Slashdot Mirror
Freenet 0.5.2 Released
FurbyXL writes "With the RIAA roaring to grab peer-to-peer users by their IP addresses, Freenet - fully anonymized production and consumption of content - is gaining renewed attention. Articles in New Scientist, ZDNet UK, Wired and CNET (and here) set a somewhat typical context for Freenets major release 0.52. Significant performance improvements through NIO-based messaging, probabilistic caching etc. should provide increased rest to Chinese dissidents, but may finally wake-up the RIAA's Matt Oppenheim..." The announcement on the Freenet home page lists several improvements found in the new version: "a new NIO technology that brings improved performance using less CPU and system resources," "Individual nodes are now more efficient," "the speed and routing of the entire network have significantly improved," probabilistic caching, user interface improvements, and more.
Err, I mean... PRIVACY. Yes, PRIVACY here I come!
I have been using Freenet for years but except for the very most popular sites the speed and availability of the sites has made it little more than a toy. In theory, though, it is a great application.
I love the idea of freenet, but after reading how it works, I have to agree with a few complains I've heard. I'm not really happy about the idea of "anything" being able to be shared on my computer. Kiddie Porn comes to mind as one thing I want nothing to do with, and I have no controll over this being shared on my computer or not.
Teach someone to use the net and they won't bother you for weeks; show them Slashdot and you may never see them again.
Or close to it.
I'm one of the main developers for freenet (see zab_ on the opn irc logs the cvs logs)
When 60% of the code (measured in locs) is workarounds for jvm bugs, you know you have problems.
If the sun QA dept. had pulled their act together, this release would have happend at least a month ago.
zab
Don't go silently into that peaceful night
As far as I've understood, freenet is designed to be somewhere where you can access content, as long as somebody has given you the exact address to the file.
The problem I see here, is that there are no easy ways to search for content, except for out-of-band stuff like the web or e-mail, which mostly defeats the entire concept.
What Freenet needs in order to be a viable platform for not only publishing content anonymously, but also for finding it, is a search mechanism built into freenet. Before that happens, there is no way that it will become any popular with the file sharing masses -- it's just too find to hard something to download.
The biggest issue I had with Freenet was not reliability or the fact that I might be sharing kiddy porn, but the fact that THERE WERE NO GOOD KEY INDEXes. Seriously, do a search on Google and the only ones you find are down or haven't been updated in two years. It's the big Catch-22; I won't use it 'til there's something to look at, but there won't be anything to look at until somebody uses it.
I have been running a node with 10k down, 5k up and a 1gb store forever now (niced at -15), and the new version of the software has made a huge difference.
No longer is my CPU at 100% all the time - before when I got put in seednodes I was flatlined, even with the thing niced to -18. Now it's not even noticable.
Bandwidth usage also seems to be more steady, rather than spiking every now and again it holds steady at one number. (~85-90% of allocation.)
Responsiveness has increased slightly - it's about what you would expect from a 56k modem connection.
Run one in the background for a few days - you won't notice it, really. The more people running these things the better, even if they have no use for the system yet and throttle it right back. (10/5 on DSL adds less than 1ms to my ping on ut2k3.)
Beep beep.
just to read that article? I think they're starting their monitoring from their own site. I rejected them all, but I'm thinking about going back to read the content. If those cookies are trackable through ad sites..........
The preceding post was not a Slashvertisement.
Ahhh, the now-infamous kiddy-porn rhetoric. I know you're probably joking, but this always comes up... "Oh no, private communications! But, now they'll distribute kiddy-porn! Think of the children! Oh god, won't someone please think of the children!" Puhlease... yes, something like this will be used for illegal means. So does the US postal service, or PGP for that matter. Does that make it any less useful? No.
The fact is, the minute you guarantee anonymity (something which, IMHO, is required for free speech... after all, what's the point of free speech if you're afraid to exercise that right?), people will abuse it. However, if you truly believe in the right to free speech, you must be willing to take the good with the bad. Anyone who suggests anything else doesn't truly believe in free speech.
Matt Oppenheim: An individual who illegally distributes music on a peer-to-peer network has less of an expectation of privacy than a bank robber wearing a mask when holding up a teller. And, just as the bank robber cannot be heard to complain when the guard pulls off his mask, an infringer on a P2P network cannot complain. The bank robber can at least claim that until his mask is pulled off, nobody knows who he is.
I'll tell you what. If I'm robbing a bank and someone tries to pull of my mask they're getting shot.
Truth be known his comment gives us all a nice hint on how to further anonymize ourselves. What happens when the guard pulls off the mask and you have panty hose pulled over your head? Clean ones...He still can't indentify you...plus if you shoot him he can never tell anyone.
So today's lesson is if the guard/RIAA tries to pull back the mask/masque to make you identifiable then you must shoot to kill and leave no witness behind.
Thank you for playing
You aren't free to do anything, until you've lost everything.
True. But the people who use the guns can be held liable.
As an earlier poster pointed out, the problem with this is that a user's home computer could be providing kiddie porn. It's one thing to steal songs and software, but it's another thing to host pictures of some 7 year old getting raped. I don't want to even have the possibility of that happening, so I think I'll stick with another distributed client.
Legally, would host computers be analogous to the phone company -- a common carrier? If you use a telephone to plot to kill the president, the feds don't bust the phone company as part of the conspiracy. Just like they don't bust AOL for providing chat rooms for 35 year olds to pick up 12 year old English girls. Are people hosting files or parts of files like the phone company in the eyes of the law?
Hey, since we're all throwing intellectual property rights to the wind by trying to deceive the RIAA, how can I apply FreeNet to misusing GPL'd software for my own benefit?
I'm sure none of you would have a problem with that, because you're not all about double standards, right?
Unfortunately, while freenet might be somewhat secure and private, it would be pretty clear by monitoring a link to an ISP that you were using Freenet. If the Chinese government were to do this they could easily identify and round up the Freenet dissidents. What can we do to help protect freedom behind the bamboo curtain? You can do your part by making sure that Freenet is also used for downloading music! Everyone knows the Chinese like to download and pirate copyrighted material. The Chinese gub'mint will not give it a second look as long as they believe it's being used for piracy and not for dissident speech. We can all do our part for freedom by making sure that Freenet becomes a popular tool for file sharing.
I'm an American. I love this country and the freedoms that we used to have.
Not according to current legal theory. If you provide a service (in this case, hosting encrypted fragments of files) but you have no control or even visibility of how that service is used, you're not liable for the details of how it's used.
The people who use it are still liable, of course.
I have no idea how this is going to turn out. Freenet sounds like a great idea, but it's so obviously useful for such horrible uses, and there are other tools that handle most of the useful uses... I don't see it surviving legally (I mean that it'll be outlawed anywhere it'll be useful).
-Billy
From the C|Net interview:
Fine, let's take the corporate aspect out of it & pay only the artists' share for compact discs. That would be somewhere on the order of 30 or 40 cents per disc, if that much (if the artist has a good contract). OK. Throw in $2 for the media & production. CDs start selling for $3 (like vinyl in the early '70s) & P2P would be irrelevant.
Yes, artists deserve to be able to sell what they create. That's why the record company moguls, agents & hangers-on often make as much as or more than the artists themselves.
20 years ago, I remember the high price of CDs being explained as "recouping research & development costs." Ummm... Methinks those costs were recouped long ago. Corporate greed is what it is...
But yeah, Oppenheim, let's take the corporations out of this. Who do you think is paying RIAA in the first place? Roadies?
When the guy equated file sharing with bank robbery, he showed that he is a nutcase.
"Obviously, I'm not an IBM computer any more than I'm an ashtray" (Bob Dylan)
It's worse than the RIAA. There is a large quantity of child porn on Freenet. Now, because of the way Freenet works, you have no idea what's being served from your computer at any given time -- and no way to find out since it's encrypted. So if you run Freenet on your computer, you may be hosting child porn. Can the government go after you for that? If it wants to it can. Are there good reasons to take the risk? That's up to you to decide.
Is having truly free speech where some people inevitably abuse that speech better than having speech regulated by governments who inevitably abuse their regulatory powers themselves? Participatory democracies don't have a great track record when it comes to allowing unpopular opinions to be heard. In most of Europe today -- to pick one example -- you will serve jail time for questioning the holocaust. To pick another example, anti-hate speech statutes have been sucessfully used in Britain and Canada (and elsewhere, no doubt) to supress supporters of immigratation reform. Libel law is commonly used to supress opinions of those who don't have the money to defend themselves in court.
Is this a power you want to trust the government with? I don't trust mine with it. That's why I run Freenet. And hopefully, Freenet -- or the idea of Freenet -- will have enough popular support to make my government wary of cracking down on it. And as long as Freenet exists, there is at least one forum for truly free speech.
Remember that as soon as you censor one thing, you must censor everything. If the system has the ability to say restirct kiddie porn then it must have the ability to arbitrairly restrict anything, therefore undermining the system in its entirety. Also, remember that freenet functions to keep alive items that are most frequently accessed, so if the world were free of perverts we wouldn't have the problem in the first place ;)
**AA: a bunch of mindless jerks who'll be the first against the wall when the revolution comes
Freenet sounds like a great idea, but it's so obviously useful for such horrible uses
In the same category we already have guns, knifes, airplanes, TNT, email, television, cars. I think Freenet has a good chance.
So, if someone hacks an FTP server you run and copies kiddy porn to it, that makes you liable? Somehow, I doubt that... it's called plausable deniability.
Another example, you own a field and someone grows weed on it, does that make you liable? I double that, too...
The fact is, Freenet protects the node operator because they honestly have no idea what content is on their computer. Moreover, they aren't even likely to have the full contents of any given file... only parts of it. Therefore, I suspect there's a real defence for people running Freenet nodes.
Uh, no. Freenet wasn't designed to prevent this. Of COURSE Freenet lets you know what machines have connected to you, and what they've requested. Otherwise it couldn't send it to them -- it runs over TCP/IP, not magic! But this information -- the IP of the machine requesting an item from a datastore -- has absolutely no bearing on WHO did the intial request, or who will receive it in the end. Freenet clients make a request for a file, and the clients pass that request on as if it was there own.
So there's no difference between passing on a request, and making one yourself. Requesting a file becomes an anonymous activity, because you don't really have any idea how far this web goes. All you know is the requested "depth" cut off, so requests don't go more than N requests deep. And individual clients can (and do) rewrite this value. SO there's no way to tell if the client you've exploited is the first or a member on a chain of requests.
In fact, the best exploit for freenet would be a "sting," where you control all of the clients except for a handful. Then you know that these clients are doing all the dread. But it'd be really hard to establish this kind of "web of mistrust," considering that most freenet users populate their initial nodes either through the freenet website or through friends of theres. At that point, it's probably easier to get one of those friends to blab on you then it is to get evidence through technical means.
Data insertion works similar. If you have information in your datastore, there's no way to prove that you put it there. In fact, since you can explicitly exclude your own datastore from insertions, it's less likely that you'll have it if you inserted it. So if you have data in your store, it's equally likely that it was "pushed" to you to serve as it is that you downloaded it yourself. In fact, it's probably more likely, as freenet is receiving insert requests (more or less "uploads") all day, but only downloading when you're interacting with it.
Freenet's about PLAUSIBLE DENIABILITY, which in a free (as in, bill of rights and supreme court) society should be enough to keep you out of prison. The difficulty of identifying computers is no different from regular peer to peer...the difficulty lies in IDENTIFYING them.
And as for buffer overflows...you don't know much about Java, do you? Individual applications can't become overfull due to automatic checking by the VM. So the unless the VM has bugs, the client is about as invulnerable as you can hope for. Plus, lots of us have looked at the key code for Freenet. I didn't trust it until I built it myself.
Hey freaks: now you're ju
What if I want to refuse to store criticisms of the People's Republic of China on my hard drive? Or criticisms of G.W. Bush or Bill Clinton? If I find a mechanism of discerning the content on my system and becoming selective about it, then so can the people who wish to squelch the speech to begin with.
Truly free, truly anonymous speech, if speech is understood as any text or image or sound that can possibly be stored or transmitted, whether it is secrets vital to national security, pornography, slander, libel, copyright violations, or my recipe for waffles, does really demand, in this case, that someone risk hosting materials they might find detestable.
Otherwise, it's like saying "I support your right to live, but I'm not going to pull you out of the water while you're drowning." At best, the "support" is just so many words - it's really support for "nice" speech.
Encryption is not the same thing as anonymization, authentication, or authorization. Encryption is a method for hindering the decoding of your communications. It is not a method of disguising the identities of parties in a transaction, verifying an identity, or granting privileges to an identity.
Encryption everywhere without the rest of the infrastructure means that there is a better than average chance that the spam in your inbox has not been snooped in transit.
Little Debian: America's #1 Snack Distro!
whether they tolerate speech which they disagree with, or even find disgusting.
If child porn were speech, it would be just talk. As it stands, at the best it is evidence of a crime that was committed in creating it. At the worst, it is a product that required the rape of a child to create and is a tainted product.
Child Porn != Speech.
Child Porn != Expression.
-- $G
For the Freenet newbie: This is NOT your plain jane filesharing program! You don't just point it at files and say "let people leech these". Freenet is a transport layer. Most users access it through a browser, retrieving HTML and images stored within Freenet. It's also possible to use it as a messageboard, file repository, and more.
When you start up Freenet, you give it some disk space to use as a "datastore". This starts empty, and fills itself up over time as your node participates in the network.
When you click a link in Freenet, your web browser requests the key (sort of like a url) from your local node. Assuming your node doesn't have the key, it asks another node for it, which then asks another and another until the key is located. The data is then passed back up the chain to your node, and along the way some of the intermediate nodes keep a copy.
In this manner, popular content propagates in Freenet. By leaving your node running (and making sure it's actively participating in the network, serving requests) you'll allow it to store some of the keys that make up Freenet's content. When you use your node, it's likely that some of the keys you want are already stored there.
Routing is similar. When you first install Freenet, it has knowledge of a few "seed nodes", and that's all it knows about. As your node talks to the seed nodes, they tell it about other nodes, and your routing table grows. This makes you less dependent on the seed nodes (which are probably melting today).
A new system in Freenet called "probabilistic caching" results in a certain amount of specialization, and a significant performance improvement. It's based on keys (which are cryptographic hashes of content) and node IDs (which are crypto keys). Both are fairly randomly distributed, numerically. Here's how PCaching works:
If your node ID ends in 0x3F, then when your node participates in the chain for a piece of data whose key ends in 0x3F, it's very likely to keep a copy. When your node handles other keys, it might still keep a copy but it's not as likely. Likewise when you request a key that ends in 0xD3, that request will be passed, if possible, to a node whose ID also ends in 0xD3. This is a simplified explanation and I'm not a Freenet coder, but that's how it's been explained to me.
Obviously, the larger and more up-to-date your routing table is, the more easily your node can find the pages you request. Being an active part of the network is the best way for your node to keep a healthy routing table and a relevant datastore.
Freenet is unique among p2p apps in that your user experience actually improves if you contribute more bandwidth and space. (Bandwidth is much more important than drive space. 100 nodes with datastores of 1 gig each will make a much bigger impact on the network than 1 node with a 100 gig datastore!)
Exactly wrong. If something you do contradicts a "freedom" of somebody else, neither of you were free to do that in the first place. Instead, you were imposing some control over something which infringed on somebody else's ability to control it. If I am able to own property, then somebody else is not free to own it. That's not freedom -- in the strictest sense of the word, that's robbing someone of their freedom to enjoy the bounty of the natural world. Hence the oft quoted line "property is theft."
Yeah, this is anarchy. No, it won't work in the real world because of what I like to call the "asshole factor." Greed stops it. But in the "computer" world, greed doesn't have to be a factor because there's no scarcity. No greed means no need to delegate your freedoms to a third party to insure "equity." No greed means no need for controls at all.
Freenet is an attempt at structured anarchy with the belief that only complete freedom can protect every freedom. There's no need for tension between conflicting freedoms because there's no conflict. Conflict is external to the system -- it's out here, in the world of pundits and attorneys. In there, it's just zeroes and ones.
Hey freaks: now you're ju
Grocery stories feed kiddie porn perps. Apparent buildings house them. They drive on roads built with your tax money. Collect UI, welfare, and old age security based on your tax dollars. You are part of the internet which is used to deliver their porn.
No matter what you do, you are supporting them, so kiddie porn is really a side issue.
The key issue is what can you do to safeguard your children's future? Freedom of speech (even if the government or corporations or popular groups in your area) is essential. Education to ensure that your kids aren't victims is another. (It's a big cruel world out there. If you shelter them too much, they *will* become victims).
And if you want a freenet-specific solution then why not use the freenet itself to define kiddie porn filters? Think outside the box. You can't search the Freenet so you have to rely on well known indexes that are floating around the freenet. Why not write a filter that automatically downloads these indexes and filters keys on you machine to ensure that you don't carry kiddie porn? Let the perps help you fight them, but don't hide your face in the sand and home that it will all go away, because it won't.
What about the internet, TCP/IP, image file formats, and computers? Or even cameras and artificial light? These all help the kiddie porn distributers. I'm willing to bet you use these. I'm not sure how else your comment would have gotten here.
Just about anything you do in life, that is of any public use, could be helping out someone you don't like. If you don't want to participate in anything that could remotely benefit a kiddie porn distributer then you better lock yourself up in a room somewhere.
> Freenet's about PLAUSIBLE DENIABILITY
What about this idea to increase the deniability: Imagine a trojan
that installs Freenet on the infected machine and makes it part of
the network, then erases all traces of itself. This trojan could be
put up on a web site, with a notification to the usual anti-virus
companies.
Later, when someone gets under legal pressure for running a Freenet
node, he could claim that he didn't install it. He didn't know he
was running that "Freenet thing". Most probably it was installed by
a Trojan, and in fact there is one known to do just this (reference
to anti-virus company press release).
That would be even more plausible deniability, wouldn't it?
Marc