Revamping Freenet

N3wsByt3 writes "Many will have heard about the anonymous P2P-system Freenet. What many probably don't know is, that a big change is at hand: the Freenet developers have decided to drop all support for the 0.5x version, to skip version 0.6 and to completely revamp the 0.7 build into some kind of poorly described, presumably scalable darknet. The main coder even threatened to quit if such a darknet would be rejected. So, is it finally going the right way with the development of Freenet? Maybe not, since they seem reluctant to provide real data and rather rely on security through obfuscation, and then there is still the problem of their general inability in regard to pooling human resources, which, for any OSS project, is of the utmost importance." Obviously, the article submitter has his own feelings on Freenet, but notwithstanding that, what's the latest scuttlebutt from within the Freenet crowd?

Freenet is not so anonymous

[Aviran]

A very interesting article about flaw in Freenet

Newsbyte is a well known troll

[Sanity]

Newsbyte is a well known on the Freenet mailing lists as a troll who likes to criticise Freenet's developers, yet hasn't actually contributed a single line of code to the project in his several years of trolling the mailing lists. Needless to say that this doesn't prevent him from lecturing the Freenet developers at every opportunity. I personally routinely ignore his emails.

Matthew has indeed indicated that he believes it is essential that we support "trusted links" in Freenet, and the other core Freenet developers, myself included, agree with him - so Newsbyte's attempt to stir that up into some kind of controversy is just another example of his trolling.

I have no idea where Newsbyte's accusation that we are relying on security through obscurity comes from, certainly the archived email he links do doesn't seem to support any such claim.

As for the blog entry he links to, it essentially boils down to whining about why we don't implement each and every one of his suggestions.

When considering the value of Newsbyte's opinions, I would urge you to look first at what he has actually contributed to the project, versus those that he seeks to criticise.

Re:Newsbyte is a well known troll

[Sanity]

How about using this opportunity of discussion on Slashdot to bring up some of your own thoughts on Freenet?

With pleasure. Freenet has indeed had its fair share of problems, including an increasingly complex codebase that suffers from a lot of legacy code and abandoned ideas. That is why Freenet 0.7, the next major release, will be quite a significant rewrite.

Here is a recent email I sent describing the plan for 0.7:

People could be forgiven for thinking that the project had somewhat
stagnated given the lack of activity on these mailing lists, so I
wanted to provide an update because this could hardly be further from
the truth.

Oskar Sandberg, Matthew, and I have been developing some ideas for 0.7
which represent an even more fundamental architectural shift than have
been proposed to-date, and which should address one of the most
fundamental shortcomings of Freenet as it relates to Freenet's usage in
a hostile environment, and which I believe represents a significant new
innovation in the P2P-space.

As most people will be aware, Oskar was one of the core Freenet
developers in the first few years of the project. He is now working on
a PhD in Mathematics. Over the past few months he and I have been
collaborating on gaining a much deeper mathematical understanding of
how Freenet does what it does. While this work is far from complete,
it has given us some extremely useful insights and much more confidence
in determining what aspects of Freenet's design work well, which don't,
and why.

To understand the new idea, I should start with some theoretical
background. Consider a simple "graph". A graph in the mathematical
sense consists of a set of nodes, some of which are connected to
each-other. At this stage nodes don't have a position in space, all we
know or care about them is which nodes are connected to each-other. We
can assume that connections are bi-directional.

The "diameter" of a graph is the minimum number of nodes you must go
through to get from any one particular node to any other particular
node in the graph. Note that it may not be easy to find this path, but
the important thing is that it exists.

There is a mathematical result which tells us what kind of graphs have
a small diameter. Basically imagine we have three nodes, A is
connected to B, and A is also connected to C. The mathematical result
says that if, given that both are connected to A, there is an increased
probability that B is connected to C, then the graph will have a small
diameter.

So, if we have a graph that has this property then we know that we
*can* get from any one node to another in a small number of steps, but
we don't necessarily know *how*.

Now imagine that each node in the graph has a position in space, this
can be 1 dimensional, 2 dimensional, 20 dimensional space, it doesn't
matter too much. Imagine that we want to get from one particular node
in this graph to another particular node. A simple approach is, from
our starting node, go to whichever node we are connected to is closest
to the node we want to get to. This approach will work quickly in a
graph that is a "small world". In essence, a small world graph is
where there is a higher probability that nodes which are close together
are connected than nodes which are far apart.

In the ideal case, the probability that two nodes are connected is
proportional to 1/(d^n) where d is the distance between them, and n is
the number of dimensions in the space in which our nodes reside. This
mathematical result is due to Kleinberg.

A small-world graph therefore not only has a small diameter, but
provides an efficient means to find it.

Anyway, back to the story. One of Freenet's weaknesses in terms of its
usefulness in a hostile environment, is tha

Perhaps, BUT....

[FooAtWFU]

We ran these observations by Freenet founder Ian Clarke. He agreed that the caching behavior does reveal far too many clues. But the next major revision is expected to eliminate the problem. Sometime later this year, it is hoped, the Freeenet developers will release a version that employs premix routing.

Re:Perhaps, BUT....

[asuffield]

No, actually, this is specifically something which freenet is not intended to solve. The "attack" here is where somebody breaks into your house and compromises the terminal you use to access freenet. Obviously this is always going to work. If you had bothered to read the project website you would note that they explained this.

It so happens that they can do something about this specific attack, and they will. But it was never an objective and it won't stop a really determined attacker.

Re:Child pornography

[brontus3927]

From reading Freenet's FAQ, I get the impression that it was designed for child porn.

I don't want my node to be used to harbor child porn, offensive content or terrorism. What can I do?

The true test of someone who claims to believe in Freedom of Speech is whether they tolerate speech which they disagree with, or even find disgusting. If this is not acceptable to you, you should not run a Freenet node.

Re:FreeNet Is Lost

[dj28]

You can't tell what's stored on your node very easily.

However, it is relatively easy to see what is on freenet at large. There are several spiders that roam freenet and index freesites they come across. It's sort of like what Google does. So all one has to do is load up these indexes and see how many of the sites are child porn related. Another way to tell is load up Frost and see how many of the boards of child porn related.

There's a very large number of them.

Re:Unfortunately, not a troll

[atomm1024]

The thing about Freenet is that you can't report or block offending IPs; that's the exact thing it's designed to prevent.

When you retrieve a file from Freenet (at least the current "stable" implementation), your request is bounced through several other random nodes on the network; and relaying a request for another node looks exactly the same, protocol-wise, as initiating one. They call it "plausible deniability;" if a person's node contains stuff considered "bad," or illegal, then there's absolutely no way of knowing (as long as the person frequently clears their browser history and cache) whether the user of that node initiated the requests for any of that content or if they were just unknowingly relaying it for someone else.

A while ago, I saw a Freesite linked on the Freedom Engine (one of Freenet's most popular portals, probably because its operator links to kiddy porn and murder pictures, considering them to be "free speech") which claimed to filter content matching a certain list of hashes out of your node, so that your node would neither store that content nor relay requests for it. It came preloaded with a filter-list (somehow obfuscated so the real file keys couldn't be extracted by people who like that kind of stuff) of miscellaneous generally-objectional content. I'm not sure what the reaction to that was, if there was much.

But there's no way of finding out who's actually storing and retrieving that content. The current Freenet implementation leaves absolutely nothing to "security through obscurity." The only way to censor it would be through legal means, perhaps by declaring that allowing one's Freenet node to be used for illegal things is a contributory crime. But due to the nature of Freenet it would still be very hard to enforce.