After 3 Years, Freenet 0.7 Released

evanbd writes "After over 3 years of work, the Freenet Project has announced the release of Freenet 0.7. 'Freenet is software designed to allow the free exchange of information over the Internet without fear of censorship, or reprisal. To achieve this Freenet makes it very difficult for adversaries to reveal the identity, either of the person publishing, or downloading content' ... 'The journey towards Freenet 0.7 began in 2005 with the realization that some of Freenet's most vulnerable users needed to hide the fact that they were using Freenet, not just what they were doing with it. The result of this realization was a ground-up redesign and rewrite of Freenet, adding a "darknet" capability, allowing users to limit who their Freenet software would communicate with to trusted friends.'"

Re:Are we just now getting this dupe

[Ungrounded Lightning]

... because it was uploaded via freenet?

No.

It's because the previous article was the release candidate and the official release came out today.

Re:How do you find trusted friends on a darknet?

[HappySmileMan]

To be honest Opennet seems much more fitting to their philosophy than Darknet, but for some reason or another they really want people to switch to Darknet. They even disabled the option to use Opennet in previous builds, until users complained. Generally you have no reason not to use Opennet, unless you're really paranoid, or in a country that forbids Freenet by law.

Re:Congratulations to all pedophiles. QWZX

[Anonymous Coward]

With Freenet you have to actively look for what you want. If you found "the worst crimes of humanity" it's because you were looking for them in the first place.

Again, have you actually used Freenet? Apparently not. There are tons of index pages that point you to this stuff. The people who maintain the index pages take a firm "who am I to judge?" stand on including the child porn stuff.

Re:Congratulations to all pedophiles. QWZX

[emag]

The last time I used Freenet, in the 0.4? days, there were sites that would index whatever was submitted, without regard to content, and it was these index sites that were most heavily promoted for "finding" anything in Freenet. It was hard NOT to notice "the worst crimes of humanity", so to speak, when they're sitting there with a full description. Whether the descriptions were accurate, I have no idea, as the novelty of Freenet wore off as soon as I realized I could get better speed from a tape-carrying tortoise.

Re:Congratulations to all pedophiles. QWZX

[Anonymous Coward]

Again, have you actually used Freenet?

I've used freenet. Albeit briefly. I went to a couple index pages and did not see any child pornography nor links to it. But then again I wasn't looking for it too closely. I saw mostly political blogs, MP3s, movies, and hacking tools.

Re:How do you find trusted friends on a darknet?

[Sanity]

We hadn't "disabled" opennet in previous builds, it just hadn't been implemented yet.

Re:Congratulations to all pedophiles. QWZX

[evanbd]

Freenet 0.7 is vastly faster than 0.4, though not as fast as bittorrent (obviously). Currently, all the good index sites have anti-CP policies. They'll happily link photos from Tibet, though, or wikileaks mirrors (both present). The current crop of index sites also tends to do a good job indexing things. Also, much of the content is centered around FMS and the (less functional) Frost messaging systems (broadly similar to usenet; FMS even operates as an NNTP gateway, allowing you to use your favorite newsreader). You'll get content posted to boards you subscribe to, which tends to be at least somewhat relevant (ie, the signal to noise ratio is probably better than /. ;) ). I'd encourage you to try it out again, if you're interested in privacy and an anonymous network, but not if all you're looking for is the next bittorrent (though you can find music, movies, etc on Freenet if you want).

Re:The failure of Freenet

[amphibian]

It is not true that we practice security through obscurity. It *is* true that we haven't documented Freenet to the point that it could be reimplemented easily from the documentation. We don't want other node (not client) implementations right now, because Freenet is very much still a work in progress, and as a distributed, emergent system, lots of node implementations all of which implement slightly different behaviour (but the same protocol) would be a major problem: It would make it even harder for us to evaluate the effect of changes in the routing algorithm, for example. As a C++ developer with experience in security software, you'd be fine, java is easy, although there are some more interesting bits.

Re:Congratulations to all pedophiles. QWZX

[kdemetter]

The problem actually comes down to this :
The are 2 ways to regard spread of information

Either it should be possible to stop the spread of certain information , and that will put a stop to the abuses , but it will also make it possible for an authoritarian regime to silence any criticism , and will basically stop freedom of speech .

The other way is to make it impossible to stop information from spreading , and that way you wil ensure freedom of speech , and anonymity to whistle blowers and criticism , but at the same time , abuses will be unstoppable .

There is no midway to this , as it's about technical capabilities .

Re:The failure of Freenet

[Anonymous Coward]

In fact, if you bring it up with the Freenet developers they will gladly tell you this is intentional -- that they use security through obscurity to guard against someone finding a way to break the system.

This is complete bullshit. You want specs? Here are the specs [freenetproject.org]. You want a security analysis? Here's a security analysis [freenetproject.org]. You want to understand the source code? Here's a guide to the source code [freenetproject.org]. If there's anything missing, the developers will be happy to help you fill in the gaps.

I don't particularly want to learn Java just so I can review Freenet's code.

Right, so you'd rather rewrite Freenet by yourself in C++ than spend a few hours learning Java? (That's literally all it takes for a C++ developer to understand Java. Obviously learning to write in Java takes a bit longer, but still not very long.)

Re:The failure of Freenet

[amphibian]

Freenet is still under development, even at the network level. So the protocol - the node's actual behaviour - changes relatively frequently. Why is that so surprising? And you probably didn't get much help because the devs weren't interested in taking a year to rewrite freenet to get back to where they were already at. On the other hand, if you want to know how a part of the system works, and it's not obvious from the code, you just have to ask.

Re:Isn't that what darknets are for?

[evanbd]

Exactly. And if you *do* connect to the rest of the network in a few places, but not much, and none of you request CP -- then you can spread your message to the rest of Freenet, but routing won't take the long circuitous path that goes through your somewhat disconnected subnetwork when it comes time to route other people's requests. Or, looked at another way: the stuff on your node will be what you're requesting, to a lesser extent what your friends are requesting, to an even lesser extent what their friends are requesting... If your friends are requesting things you don't object to, you shouldn't be storing much if any objectionable content.

Re:The failure of Freenet

[Sanity]

In fact, if you bring it up with the Freenet developers they will gladly tell you this is intentional -- that they use security through obscurity to guard against someone finding a way to break the system.

I'm the coordinator of the Freenet project and I'm calling bullshit on that one. I very much doubt any Freenet developer said that, and if they did, they weren't speaking on behalf of the project.

Yes, Freenet's low-level protocols could be better documented, but they are a work in progress, and in almost constant flux.

As for security through obscurity, we go to great lengths to explain to people how Freenet works, you can find a bunch of papers, and video lectures on our "Papers" page [freenetproject.org]). Take a look at this video [freenetproject.org] from three years ago explaining the 0.7 design before we'd even begun to code it.

Yes it would be wonderful if every tiny detail could be documented meticulously, but before we document it we have to design and test our ideas, and that means developing and releasing the reference implementation.

Re:Are we just now getting this dupe

[mrsteveman1]

It depends on a lot of things, primarily lots of people install it one day, screw around for an hour or so and give up. This is the wrong way to test out freenet, it takes a bit for your node to really become part of the network, and until then things are quite slow.

Eventually, after maybe a day or so of running the node, the speed approaches what it would otherwise be outside of freenet, with some overhead of course.

Re:Are we just now getting this dupe

[erlenic]

I tried it in 2001 or 2002, and remember how slow it was. I've also tried the 0.7 release candidate, and it's a vast improvement. Much more useful, plus it has an nntp-over-freenet implementation, called FMS.

Re:Congratulations to all pedophiles. QWZX

[evanbd]

What main index pages? All the default bookmarks have anti-CP policies. This is not even a result of editing by the freenet devs; it's a result of community standards -- all the well-maintained and usable indexes have such policies. The devs have explicitly taken a content-agnostic approach to the default bookmarks, and said that anything useful and regularly updated is a candidate. The result is a set of indexes free of child pornography.

Re:Freenet VS Gnunet

[Sanity]

Last time I looked Gnunet didn't really have a scalable routing protocol. Also, I think Freenet has a much more active developer and user community, although Gnunet does seem to do a new release every few months.

Re:Congratulations to all pedophiles.

[Kjella]

Actually , that's incorrect : On freenet , you host what you viewed . So if you only visit free tibet pages , that will be the only thing you have to worry about ( if you happen to live in China).

Many bad thing may be going on around there , but there's no need to spread FUD . In fact , that's exactly what caused this to happen in the fist place

Wrong, wrong, wrong. Freenet will cache anything that happens to pass through your node. That means that if someone requests something and freenet happens to route it over your node (and hint: it doesn't determine that by qualities like being "free tibet" content) then it'll be in your node's store. It will be encrypted, so the only ones who could tell what it is would be someone with the decryption key, but it'll be there. Lies are a pretty lousy way to promote freenet.

Re:How do you find trusted friends on a darknet?

[evanbd]

In most jurisdictions, being friends with bad people is not sufficient evidence in itself for a warrant; the authorities need some other evidence. I don't see why moving to Freenet instead of hanging out in coffee shops or whatever would change that.

Re:Are we just now getting this dupe

[paganizer]

OK. Then my earlier skewering of Freenet 0.7 was a candidate skewering, and this will be the release skewering.
This is going to be frustrating for me because I'll get at least one post with something like this in it: "It is really funny and annoying at the same time when some pseudo-informed trolls from 0.5 throw around false information constantly. These people maybe want to get some technical knowledge on networking prior to spreading bullshit."

Before I really get into this, I have to point something out; to really have some idea of the reality of the situation in regards to Freenet, you have to install it and run it at least for a day; I think it pretty much reguires you run FROST (freenets main messaging & file sharing system) as well. There are 2 main freenets, the 0.5 network and the 0.7 network.

freenet 0.7, and darknet, is insecure. With a Darknet system, your node PRIMARILY communicates with the other members (around 10) of your darknet; you are supposed to know & trust people in your darknet. So around 15 nodes.
Freenet 0.5, which is opennet, communicates with all other 0.5 nodes it knows about, with no preference except for tested routing speed. This works out these days to around 35 random nodes.
The basic concept is this: you request some information on Freenet with your client. your node sends out a request to neighboring nodes; if that node has the information, it sends the information to your node, you get it. If your neighboring node doesn't have it, it sends out requests to it's neighboring nodes to see if they have it. this process continues until the information is found.
The principle that makes this all work for illegal information is reasonable deniability; the information in your node is lightly encrypted, but the main thing is that no one can prove you are the one that put it there; your node could have received a request from another node looking for the information, and stored a copy of it.
(this is vastly simplified. I will likely get a post or two from 0.7 zealots pointing out picayune discrepancies)

With open net, this works. you communicate principly at random with other nodes. In order to prove you requested the information the Powers That Be would have to control the majority of the nodes in the open net and statistical analysis.

With Darknet, you have a limited set of nodes. Statistical analysis is easier.

I used "tibetan freedom fighters" in my last post, I'll use "secret plans to attack Iran" (SPAI) today.
You post your .pdf of the SPAI on Freenet 0.5 in Frost. Other 0.5 users see the key(link) and click on it. their nodes request the random nodes they know about to give them the info. The contacted nodes then ask other nodes, who then ask other nodes, until they find it. The information then travels back to your node, caching its self on the requesting nodes on the way to your node. eventually, you get it.
On the NSA run node, they see requests for the keyfile come in. they can tell which node the request came from, but they can NOT tell if your node was the original requesting node; likewise, they can't tell if your node is the original posting node.

With 0.7, it works a little simpler. When the NSA node see a request, they know with a approximate 2 in 3 probability that the information requested came from a member of the same darknet that their node is on. And they know the IP address of the darknet members. Do I really need to point out anything more on this?
(By the way, if I have a substantially flawed understanding of this, PLEASE point it out).

The above point is why the 0.5 network, which, by the way, WORKS for messaging and file sharing (something the 0.7 network has a little trouble with right now), has possibly more users than the 0.7 network. I would say it with certainty, but there really is no way to tell. I know my node connects with about 350 other nodes on a regular basis.

0.7 has better methods of hiding a node from outside monitoring, but the methods do not re

Re:Are we just now getting this dupe

[evanbd]

It should reach usable performance quite quickly (a few minutes or a little more; if it's taking more than 15 or so, you may have something not working). Performance will continue to improve over the next several hours, though likely only somewhat.

Re:Are we just now getting this dupe

[evanbd]

If you don't like darknets, don't turn them on. I think you're wrong, but I won't bother refuting that point here. Freenet 0.7 gives you the choice of darknet mode, opennet mode, or a mix. As a corollary, there aren't discrete "darknets" but rather one large network with a mix of darknet and opennet connections (for the most part; there may be a handful of small poorly-connected darknet subnets).

I do not recall any freenet developer talking about implementing any sort of blocking; nor have they done so. Unless you can back up that statement, I will be forced to conclude you are trolling. As you say, the ability to block anything, no matter how abhorrent, implies the ability to censor valid political speech and is therefore a bad thing for a network like freenet.

Also, I suggest you try out FMS as a replacement for Frost / Thaw; it is far more spam resistant for a variety of reasons.

I really don't understand this continued bashing of 0.7; now that it has implemented a proper opennet feature, with the ability to turn off the darknet option, what is the complaint?

Re:Are we just now getting this dupe

[ultranova]

(By the way, if I have a substantially flawed understanding of this, PLEASE point it out).

Very well. Whatever the merits or demerits of darknet might be, the default in 0.7 is to work as an opennet. So your criticism only holds if you went and added darknet nodes and disabled opennet by yourself.

Back around when the developers started talking about the darknet concept in the first place the stated reason for doing so was so that child pornography could be blocked.

Freenet dev newsgroups are archived at gmane, so... links please.

Historically, one of two things will happen in regards to this post. I'll either get modded down so far that no one will ever see the post, quickly, or I will get a dozen replies saying I know nothing about the subject. What is it going to be today?

Well, you do seem to have a bit of a gap in your knowledge, so...