Slashdot Mirror
Why Freenet is Complicated (or not)
JohnBE writes "'This article is primarily a friendly rebuttal to Steven Hazel's CodeCon 2002 talk entitled "libfreenet: a case study in horrors incomprehensible to the mind of man, and other secure protocol design mistakes". Hazel presents the Freenet protocol as an overly complicated, self designed crypto layer. In fact, though somewhat complicated, literally every step in the protocol was carefully thought out to resist certain attacks and to increase certain properties desirable for Freenet operators and the network as a whole.' Interesting in light of Peek-a-booty, this article covers many of the issues involved with creating a anonymous P2P system."
(from the article) ...
Some perceived minor irritations may arise due to the implementation of Freenet in Java. Java is not like C, so some porting issues are bound to arise. Porting is hard sometimes.
"Everyone is entitled to their own opinion, but not their own facts."
http://www.kuro5hin.org/story/2002/2/17/203032/375
"Total destruction the only solution" - Bob Marley
http://www.kuro5hin.org/?op=displaystory;sid=2002/ 2/17/203032/375
It would have been nice for the person who submitted the article to at least include the link to the article that paragraph came from...
Is this post not nifty? Sluggy Freelance. Worshi
...we can find the latest Britney Spears album, complete with high-res cover scans and 320kbps MP3s, I highly doubt Freenet will catch on. It's already surpassed by Morpheus and Gnutella in terms of users. The thing preventing Freenet from gaining wide acceptance is, for sure, the fact that mysterious files which you have no knowledge of their content, are automatically downloaded to your shared directory. This of course helps other people, including people you don't want to help.
Here's a quick overview of Freenet, if you need to get up to speed.
"It remains to be seen if the human brain is powerful enough to solve the problems it has created." Dr. Richard Wallace
This was also posted to another scoop site, kuro5hin :)
For those of you who care, Ian Clark also commented on the story himself(1 2 3 4 5)
autopr0n is like, down and stuff.
Its just so wrong for that scgmille to copy so blatently from that poorscgmile guy. er. wait...
autopr0n is like, down and stuff.
I also think if freenet were written in C, it would have far more developer support.
Documentation is lacking and that doesnt help, what also doesnt help is using java, Freenet barely works on Linux and MacOSX.
C would have been the language of choice simply because more people know C than java, porting would have been faster.
As far as the freenet project going down, someone needs to port freenet to C right now, if its ported to C people will develop for it.
While I konw C, i dont know java. Alot of people would like a freenet DLL for windows from which they could do somethinng like write a vb app front end for the freenet backend. This would make freenet more popular for windows.
I dont know, I disagree about the freenet developers not knowing how to code, they code way better than me, they dont seem to document anything, they dont have a status page, they rarely use the mailing lists and talk too much on frost, communication skills would help.
I think freenet has come far, I think with alittle more support, perhaps some kinda sponser or from donations, or if they make it easier for people to contribute code, freenet will be a success.
Right now freenet is just too underground and esoteric for normal programmers to deal with.
If you use Linux, please help development of Autopac
Possible the only network with a higher Porn : Non-Porn ratio than the Internet itself :P
If you wish to read about well-designed anonymous P2P systems, look at Crowds (similar design to Pick-a-Booty, years earlier).
Anonymity has many more uses: censorship resistant systems often use anonymity. See, for example Free Haven or the following article on a new design
http://www.cl.cam.ac.uk/~aas23/Anon_p2p2.ps
Stories are put in a submission queue for users to rate on. When a story has been sent to the front page (or a section), the date is set for that time.
This story was submitted Feb 17 <21:33 (time of comment 1)
I can't say anything of the submission process for infoAnarchy, as to whether it is readily available before it is 'posted'.
In comparison to what? Client development? Ease-of-use? Node implementation?
Freenet is pretty easy for client development and average for ease-of-use. However, node implementation is no easy task (just ask Adam Langly).
Not a typewriter
I have millions+ customers being server on a handful of java programs. The only problem I have is jvm for Solaris seems to leak memory, so we load balance and restart the java processes once a day. We did it once a month, but decided to make it nightly to be safe with the high volume of traffic. (And sys-admins are lazy!)
Most times its not the language that's the problem, its the environment, either os bugs, or some other software incompatibility.
Java seems to be fast enought for realtime mission critial apps, so stop the fud.
-
Courage is resistance to fear, mastery of fear - not absence of fear. - Mark Twain (1835 - 1910)
I really beleive that good documentation coupled with good code is the reason that some projects prosper and others fail. Maybe they have the balance right, the system is ludicrously easy for Windows users now. On the plus side:
They have a Wiki system on their homepage which allows you to add to the documentation easily (had this been available 6 months ago I would have)
The code is nearing a stable level (Datastore bug gone)
Usefull non-Pr0n applications are been developed such as Frost.
e4 e5
...the sheer complexity of what is achieved by the current Freenet codebase would make most software engineers give up before they had started. Connection pooling, real-time unwrapping, progressive hash checking, splitting, and rewrapping of encrypted streams, incorporation of a servlet architecture, threadpooling, unit tests, the list goes on, this is a massively sophisticated piece of software, the code is well commented, and as soon as the inter-node protocols are finalized, they will be documented (in fact, Adam Langley is working on this as we speak). Yes, the code and protocol are complicated, but no more-so than they need to be.
Just to insert my $0.02 on this statement. While I think that Freenet is spiffy, and the work is great, judging programmers skill by what they produce is not always the best method. Please note I am not talking about the Freenet developers here.
I strongly believe in the million monkeys principle. I have seen code that was written by a team of people that expanded over 150K lines to do some amazing things. But the code was shit. You could tell the programmers did not have a grasp on not only how to write what they wrote, but even on common agreed-upon design and implementation principles.
The result: a rewrite bringing it to 57K lines and utilizing a tremendously lesser amount of memory.
The code when we got it was really phenominal. It did a lot, but had a lot of problems under the hood.
Judge a persons ability by the quality of code, not the features they produce.
Dacels Jewelers can't be trusted.
I'm not sure why I would want to install freenet on my system. From what I understand, basically I'm expected to download and install this software and give a certain amount of my own bandwidth and disk space over to the network. I have no way of knowing what's stored on my hard disk and being downloaded from me. I've peered through a key list for freenet and it seems most of the data is porn. You might accuse me of being alarmist but i'm fairly confident a good amount of that will be illegal porn (underage, etc) otherwise it would be on the web somewhere.
So now I've paid money to buy bandwidth and disk space to set up a porn server, and I'm not even getting ad revenues.
As for protecting speach, couldn't a government just make the freenet software itself illegal if it wanted to?
I can't see it really catching on - apart from a few paranoid "lone gunmen" types and comic book store guy, who's it going to appeal to?
Just a question.
James
Why do I feel the need to defend java on slashdot? Here I go again:
Java is slower than C, yet less powerful than C++.
Yeah, that's a testable statement. Most of java's use is network-bound programming, where pure speed isn't an issue, but it's excellent networking library is a benefit. No one is coding an OS in java.Add to this the fact that java 1.4 is on part (except for GUIs) with C++, and you have no speed issue.
Java is portible but so is C#, C, C++.
Java is binary portable which is a huge advantage. I can take compiled code from one architecture, and run it on another. Do that in C or C++. Hell, you can't even run a complete C# program in solaris now, so much for the common run time.
Java currently doesnt seem to be a match for C#
Is that why C# is an almost exact syntatic copy of java? Is that why the architectures and security models are almost the same? Which language has more users now? Which actually has deployed code running in production?
Java is ok, but i have yet to see a successful project written in java.
Have you heard of Tomcat? That's a moderately successful java project. Also, many real businesses use java on the web layers. I guess those don't count as 'successful projects', but they should count for something. The fact that there are relatively few java projects has more to do with the open source community being stand-offish regarding java, and not with language faults.Just posted on slashdot a couple of weeks ago: Root Node Live, which is a java project (brought to you by konspire) helps people trade jam-band music.
"This is not a company that appears to be bothered by ethical boundaries."
Attorney General Mike Hatch on Microsoft
You can always pick fight over Java is better than c or c is better than java. its tried a logt on the tech mailing list of freenet project.
There is a whiterose C++ implementation of freenet.(development is frozen there however 8) i think this is not picked up before 1.0
But above all freenet now requires:
-documentation. (no coding
-testing procedures. a test set or something like that. (you can code the tests in the language of your choice.....)
-more nodes in the network. (just download it)
-better client software. you can write a client in any language you want.
I really like Freenet overall and thought a while about putting my new HP up as a freesite. I didn't do it for minor reasons. Anyway I think it is a great project and put all my (big)file releases up as a public KSK, simply beacuse it's a good, clean and simple way to share files.
The main problem is that it will never gain popularity. Freenet has mainly two target audiences: The file-sharing community (WareZ Groups etc.) and the people, who like the Idea of browsing anonymously.
Until now Freenet has no popularity in both areas. The egoistic WareZ Groups don't even think about using Freenet, eventhough they really should contribute more to OpenSource projects, because they are the ones using them really heavily (think of LAME, MPEG2Decoders, etc.), and stick with old/insecure/closed Technologies like FTP, IRC and EDonkey.
Maybe all this would get better if we all start advertising freenet a bit more wherever we hang around (Boards, IRC, Weblogs) and promote it as a fast, secure, anonymous, stable, easy way to share files.
Boycot? Blackout? Subscriptions?
I don't care!
Every major operating system (Solaris, Linux, Windows, BSD) has an independant implementation of TCP. None of them share significant code, each was designed with different goals. Every one of these implementations is validated against the standard, which spans multiple RFCs. The entire Internet is held from congestion collapse by cooperation amongst these implementations.
What are you talking about?
I can't really comment on mojonation as last time i checked they didn't have any real documenation on how it actually worked, but Gnutella is way simpler then Freenet.
I wrote a gnutella client in one night, when gnutella first hit the net people had already figured out the protocol and we're writing clients for it within days. There are only about 5 different commands in Gnutella, i have no idea how many freenet is. But i have attempted to understand more then just a high level concept and found the details to be confusing as all hell.
anyway,
-Jon
this is my sig.
Has anyone dealt with the problem that Freenet is trademarked by some univesity that was responsable for the original community network software that runs places like the National Captial Freenet (ncf.ca), and similar sites?
ttyl
Farrell
CAN-CON 2019 - Ottawa's only book oriented Science Fiction Convention! October 18-20, Sheraton Hotel, Ottawa, Canada h
The purpose of GPG is either to encrypt data specifically for one person, certify exactly who created/encrypted said data, or both. Freenet was designed to encrypt data for anyone while guaranteeing anonymity of the submitter.
Yes, you could use GPG to encrypt with a symmetric key and just not sign it, but you'd still need to build an infrastructure around it. Freenet wants "plausible deniability" for the hosting server, making it impossible for anyone to decrypt the data as its stored on the disk. A symmetric key with GPG would be immediately decryptable.
Intelligent Life on Earth
Wow, rarely have I seen such a ridiculous statement. J2EE is incredibly widely used for internet businesses of all kinds. In this time of declining job options for programmers, java (well, J2EE, anyway) programmers are still somewhat in demand.
I have worked on many successful java projects. Xtra Online, Marconi Communications, and PDX, are just a few of the companies at which I have worked on successful java projects.
Business software is generally about reliability. Computers are easily fast enough to do any kind of business calculation blindingly fast in virtually any language, and Java is fairly speedy. Java has great reliability (no buffer overflows, no uninitialized pointers, no stack overflows, no doubly-deleted pointers, etc, etc).
If you think java is too slow for business applications, the game we are working on over at http://www.cosmgame.com is all in java. I get 50-100 frames per second in full screen 3d mode, all running under java. I shit you not. We will be showing it at the Game Developer's Conference in San Francisco March 20-23rd at Sun's booth.
Virtually no business application has anything vaguely close to the kind of performance requirements we have, and we run just fine.
See you at the GDC!
While the comment obviously deserves the score, I really don't think that those who posted them deserve the karma for posting other people's work unattributed. Perhaps if one of Slashdot's editors reads this, they can take appropriate action.
You totally missed my point.
My point is - bloated, poorly coded software vs. well coded and slim software.
Same features. There is always more than one way to write something, a successful and good programmer finds the shortest path and does it well.
If you believe you *need* spaghetti code to finish, I think you're a dipshit in all honesty. Because I've finished many software projects that were well-designed and thought out. Yeah, sure there are components that were not as clean as they could be - but those are things that typically act as black boxes and can be re-written later (and typically do).
You wonder why Microsoft software sucks? Because people have the same rational as you.
Dacels Jewelers can't be trusted.
I understand why they did it in Java, but still wish they would have done it in C. Most JRE's are not free (like Stallman free) and C runs faster, C code is often more compact inspite of what java was supposed to be, and is already pre-installed on most linux platforms - this is expecially nice when you use a modem and don't want download all the overhead of a JRE - but rather just a progam and run it.
Either way, I am just thankfull that they did it. Freenet has huge implications in terms of saving redundant use of bandwidth, and has huge benefits in terms of protecting peoples freedoms in the face of copyright freaks who would turn the world into a police state rather than give up their precious government monopoly on copying that they lobied to extend 100 years longer than it ever should have been, and then shoved the DMCA down our throats, and then wonder why people have had it with copyrights.
Why is it that when I run my freenet node, the CPU is throttled?
I'm running a P200, it's enough for Apache, X, my firewall, storing my mail, processing mailing lists, compiling programs, serving files, serving a printer, but none of that throttles the CPU.
The only reason I would have to upgrade this box is to run Freenet. This is consistent with all my experiences with Java.
You're probably right that the Freenet networking code probably isn't sucking the system dry, my guess is that it would be either the encryption, or some data shuffling going on in memory.
There must be some troubleshooting tools out there to narrow down the heaviest lines of code. But I can't speak Java.
1.4? Yeah. But how are you going to deploy your apps? Not everybody is running 1.4 -- can't very well expect everybody to download a 15MB installer. So you will still need to support 1.3 for at least six months to a year.
Java is not VB. Older applicaions written in java have no problem running on a newer JVM. Most of the time, they are actually faster. Also unlike VB, you can continue to use nearly all of your older code in a new project. Have you even seen what Microsoft has done with VB.net? It's a new language with some passing similarity to VB.
Threads. You have to do frigging everything in Java with threads. It's fragile! Livelocks and deadlocks lurks after every code block.
Pure fud. You have either never actually used java or are actively trolling.
-- Give me ambiguity or give me something else!
Why is it that when I run my freenet node, the CPU is throttled?
When I run my freenet node the CPU isn't even close to throttled -- indeed, freenet's more often than not just idling and using no CPU time at all. My guess would be that you're running an old, buggy version of freenet; try a current snapshot. Ya know, it's possible (pretty easy, even!) to throttle the CPU in C code, too.
In short, it's almost certainly the code itself, as opposed to the JVM, that's causing this issue. IIRC, freenet has had such issues from time to time.
Freenet does not scale any better then gnutella. It has the same problem, which is flat decentraliztion. Meaning that every node has to pass trafic for every other node.
Freenet only does this for hash query matchs, where Gnutella does it for search strings, so it might be slightly more efficiant. Freenets real problem is the way it keeps data anonymous. For data to get from point D to point A it needs to copy all the data from D->C->B->A which uses all the bandwidth of C->B. It also limits the download speed to the slowest of C and B. On the other hand it distributes the traffic, so while A is getting data slowly from D->C->B, it's also getting it from X->Y->Z and maybe N->O->P. Multiplexing the download would be faster for A, but looking at the whole picture a lot of traffic is passing through nodes.
I think the biggest problem with FreeNET is that people compare it (unfairly) to Napster or Gnutella. I don't think it is trying to be these things, at least the design in it self doesn't speak that way. To me is seems like a robust system for keeping anonymous safe data, at the cost of speed and ease of use and resources.
-Jon
this is my sig.
Why not? GPG [gnupg.org] works pretty well already and is distributed under GPL, so why re-invent the wheel?
Simply put, GPG and Freenet do very different things. I use both; those things GPG is good for (like signing email) Freenet doesn't do; those things Freenet is good for (widely distributing information which some party may wish to suppress, possibly using force of government), GPG doesn't do. Freenet also is useful for folks running a perfectly legal web site (say, an online comic strip) who can't afford hosting costs; with Freenet, the hosting costs are paid for by the users -- ideal! GPG has no relevance to this kind of situation at all.
I still can't beleive that encryption, digital signatures and random key generators can be both fast and secure in Java...
"Fast" is a relative thing. Even if it's 3x slower than a C implementation, if it's fast enough on a modern computer that the user doesn't notice, does the speed difference matter?
How can you encrypt data with a non-public key system that anyone can decrypt except when it is stored on disk? If it is impossible to decrypt, then it's because you don't have the key. You seem to be highly confused about encryptions, and is, in turn, confusing me...
Thanks, but I'm not highly confused about encryption. In this situation, the discussion was about replacing Freenet's local file encryption with GPG. Freenet's intention is to distribute information to anyone who requests it via the client, while at the same time denying access to a local user trying to access the data as its stored on disk.
GPG offers two methods of encryption, public key and shared (or symmetric) key. When you use public key encryption, you encrypt data specifically for one person to decrypt. That's useless for this situation since you want to distribute the data to anonymous clients. When you use a symmetric key, you tell the recipient(s) the passphrase via another path. If GPG would be used in place of Freenet's on-disk encryption, then there would obviously be a symmetric key passphrase stored somewhere on the server to be read and used by the server code and used to encrypt and decrypt the data on the local disk.
Perhaps the setup routine for the Freenet server could include making up a random, 1024-bit symmetric key passphrase to be used only by the local Freenet node. You'd better hope that the encryption used to store the generated symmetric key passphrase would be strong enough to survive an attack by federal agents. Not to mention the feds could brute force the symmetric key passphrase... eventually.
My point was, if you replace Freenet's on-disk encryption (which is an unknown quantity to me at least) with a known-good system such as GPG, you need to consider the weakest point of that system. I would consider it to be the storage of the symmetric passphrase used to encrypt and decrypt all of the files in the main Freenet node's server space.
I'm a five year GPG user and I keep my keyring on my USB keychain hard drive. Am I still confused? Are you?
Intelligent Life on Earth