Why Freenet is Complicated

JohnBE writes "'This article is primarily a friendly rebuttal to Steven Hazel's CodeCon 2002 talk entitled "libfreenet: a case study in horrors incomprehensible to the mind of man, and other secure protocol design mistakes". Hazel presents the Freenet protocol as an overly complicated, self designed crypto layer. In fact, though somewhat complicated, literally every step in the protocol was carefully thought out to resist certain attacks and to increase certain properties desirable for Freenet operators and the network as a whole.' Interesting in light of Peek-a-booty, this article covers many of the issues involved with creating a anonymous P2P system."

An Overview of Freenet

[jACL]

Here's a quick overview of Freenet, if you need to get up to speed.

Re:A little honesty is refreshing sometimes

[grammar+nazi]

In paragraph specifically mentions that the security model is overly complicated. For comparison...

Microsoft's argument for a long time was that Java's security model was overly complicated. ASP, by contrast, had a simplified security model. Either an ASP executes scripts locally, or it doesn't. Thus ASP does have a simple security model.

Now... which security model will be suitable for your projects? Which security model is potentially better for the client browsers?

I am extremely familiar with freenet and I can tell you that the current security model is very *robust* yet I feel that it is very streamlined. By contrast, napster's security model was simple. So Mr. MP3 Pirate, which security model would you prefer? Do you want to continue to enjoy music or would you rather get nasty letters from the MPAA/RIAA and get your cablemodem shut off.