Slashdot Mirror
Freenet Version 0.7 Release Candidate 1 Available
apostle5406 writes to mention that the "Freenet" project (a global peer-to-peer publishing network) has unveiled their first release candidate. "Freenet 0.7 is a ground-up rewrite of Freenet. The key user-facing feature in Freenet 0.7 is the ability to operate Freenet in a "darknet" mode, where your Freenet node will only talk to other Freenet users that you trust. This makes it much more difficult for an adversary to discover that you are using Freenet, let alone what you are doing with it. 0.7 also includes significant improvements to both security and performance."
But is it faster? Please?
Karma cannot be described by words alone.
"This makes it much more difficult for an adversary to discover that you are using Freenet, let alone what you are doing with it."
... but what about us stalkers and snoopers ? Where does that leave us ?
:(
Sure, that's all fine and dandy for the person who wants to conceal that he's using Freenet
The humanity!
The sad fact is that freenet has historically been full of pedophiles. This will only further enable pedophiles to hide from the FBI.
Seems like Freenet is really pursuing their namesake, and setting themselves up specifically to provide a means of communication within otherwise locked down and totalitarian environments. A commendable goal I think. I have to wonder though, if this level of security is actually necessary, who CAN you really trust to use this new "darknet" with? Seems like the sort of place you'd use it would also be the sort of place where you could trust no one.
Only the primary design goal of Freenet: make the people uploading and downloading the content anonymous! If you're using bittorrent, it's easy for the Bad People (government, isp, mafiaa) to tell what you're uploading and downloading. Not so with Freenet (it probably can be done, but it would take a *lot* of effort).
It is easy to tell that someone is running Freenet (still harder than bittorrent, though -- with everything encrypted and ports randomized, it requires traffic analysis). But it's hard to tell who's downloading or uploading what.
Browsing the svn (trunk) reveals that the answer is: yes it is still written in Java.
Yes, but why would that be a problem? The really CPU-intensive stuff is handled in native code anyway on most platforms (with Java fallbacks). I'm running it on a 1.4GHz Athlon (not exactly modern...) and it's using typically 10-20% of the CPU (though that number will rise on a faster connection).
Performance is limited by network connections, mostly. The real performance question is how quickly the developers can improve it and find and fix bugs, and if they say Java helps in that regard, then Java is a good choice.
But that would require eliminating "Pedo's and other sick farks" from the Internet-using population, which is impossible without either eliminating the Internet or eliminating the human population.
To put it another way:
Before 1969 when Al Gore invented the tubular interwebs, there were no "Pedo's and other sick farks" on the Internet, and after the human race self-destructs, there won't be any either. In the meantime, it's unavoidable.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
I don't think Java could have made it as slow as it was. Is it better now?
Also: It's supposedly an open standard, and should be implementable in things other than Java. However, the implementation is complex enough that I'm glad to have at least one guaranteed-portable implementation.
Don't thank God, thank a doctor!
> Seems like the sort of place you'd use it would also be the sort of place where you could trust no one.
It's worse. There ain't no such thing as a 'darknet' to your ISP. If you are in the sort of place that needs Freenet you can be certain your ISP will report you to the government for using freenet. In the sort of places that need Freenet, possession of Freenet will get you shot. In places that having freenet won't get you shot the only people who will bother setting it up is pedophiles and others who are doing things that would get them imprisoned or shot.
These are hard facts. Yes it would be great if a critical mass of non illegal activity could get on Freenet to provide the chaff to provide cover for the occasional whistleblower who really needs it, but getting from here to there is all but impossible. Freenet will, by design, underperform a normal straight connection so there is a strong disincentive for legit content to use it. The only possible hope is if the *IAA goons drive piracy[1] far enough underground that the file traders adopt Freenet. But I really doubt Freenet in it's current form will be able to scale anywhere near large enough to handle the warez scene, especially in the age of full HD ripping we are hurtling towards. The limited size of the local data cache and cable/DSL upload speeds just won't suffer the inefficiencies involved.
[1] Yes, 'pirated' movies are illegal just like kiddieporn but as a practical matter they differ in one vital aspect. 90+% of Internet users currently trade movies, songs, etc. and thus would likely trade them on Freenet if Bittorrent becomes too dangerous, whereas few will currently install a freenet node due to the popular perception is that having one currently is tantamount to admitting being into, or at least a willing faciliator of kiddieporn.
Democrat delenda est
Performance is limited by network connections; true. It goes deeper, however, in the fact that performance is also limited by the cpu and storage of your peers, and their peers, etc....
The network should eventually level demand across nodes. If one node for some reason gets saturated, peers will eventually find data faster elsewhere, reducing its load. Lower performance machine/network nodes may end up slightly less popular and those equipped will move more traffic. Freenet has a number of ways to optimize and can be quite robust via various ways to self-heal.
They yet have to invent a net that survives the slashdot effect...
NB: The message above might reflect my opinion right now, but not necessarily tomorrow or next year.
You mean, like having packet sniffers on all major chokepoints that log which IPs are talking to which other IPs, in order to build up a suitably-large database for purposes of traffic analysis?
Freenet was an interesting political statement: Since inception, every statement about its security model has been prefaced by "in any sane/democratic/free country...", followed by a list of assumptions about the integrity of the telecommunications system. For example, when Freenet was first designed, NSA couldn't legally monitor domestic traffic, nor could it legally share what it found with the FBI, and FBI needed a warrant.
The political implications of the project were supposed to motivate people to lobby for stronger telecom privacy laws, lest we become as non-sane, non-democratic, and non-free as the countries in systems such as Freenet are illegal/hazardous to use.
That experiment has run its course: In post-9/11 America, of course, none of those assumptions about the telecom system are true. Although it's arguably lamentable that Post-9/11 America telecom policy is every bit as not-sane, not-free, and not-democratic as China, it's indisputable that the experiment has ended. The privacy wars are over; the Freenet guys lost.
If you were interested in Freenet because of its implications for free political speech, it's time to give up: for better or worse, anonymous political speech is dead. The only justification that I can see for its continued development is that it gives enough of the illusion of anonymity to be a fantastic self-selecting honeypot for sleazeballs, and as far as I'm concerned, said sleazeballs deserve what they get.
Also, cracking down on production works fine if it's done globally. Otherwise you just push the k1dd13-porn-creation to countries where the police can be bought off, which these days is much of the 3rd world.
I'm not even going to get into the side-effect harm to society of either 1) ignoring the problem of child abuse and kiddie porn or 2) overreacting to the problem. I think it's pretty obvious that neither option is a good one.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
Can anyone give us numbers on the precise percentage of Freenet traffic that kiddie porn makes up?
I'm concerned about the kiddie porn problem, but why the hell would people even go through the trouble of using Freenet just to trade kiddie porn?
It's sick, but sometimes I wonder if the individuals who do upload that shit to Freenet do it precisely to get Freenet shut down.
What better way to get something shut down than to upload kiddie porn? Any serious users wont want to use it anymore and then it will ONLY be filled with kiddie porn, which gives the authorities every reason to ban the entire network as a kiddie porn network.
So the Freenet people should keep precise percentages of the traffic and keep the traffic data public. As long as the majority of the traffic is not kiddie porn, Freenet has a chance at being useful.
That's one of the stupidest post on the Slashdot for a while.
First of all, most of the security bugs ARE FOUND IN THE C/C++ CODE. Java is MUCH MUCH MUCH more secure than C/C++ in practice. To remotely exploit FreeNode, you'll need quite an exotic combination of bugs in JVM _and_ in the FreeNet.
And Java works just fine on PDAs, and FreeNet doesn't use anything fancy and non-portable like cool SWING GUIs.
If you want a bug proof program, you aren't going to find that using Java or C, or C++. At least C and C++ is fast. Java is slow as hell and it's still buggy. If you like Java thats your preference, but C is my preference and you aren't such an authority where you can say one language is objectively better than another.
Are you going to say, that if GNUPG, or GNU-Net is written in C, that it's inferior to Freenet JUST because it's written in C and can fall for a buffer overflow exploit?
If you have remote exploits, it's as much due to bad coding as it is to the language, and using Java is not a solution to a bad design. But hey it's your preference, and a lot of people disagree with you and think your preference is equally as stupid as mine.
Your theory incorrectly assumes that such a concerted attack is both reasonably possible and deemed a worthwhile expenditure of the time, effort, and money necessary to succeed. While it's entirely true that government agencies have the power to tap and record all kinds of communications, it's far from true that all communications *are* listened to and analyzed. Not all of the organizations combined have nearly the capacity to handle even a fraction of that data, they don't have the software necessary to analyze it, and they don't have the computing power necessary to run that software if it existed.
It's the distinction between "if the NSA suspects you of being a terrorist, they can listen to your conversations" and "the NSA is listening to all our conversations".
you miss one point... it is BOTH dark AND open net - with a setting to disable open net at all.
... not slightly trustworthy... but REALLY trustworthy.
So... 0.7 isn't less secure than 0.5. You are suggested to get TRUSTWORTHY darknet peers anyway!
It's annoying how some self-proclaimed experts say freenet 0.7 is insecure based on wrong assumptions:
1. Open net requires you to have a FIXED PORT OPEN TO THE WORLD -> this is easily detectable as one could set up a node just for scanning, a real node would have to answer the request if the open net wants to work at all.
2. It is much harder to detect freenet darknet, because it will DROP any packets that don't match their peers
2b. And since it is using UDP, the forge attempt will not gain any information about the node (no detectable reply). Also the port is NO LONGER FIXED.
3. freenet 0.5 used fixed strings in their pakets that made it VERY easy to use string matching firewalls (ip2p/layer7) to simply drop/reject the pakets and or inject another malicious node.
4. statistical freaks are probably right that it's more dangerous to have few(!) peers (darknet mode) - if you don't use a high enough level of trust for chosing. That's why it makes sense to run in hybrid mode.
Summary: 0.7 offers both open and darknet. darknet is meant to be used with really trustworthy peers. open net is way easier to detect by simple port scanning.
It is really funny and annoying at the same time when some pseudo-informed trolls from 0.5 throw around false information constantly. These people maybe want to get some technical knowledge on networking prior to spreading bullshit.
Freenet is more like a distributed, anonymous document store. You upload a document to it, and it then lives in the distributed ether of freenet. Tor is used more for person-to-site, or person-to-person communications.
It's the same technology they use to have DRM.
Exactly - and name a DRM software technology that's impossible to break. There are none - it's not possible to create a media file that will display on normal personal computers and still prevent it from being "ripped" or re-encoded in a non-DRM format.
Unless you strongly understand every aspect of a technology like DRM or watermarking, it's unwise to assume that it will magically solve a given problem, such as tracing photographs.