearly wrong. But, just because the systems that you have worked with are not designed to resist traffic analysis does not mean that no there are no such systems.

A couple of examples (the idea of link encryption to defeat traffic analysis is textbook stuff, but sadly none of the authors that I checked actually included references). The application that sprang to mind originally is Xor-Trees designed to resist traffic analysis and provide data secrecy for command and control links. A weaker example that tries to prevent analysis without full utilisation of the link is the randomised approach in FreeNet.

Another example that I can't find a citation for is some VPN products max out the link constantly to avoid traffic analysis. My own background used to be the telecoms world, so I'm using a slightly difference meaning of link level to you. In that world you do actually encrypt the circuit, either padding with random values, or relying on a cipher that doesn't reveal the presence of an empty stream (e.g AES in CBC).

What they are proposing sounds an awful lot like freenet, in practice.

The only way to fight this is for everyone to start using strong encryption for everything and protecting their anonymity even if it isn't always convenient, and even if they have nothing to hide.

Also this.

Seriously, this sort of thing is why Freenet was created.

... Freenet ...

From the site:

For best performance, Freenet will run continually. It should not interfere with your computer usage, as it requires around 200MB of RAM and 10% of one CPU core, plus some disk access.

And no wonder considering that it is written in Java...

Not all PCs have Java installed. First. Second. With that kind of resource utilization, I do not see Freenet catching with average consumers.

Probably they should invest into a lightweight C/C++ client. That even I would let run on my systems.

It seems that Wikileaks should operate over Freenet. Leaks could be submitted anonymously that way, and also distributed anonymously. The advantage would be that it would be entirely decentralized, so there would be no organization vulnerable to legal action.

Freenet has been slow and hard to use in the past, but its improved quite a bit. It is the obvious platform for something like Wikileaks. Of course, there is nothing to prevent people from mirroring content on the web (since installing Freenet, like any piece of software, is a hassle). But at least there will be an unimpeachable backup of all data on Freenet.

I wish a comprehensive group of security experts with varying backgrounds and specialties would get together and try to compromise both Freenet and Tor to see just how secure and anonymous they really are. By this I mean in an open, public, collaborative sort of way. This could only be a good thing, as any vulnerabilities or weaknesses could potentially be addressed. Then we could be a bit more confident about the confidentiality of those who contribute documents to sites like Wikileaks. I am sure that many such folks are doing so at great risk to themselves, especially when they live under repressive regimes, yet they believe in our right to know and are willing to take that risk. It really would be nice to know they are a bit safer doing it.

Freenet has been slow and hard to use in the past, but its improved quite a bit. It is the obvious platform for something like Wikileaks. Of course, there is nothing to prevent people from mirroring content on the web (since installing Freenet, like any piece of software, is a hassle). But at least there will be an unimpeachable backup of all data on Freenet.

I'd like to point out Freenet to the UK people here. That is all.

I have been waiting for something like this to happen and I truly believe if we don't do something about it we will live in an age when freedom of information is just a fairy tale.

For years I have been interested and involved in the Freenet Project. Not because it is particularly fast but because it is particularly secure.

Please visit http://freenetproject.org/

and make up your own minds. The more nodes created the faster it becomes and the more copies of documents, websites, images are prevented from arbitrary censorship.

Give a voice to the voiceless and remember the more you loose control the harder it will be to regain it when the crunch comes.

S'nuff said.

...if you're not participating in FreeNet by now, you'd damned well better start. It's likely to be the last place left (assuming it isn't outlawed).

Perhaps this (and the widespread lack of privacy in cloud-based services generally) will drive more users to privacy-preserving data sharing options, such as OneSwarm.

Or Freenet.

Plus, there is a Freenet mirror of Wikileaks. It's around a month old atm, but still lots of interesting information on there.

FYI: Freenet is decentralised. It has no servers to take down / DoS.

No, you don't need an invitation or need to know anyone using Freenet. There is an optional darknet version that works this way, where you only connect to people you know, but that's only for the extremely paranoid. The normal, opennet version of Freenet connects strangers to strangers and onion routes requests anonymously around the network.

Yes it's still in Java but it's hella faster than it used to be. Give it a try you won't be disappointed. http://freenetproject.org/

Imagine if a torrent could contain dynamic content, like a web page. You download the torrent, the content has say thepiratebay.org indexed, somehow the creater of the official torrent can modify the files pointed to by the torrent, and thus make the piratebay itself distributed.

Luckily, what you're describing basically already exists! The problem is just that it currently has a significantly larger barrier to entry than BitTorrent itself.

There is a Usenet-like system within Freenet called FMS (Freenet Message System). The FMS software exposes an NNTP interface so users can use whatever news reader they wish just like they were on Usenet. All identities are simply public keys, with a non-unique username to go along with it, and every post must be signed with a valid signature for that id. Underneath all of this is a web of trust moderation system for moderating identities. If an identity starts spamming, the first few people to see it will rate it down, which will cause the identity's visiblity for everyone (unless they choose not to accept anyone else's moderation) to drop off as the moderation propigates around the web.

Creating an identity isn't a cheap operation and involves solving a number of captchas and a bit a patience as the identity is "announced" by joining in on the web of trust. It's not possible to know of even the existance of an identity without it being in the web of trust. That way a spammer can't keep knocking out a lot of new id's for making spam. (But, unfortunately, this gives newbies a hard time too.)

The result has been a fantastic, completely spam-free network news system. It just needs more people right now. The downside, though, has been that the moderation system has been used to mod down identites simply for unpopular speech rather than outright spam.

And this isn't for lack of spam on Freenet. There's plenty of that where it's possible. The other threaded forum system on Freenet, Frost, doesn't have any useful spam protection and, because of this, it's currently unusable thanks to all the spam.

Time for more people to use Freenet! I just downloaded the film Up from it today and it would be difficult to find out that I did. Safe p2p.

It's been done, although there are questions about exactly how secure PD is (closed source, performance-orientated.) There's also Freenet which aims to be considerably more secure/anonymous, but is slower and still under heavy development.

The authors advertised "anonymity" etc. etc. at the same time as university professors published studies of statistics about the snooped connections: to any node present on the network for some time it is elementary to collect IPs.

Citation? There have been papers published claiming to have found flaws in Freenet. Sometimes they were simply wrong, on other occasions they had a point and Freenet was modified to prevent the exploit.

Ian Clark and his collaborator knew nothing of the concept of the Small World

Now you really reveal that you don't know what you are talking about. If you actually care about understanding Freenet, you should read Oskar Sandberg's thesis which explains in great depth the connection between Freenet's routing algorithm and small world networks.

Apparently, this bill is actually aimed at things such as the Freenet Project.
On Freenet, you actually don't know what is stored on your own computer (and thus, what you're sharing) as everything is encrypted.
Apparently, this effectively outlaws Freenet.

One possible reason: Makes services like Freenet illegal. For example donating disk space and bandwidth to encrypted files where the user-node does not actually know what they are helping to deliver sounds like it would violate being "'clear and conspicuous' about which files are being shared and getting user consent to share them".

No "Common Carrier" status for P2P nodes here...

Hmm, discussion of that can't possibly be in the Freenet FAQ.

And here's the Freenet key for the zip file: freenet:CHK@cua6vt6OGoe8dBOY2D4PR13jt~FvyvmHlMJKXPcXUgs,gFqVGC6lWjlSdE0cizGzWcyE5Y9f5J0QyWo-GNmLluY,AAIC--8/keys.zip

You mean something like Freenet?

The hard problems for such a network involve things like searching and routing. Freenet isn't exactly fast, but it's worlds more secure than anything else for this sort of thing (even so, it's far from perfect). It's also quite usable for things like browsing freesites (Freenet-hosted websites), and publishing controversial content (though large, unpopular files don't stay around forever, due to limits on disk space (and probably some bugs, but we're working on those)).

Of course, if the problem is the encryption itself, which Freenet makes rather heavy use of, the problem is rather harder.

In the case of social responsibility and volunteering for internet access there were many good projects to build local access between people long ago. "Freenet" had a completely different meaning before it became a crypto project. What killed these projects was that the big corporations wanted to gain market share and so were willing to sell internet access well below cost at the same time as making huge investments. For almost nothing people were getting better access than the Freenets could provide and the volunteers stopped seeing the point. We're still, to some extent, under the influence of that. However, things are changing, as we see with broadband rationing. Wireless community networks are already a start of a return but I think the time of community networks is coming back big time and it's time for people to start thinking about how to build them again.

Convenience and plausible deniability are somewhat mutually exclusive. Forensic traces are really hard to combat. Even if you memorize the ones and zeros, the "encryption" can mostly be broken with rubber-hose cryptoanalysis.

An interesting solution would be a browser plug-in gaining popularity which integrates with several major image hosting providers, offering client-side stenography and crypto. Only small files would fit though, but it'd be usable in some of the same scenarios Freenet was meant for, e.g. communication without 3rd parties being able to prove the communication takes place.

Reading all these about Conficker, I think it's an ideal candidate for securing p2p networks, better than Tor or freenet. I think the developers should open source it's code...

If they want to block p2p, things have already gotten difficult. In darknet mode, Freenet is decidedly difficult to block. It talks to no centralized servers ever, and it has no obvious protocol signature that you can spot with DPI (every byte that goes on the wire is encrypted; yes, that includes connection setup). You could catch it with traffic analysis, but that's far more expensive than the normal DPI gear most ISPs are currently willing to deploy.

Freenet is better at protecting your anonymity and content you access.

Yeah, I'm pretty sure their paper is bullshit. Aside from the whole anti-academic feel of the paper, I use Freenet myself and the little know enough about its architecture is enough to see through this paper. To poke at the other Freenet parts,

The popular BitTorrent and Freenet networks are still facing many lawsuits against their content distribution operations

I'm not aware of any Freenet lawsuits at any time, let alone "many". The way Freenet is built, it would be very difficult to find who to sue. For BitTorrent, the relatively small number of trackers have been under attack rather than the clients.

Applying our protection scheme, the Gnutella family, including Gnutella, Ares, KaZaA, LimeWire, Freenet, BareShare, etc., demonstrates the highest penalty on pirates because poison detection is only possible at the file level. Even a few chunks poisoned, the entire file must be discarded and downloaded repeatedly.

At the fundamental level, files injected into Freenet are split into 32kB (or less) chunks, which are inserted individually. That list of chunks that makes up a file is put into another chunk as a manifest, which becomes the address of the file. Freenet itself is not aware of files, just these small chunks. There is no "file level". It's the applications that run on top of Freenet that work with files.

It's content-addressable storage, so the hash of the chunk is its address. This makes it trivial to see if a chunk is good or bad. If a chunk is poisoned, the first clean node along the route will recognize this immediately and toss it out, which is a mere 32kB, not the whole file. Then search will continue elsewhere for the same chunk, as there is redundancy in the system specifically to thwart this attack (and deal with node downtime).

All in all, I'd rather the media cartels fall for fabricated papers like this than actually make effective attacks on p2p networks. So this paper is probably a good thing.

The paper won't download here, so I'm asking without RTFA, but how can this work against Freenet? Do they discuss Freenet in the paper at all? Freenet does chunk-level hashing, and the network enforces that the data matches the hash at all steps. Nodes returning invalid data will rapidly get dropped by their peers. Attacks like this are something that Freenet is explicitly designed to prevent. Also, the anonymity guarantees that Freenet makes would make it hard (potentially very hard) for them to identify a single user, let alone "collusion".

I'm forced to wonder whether the researchers mention Freenet at all, or if the poster is simply lumping Freenet in with other p2p apps that it has very little in common with. (Bittorrent and Freenet should be similar in some ways to their resistance against this attack, but Freenet's strong anonymity guarantees should make it more resistant. The fact that a node engaged in widespread poisoning will have trouble even staying connected makes Freenet even more resistant.)

I am not a number I am a free net!

Your P2P protocol already exists: Freenet. The more people load a page, the more caches of the page are stored. It was made to prevent censorship, and a side effect of this is redundancy in availability and storage.

It seems to me that helping them communicate (setting up proxies, opening more tor exit nodes, etc) is helpful, but not particularly open to cries of puppetry. Plenty of people are doing exactly that, and I think it's wonderful that there are simple things a quiet geek can do to help out a bit. Of course, detractors can always claim that open communication is a Western ideal, but it's become quite clear that a lot of Iranians want it as well.

Shameless plug time: Freenet is designed to provide anonymous, censorship resistant communications channels in the face of a serious adversary. For a number of technical reasons, the current version isn't all that well suited to the current situation in Iran. However, people are working on that and it might well be helpful at some point in the future. However, there's a less technical problem: it has no Persian translation! If anyone knows someone who speaks Persian well enough to translate, a translation would be much appreciated. The software includes a translation interface, so it's really easy to contribute a full or partial translation. Plenty of support for such an effort would be available as well.

People don't get it, if content needs to be delivered. It should be delivered using some other method than traditional web, which is easy to block. How about using Freenet, they just released new version. It's much much harder to block than traditional http/https. Freenet: http://freenetproject.org/ For Filesharers there is GnuNET. GnuNET: http://gnunet.org/

Sounds like Freenet.

Freenet is an option that *might* meet your needs. Unfortunately, it won't work well unless you're willing to run a node a large fraction of the time (might be hard for a laptop). And that implies a nontrivial bandwidth and disk commitment.

Whether it's reliable enough is another matter. Data that isn't accessed at all will become unavailable after a week or three; shorter term than that, or for data that's accessed at least occasionally, reliability is quite good. Speed isn't exciting, but a few seconds (maybe 15-30 if you don't access at all, maybe a lot longer if it's almost but not quite completely gone) latency and a few kB/s should be plenty here.

On the plus side, it is Free, anonymous, and secure. Of course, all of Adeona switching to it might represent a rather larger load than it's ever seen before -- and would probably be disastrous if those nodes didn't have a decent uptime percentage.

Post it on Freenet forums and hope it gets into the right hands.

Worst case scenario - rewrite some protocols to encrypt data and make it look like normal traffic.

You mean, more or less, what Freenet does.

I think we should seriously design an underground internet, just in case we need it.

You mean like freenet? Or maybe I2P? Although under this law I can see such programs being found illegal...

I'm more interested in a truly distributed file system for making better use of my home LAN full of PCs with those over-sized hard drives that could be being used efficiently.

Several file systems have tried to take advantage of distributed storage, RAID-style, but none are very well maintained or stable or feature-rich for day to day use to my knowledge.

Besides, its a distributed backup system.

Interestingly, it would be easier to store all my data in Freenet and have all my PCs form a darknet with each other.

I recall slashdot discussing this previously in terms of Freenet, although it's probably not a full discussion of legal ramifications (since everyone here says IANAL compulsively). You'll find it here.

As far as I can tell, much like any legal issue, most of what you'll find as far as legal discussion is mainly a lot of "Well, such-and-such may or may not apply here. Please consult your lawyer."

As if we all just have consitutional (if you're in the US) lawyers on retainer. I wish people would just give some advice, even though it will not be authoritative.

For some specific dissembling on this topic, you can also see freenet's legal FAQ.

the whole things falls apart because no one contributes to the development cost, the software won't get written (because it's too easy for people to rip-you off), and society is worse-off for the it's selfishness on an individual level.

Now, I agree that commercial software has brought some pretty radical innovations in software, but surely everyone on /. knows of people who write software intended to be free and for free.

The folks at freenet have this snippet in their philosophy statement:

9. But how will artists be rewarded for their work without copyright? Firstly, even if copyright were the only way that artists could be rewarded for their work, then I would contend that freedom is more important than having professional artists (those who claim that we would have no art do not understand creativity: people will always create, it is a compulsion, the only question is whether they can do it for a living).

This has already been proven for software.

I get most of my reading material from Freenet (0.5 of course) I guess I'm safe.

I highly recommend the 'The Second Renaissance' freesite - it'll take ya _months_ to get through that thing, and it's almost as good as dropping acid :)

If you don't wanna go through the trouble of getting Freenet, it's also here:
http://urza9814.googlepages.com/2ndRenaissanceText-Part1
http://urza9814.googlepages.com/2ndRenaissanceText-Part2

It's the Anonymous network dance!

You can share if you want to
You can slow down to a crawl
But at least you will be safe
Sixty-five kay in a cave
But detection chance is small!

http://torproject.org/
http://www.i2p2.de/
http://gnunet.org/
http://freenetproject.org/

I have been following this project for years and while I knew it was a good idea I just never thought we would need it so soon.

Please, show your support. Even if it is just spreading the word.

http://freenetproject.org/

Freenet's time is almost here.

I do not see how using bittorrent would protect you. Contrary to what the RIAA and cronies say, all "illegal pirate" P2P programs don't make you untraceable. In fact, bittorrent very much does not. That protocol was made to keep download sites from being slashdotted, it does nothing to hide where your file came from. There have been some attempts to sort of make it that way, but I don't think they have been a success.

Use Freenet for that, as it was designed to hide who or where the file came from and muddy the legal waters as to whether they can evade enough reasonable doubt to arrest you. I suppose it may make it hard to sue you as well if you don't announce who you are. In fact, we should all be using Freenet for discussion, since it would make censorship of what we say difficult. Only problem: last time I tried it, it was a pain in the ass. I think they also have a closed development model, which explains why its progress is slow. They are still at version 0.7, isn't that 5 years old?

There is also GNUnet. Haven't tried it or heard much about it, and frankly many official GNU projects suck, but maybe it will take off somehow?

I think the thing is publishing the protocol. I am not sure the Freenet project has done this (in any digestable form, anyway), so I don't see how development can move forward since very few are able to work on it. GNUnet published a bunch of papers about their protocol, so I think it may be possible for others to write alternate implementations. Sort of like how the gnutella protocol was reverse engineered, and it became one of the most used P2P system, except the GNUnet people were more open from the beginning...

Though I am looking for something like this which will be a success. I am not sure where to go. So far, Freenet or GNUnet seem to be the best chance for freedom of speech on the Internet.

On censorship-resistant Freenet, (0.1 and 0.2 links)

CHK@dl2LtW8MY23bY~5bo7nU96RV3bgCFSJ-ZTvwC6U9L6M,wdjDGdjVIupIin1DpjTuLBbaaHIQgnKpH-97RgGkP9w,AAIC--8/azw-0.1.zip

CHK@ezRruzByixwIQ4GwkE8w96lHB1gwXbpO3pTgz4EhZwY,5nU5t7jRgFLtlDwJ2Tivj12rMAusv~T~zywKdAEfw-g,AAIC--8/azw-0.2.zip

• Tor: Onion-based routing that acts as a proxy layer between the client computer and the Tor network. http://tor.eff.org/
• I2P: Also known as the Invisible Internet Project. The network is regarded as a message based system. http://www.i2p.net/
• FreeNet: is a distributed information and storage retrieval system designed to address the concerns of privacy. Freenet is designed to be anonymous and totally peer to peer. http://freenetproject.org/
• GNUnet: is a P2P network that can support many different forms of peer-to-peer applications. http://gnunet.org/
• Open VPN: is where one can use software that encrypts your traffic on a server created in another country instead of the one you are in. http://openvpn.net/

There are other programs and if you do not want others knowing what "traffic" you carry then you would be wise to use them.

Or on Freenet, where it is impossible for anyone to remove,

CHK@Lxdd7kNnDxsKDbJvN954w8VVTkyeXriXBc~CZQi7yh0,CpQsd8KQkbzeRnfpY4tprGAlt2LYjIKtwVdDYXWY~nE,AAIC--8/ineptpdf.pyw

CHK@0sthR-c3bxeDPtyRP4vLst4MKLAYunyPgL3DFgijAR4,GLU99yTKNtuIx9A54tvh20XisaAPwCcul58wTmTKjRE,AAIC--8/ineptkey.pyw

http://www.torproject.org/

Hey, actually that's a good point. Maybe they should create a Freenet site for the information... Get some more folk interested in that project too.