Freenet 0.5.2 Released

FurbyXL writes "With the RIAA roaring to grab peer-to-peer users by their IP addresses, Freenet - fully anonymized production and consumption of content - is gaining renewed attention. Articles in New Scientist, ZDNet UK, Wired and CNET (and here) set a somewhat typical context for Freenets major release 0.52. Significant performance improvements through NIO-based messaging, probabilistic caching etc. should provide increased rest to Chinese dissidents, but may finally wake-up the RIAA's Matt Oppenheim..." The announcement on the Freenet home page lists several improvements found in the new version: "a new NIO technology that brings improved performance using less CPU and system resources," "Individual nodes are now more efficient," "the speed and routing of the entire network have significantly improved," probabilistic caching, user interface improvements, and more.

Yay! Piracy here I come

Err, I mean... PRIVACY. Yes, PRIVACY here I come!

Re:Questions About Freenet

Uh, no. Freenet wasn't designed to prevent this. Of COURSE Freenet lets you know what machines have connected to you, and what they've requested. Otherwise it couldn't send it to them -- it runs over TCP/IP, not magic! But this information -- the IP of the machine requesting an item from a datastore -- has absolutely no bearing on WHO did the intial request, or who will receive it in the end. Freenet clients make a request for a file, and the clients pass that request on as if it was there own.

So there's no difference between passing on a request, and making one yourself. Requesting a file becomes an anonymous activity, because you don't really have any idea how far this web goes. All you know is the requested "depth" cut off, so requests don't go more than N requests deep. And individual clients can (and do) rewrite this value. SO there's no way to tell if the client you've exploited is the first or a member on a chain of requests.

In fact, the best exploit for freenet would be a "sting," where you control all of the clients except for a handful. Then you know that these clients are doing all the dread. But it'd be really hard to establish this kind of "web of mistrust," considering that most freenet users populate their initial nodes either through the freenet website or through friends of theres. At that point, it's probably easier to get one of those friends to blab on you then it is to get evidence through technical means.

Data insertion works similar. If you have information in your datastore, there's no way to prove that you put it there. In fact, since you can explicitly exclude your own datastore from insertions, it's less likely that you'll have it if you inserted it. So if you have data in your store, it's equally likely that it was "pushed" to you to serve as it is that you downloaded it yourself. In fact, it's probably more likely, as freenet is receiving insert requests (more or less "uploads") all day, but only downloading when you're interacting with it.

Freenet's about PLAUSIBLE DENIABILITY, which in a free (as in, bill of rights and supreme court) society should be enough to keep you out of prison. The difficulty of identifying computers is no different from regular peer to peer...the difficulty lies in IDENTIFYING them.

And as for buffer overflows...you don't know much about Java, do you? Individual applications can't become overfull due to automatic checking by the VM. So the unless the VM has bugs, the client is about as invulnerable as you can hope for. Plus, lots of us have looked at the key code for Freenet. I didn't trust it until I built it myself.

Re:Questions About Freenet

Wouldn't it be funny, then, if a child predator stored pictures of your own children having sex on your own computer!

But the whole point is that the information is encrypted, so neither you, nor the "predator" would know that the images were stored on your computer. You might as well say "wouldn't it be ironic if a drunk driver someday used a car I sold to a used car dealer years ago to run my children down?"

Re:Questions About Freenet

Grocery stories feed kiddie porn perps. Apparent buildings house them. They drive on roads built with your tax money. Collect UI, welfare, and old age security based on your tax dollars. You are part of the internet which is used to deliver their porn.

No matter what you do, you are supporting them, so kiddie porn is really a side issue.

The key issue is what can you do to safeguard your children's future? Freedom of speech (even if the government or corporations or popular groups in your area) is essential. Education to ensure that your kids aren't victims is another. (It's a big cruel world out there. If you shelter them too much, they *will* become victims).

And if you want a freenet-specific solution then why not use the freenet itself to define kiddie porn filters? Think outside the box. You can't search the Freenet so you have to rely on well known indexes that are floating around the freenet. Why not write a filter that automatically downloads these indexes and filters keys on you machine to ensure that you don't carry kiddie porn? Let the perps help you fight them, but don't hide your face in the sand and home that it will all go away, because it won't.

Re:Questions About Freenet

If Freenet is at all helpful to those who distribute kiddie porn, then I do not wish to participate in it.

What about the internet, TCP/IP, image file formats, and computers? Or even cameras and artificial light? These all help the kiddie porn distributers. I'm willing to bet you use these. I'm not sure how else your comment would have gotten here.
Just about anything you do in life, that is of any public use, could be helping out someone you don't like. If you don't want to participate in anything that could remotely benefit a kiddie porn distributer then you better lock yourself up in a room somewhere.

Re:Questions About Freenet

Exactly wrong. If something you do contradicts a "freedom" of somebody else, neither of you were free to do that in the first place. Instead, you were imposing some control over something which infringed on somebody else's ability to control it. If I am able to own property, then somebody else is not free to own it. That's not freedom -- in the strictest sense of the word, that's robbing someone of their freedom to enjoy the bounty of the natural world. Hence the oft quoted line "property is theft."

Yeah, this is anarchy. No, it won't work in the real world because of what I like to call the "asshole factor." Greed stops it. But in the "computer" world, greed doesn't have to be a factor because there's no scarcity. No greed means no need to delegate your freedoms to a third party to insure "equity." No greed means no need for controls at all.

Freenet is an attempt at structured anarchy with the belief that only complete freedom can protect every freedom. There's no need for tension between conflicting freedoms because there's no conflict. Conflict is external to the system -- it's out here, in the world of pundits and attorneys. In there, it's just zeroes and ones.

Just an idea..

> Freenet's about PLAUSIBLE DENIABILITY

What about this idea to increase the deniability: Imagine a trojan
that installs Freenet on the infected machine and makes it part of
the network, then erases all traces of itself. This trojan could be
put up on a web site, with a notification to the usual anti-virus
companies.

Later, when someone gets under legal pressure for running a Freenet
node, he could claim that he didn't install it. He didn't know he
was running that "Freenet thing". Most probably it was installed by
a Trojan, and in fact there is one known to do just this (reference
to anti-virus company press release).

That would be even more plausible deniability, wouldn't it?

Marc

Excellent build

I've been running the 5000 series builds lately and they're considerably faster and more efficient. Hope everyone has a good experience freeneting.

Looking forward to trying it

I have been using Freenet for years but except for the very most popular sites the speed and availability of the sites has made it little more than a toy. In theory, though, it is a great application.

Good idea, bad content

I love the idea of freenet, but after reading how it works, I have to agree with a few complains I've heard. I'm not really happy about the idea of "anything" being able to be shared on my computer. Kiddie Porn comes to mind as one thing I want nothing to do with, and I have no controll over this being shared on my computer or not.

Re:Good idea, bad content

Yes, Freenet is not for everybody. If you don't believe in total, indiscriminatory, complete freedom of speech and expression (an information anarchy, as it were), Freenet is not for you. On the other hand, if you believe there can be such a thing as "freedom of speech, but only when I agree," you probably have some thinking to do.

Re:Good idea, bad content

This is the same scenario as the firing squad -- everyone knows that one gun contains a blank, but noone knows which one it is... therefore each person has a lingering hope that they were the one with the blank.

The fact that someone may have produced kiddie porn and shoved it onto Freenet does not mean that it is sitting on your machine. Since the content on your machine is encrypted, you'll never know for sure anyways.

The problem is not with the storage mechanism, it is with the sick person creating the content. That's where the problem lies, not in the bits and bytes on your hard drive.

Re:Good idea, bad content

Very true. This sick person could (and will) put the content up somewhere else, if not on freenet.

And to the poster who is concerned--> I don't agree with the K.K.K either, but I do realize that they should be allowed to speak their stance. And the fact that you & I support our local/state/ government when they grant permits for these types of gatherings, doesn't mean we're promoting the K.K.K.

I would say the same thing about Kiddie Porn. Supporting FreeNet is about so much more than possibly supporting (a very very small fraction of) the Kiddie Porn out there.

Re:Good idea, bad content

Of course, and every normal person agrees with you that a perfect world shouldn't have child porn.

But does the threat of child porn mean that you should give your government regulatory powers over speech in order to stop it? I'd think very carefully about that. Government abuse of power over speech is far more dangerous than individual abuse of free speech.

Your line of reasoning can be logically extended. Murder is bad. Far worse than child porn. The government could theoretically end murder with current video surveillance technology. Should government have the power it needs to do that? Of course not, the abuse would be horrendous. It is one of the costs of liberty.

Re:Good idea, bad content

"Government abuse of power over speech is far more dangerous than individual abuse of free speech."

Beautifully stated. What many people fail to grasp is the simple fact that liberty is hard. Your own liberty is not what makes it hard; it's the respect for the liberty of others which makes things nearly unbearable at times. In order to ensure that some poor soul has the ability to speak out against a repressive regime without being shot for it, I must in turn allow some sick bastard to get his kicks? This is difficult, but it's outright dangerous to start picking and choosing who should have which liberties.

Re:Good idea, bad content

You know, it's funny. I'm a bit fuzzy on the dates, but child pornography was only made illegal in the US about 40-or-so years ago.

Of course, you have to separate pornography into two categories: 1) a media work showing an explictly sexual act (masturbation, penetrative sex, oral sex, etc) 2) a media work of a prurient nature that does not explicitly show "sex."

The former was illegal (minor consent laws and all that), but the latter was kinda legal.

When I say "kinda" I'm not being wishy-washy, it's that we're coming up against anachronism: according to experts on this sort of thing[1] attitudes of the "man on the street" have shifted drastically concerning photographs/drawings of young children. What would be considered "cute" and "childlike" back in the 1950's would be considered "grotesque" and "unsuitable for public consumption" now. Most of this can be linked to the witchhunts regarding child pornography.

Even more amusing, since the enactment of child pornography laws the average age of actors involved in sex scenes and -- and this is very odd -- in just plain romantic kisses in movies has gone way down. Way, way down.

I think it was Ebert (or was it Stephen King? King wrote about this a bit as well) who commented that youngsters used to go to the movies to see oldsters in a sex scene. Now it's reversed.

Salon commented[2] that the rabid and far-reaching bans on child "pornography"[3] has caused us all to think like pedophiles. Reminds me of the joke about the sexaholic who goes into the psychiatrist, who gives him a rorschach test.

"What do you see?"

"Two people having sex. A naked woman. A threesome."

"Jane, I think you've got a fixation on sex."

"What? Doc, you're the one showing me all these dirty pictures!"

Ah well.

So my point is that it's tough to say what's child porn and what's not, with the fact that we've gotten hypersensitive about it recently. I don't really feel like having the morality police check out all of my mom's photo albums to see if they're kosher. Especially morality police from the MPC[4]. Though being a smart son who knows the power of embarassment blackmail from mothers, I have removed all of my naked baby pictures. Now if only I could get the picture of me hugging then penguin at Sea World when I was 12....

And to spare myself accusations: no. I'm not "into" kids. To be honest, only recently has my age group become somewhat appealing to me at all: I've always been after older women, which is a real drag as women are used to young guys being...well, young guys.

So, just something to think about.

[1] I'm thinking of the historians interviewed in Salon concerning the somewhat-recent Paul Ruebens case. Interesting article.

[2] Again, the Paul Ruebens case.

[3] bare-butt baby picture arrests, anyone? Traditional Brazilian breast feeding family photos getting your kids under the care of CPS, like just happened in Dallas about a year ago?

[4] Most Persnickity Country

Re:Good idea, bad content

The question is this: if you can technologically censor some speech, you are technologically capable of censoring any speech. If you can find a way to determine what's on your hard drive, you can be held accountable for it - and freenet's entire raison d'etre as a failsafe protection for free speech is destroyed.

In other words, one of the costs of ensuring free speech on FreeNet for Chinese dissidents is that it also gives a channel for child pornography and snuff films.

Also, there's a big gray zone when it comes to child pornography. The production of child pornography is clearly the exploitation of children. However, is documentation of a criminal act also criminal? Are all depictions of the sexual acts of or with children criminal? Should books like "Lolita," or dramas like "Romeo and Juliet," which describe relationships and sexuality with or between minors, be rightlly censored? Most of our ancestors before the 18th century or so were bearing children by the age 15 - do we want to treat their journals and love letters as kiddie porn? (I do believe there's a line between pornography and literary portrayal, but that line can at some places become blurry, and Nabokov is one of those places.)

Also, "kiddie porn" has extended to include pictures of kids taking a bath that were deemed just a little too sensual by some photo clerk, who brought them to a judge and got an indictment. Guess what: pictures of one's wife or husband as a minor can be treated as child pornography! There's a level of hysteria on the topic which has clouded the subject, and the desire to protect children from sex has become, in itself, a source for real censorship. And one that I'm sure the PRC would happily take advantage of while pursuing dissidents.

Re:Good idea, bad content

freenet is a routing network..

should ISPs be allowed (or forced) to filter out content they're unhappy with on their routers and not pass it on because a request was made?

first you (not you directly, but several people here) blame china because they exercise that control, then you blame freenet because it takes away that control.

Re:There is a difference

What if I want to refuse to store criticisms of the People's Republic of China on my hard drive? Or criticisms of G.W. Bush or Bill Clinton? If I find a mechanism of discerning the content on my system and becoming selective about it, then so can the people who wish to squelch the speech to begin with.

Truly free, truly anonymous speech, if speech is understood as any text or image or sound that can possibly be stored or transmitted, whether it is secrets vital to national security, pornography, slander, libel, copyright violations, or my recipe for waffles, does really demand, in this case, that someone risk hosting materials they might find detestable.

Otherwise, it's like saying "I support your right to live, but I'm not going to pull you out of the water while you're drowning." At best, the "support" is just so many words - it's really support for "nice" speech.

Re:Good idea, bad content

The issue is complicated. Suppose someone takes a kiddie porn image, chops it into several thousand rectangular bitmaps and scatters them across thousands of computers on the Internet. Which computer can be said to contain kiddie porn?

Suppose someone takes a KP image and XORs it with online copies of the U.S. Constitution, an image of Julie Andrews, and a PDF file of U.S. census data. They then take the result and put it up on the net, labeled as "white noise". Then they delete the original KP image. Where is the kiddie porn now? It can be reconstructed by XORing all the remaining files together, but none of those files by itself is kiddie porn. Is the kiddie porn really in the instructions on how to assemble the files to recreate the original KP image? Or does the KP image not exist until someone actually XORs the files and recreates it?

As soon as you censor one thing ...

Remember that as soon as you censor one thing, you must censor everything. If the system has the ability to say restirct kiddie porn then it must have the ability to arbitrairly restrict anything, therefore undermining the system in its entirety. Also, remember that freenet functions to keep alive items that are most frequently accessed, so if the world were free of perverts we wouldn't have the problem in the first place ;)

Oppenheim still won't get it.

The man used a furniture analogy to try to prove his point that copyright infringment is piracy. He discounted Freenet because it was too clunky. If the man were any more dense he'd require life support.

Question

Okay, so let's say Freenet works perfectly and you can't trace anyone by IP address. But someone from the RIAA uses it to download a copyrighted song, wouldn't they then be able to sue all users of Freenet as accessories to the crime? (Assuming each node handles traffic from transactions it may or may not be involved in - that's the way I remember it working.) And then get a court order for Freenet to give up IP addresses of users who have downloaded the client?

Re:Question

Not according to current legal theory. If you provide a service (in this case, hosting encrypted fragments of files) but you have no control or even visibility of how that service is used, you're not liable for the details of how it's used.

The people who use it are still liable, of course.

I have no idea how this is going to turn out. Freenet sounds like a great idea, but it's so obviously useful for such horrible uses, and there are other tools that handle most of the useful uses... I don't see it surviving legally (I mean that it'll be outlawed anywhere it'll be useful).

-Billy

It will probably survive by analogy

Freenet sounds like a great idea, but it's so obviously useful for such horrible uses

In the same category we already have guns, knifes, airplanes, TNT, email, television, cars. I think Freenet has a good chance.

Re:Question

The day it's outlawed in any western country is the day i set up a dedicated node with 40gb of hd space. There was a reason that Freenet was created after all.

Re:Question

Yes, I would do the same, but the day it's outlawed is the day it becomes possible to arrest anyone using it -- and it's easy to detect use. This is why we agitate against laws to illegalise crypto. It's hard to tell what's being encrypted; but it's easy to tell that crypto is being used.

Yes, it's technically possible to defend against even this; but most people won't be able to, even technically competent ones.

I guess there's a good defence: everybody think of good uses for Freenet and start using it NOW. The more there are, the harder such a law will be to pass and slip by the judges. To be really powerful such a use should REQUIRE Freenet, and I can't think of any such uses (but I trust that others will). BUT ... don't let that stop you. Use Freenet instead of Kazaa to publish your legally permissible stuff.

If only I had anything to publish...

-Billy

Re:Question

I believe he's referring to the fact that it would be quite possible to set up a kiddie porn ring of something in freenet, and it would be near impossible to get hold of the criminals.

You know, freenet isn't just a file sharing network. First and foremost it's a medium which guarantees your anonymity, which makes it great for organizing a political movement in an oppressive regime and other things. But it's equally "useful" for doing things coveretly which most of us are disgusted by.

And child pornography is well beyond horrible, don't you think?

Re:Question

It's worse than the RIAA. There is a large quantity of child porn on Freenet. Now, because of the way Freenet works, you have no idea what's being served from your computer at any given time -- and no way to find out since it's encrypted. So if you run Freenet on your computer, you may be hosting child porn. Can the government go after you for that? If it wants to it can. Are there good reasons to take the risk? That's up to you to decide.

Is having truly free speech where some people inevitably abuse that speech better than having speech regulated by governments who inevitably abuse their regulatory powers themselves? Participatory democracies don't have a great track record when it comes to allowing unpopular opinions to be heard. In most of Europe today -- to pick one example -- you will serve jail time for questioning the holocaust. To pick another example, anti-hate speech statutes have been sucessfully used in Britain and Canada (and elsewhere, no doubt) to supress supporters of immigratation reform. Libel law is commonly used to supress opinions of those who don't have the money to defend themselves in court.

Is this a power you want to trust the government with? I don't trust mine with it. That's why I run Freenet. And hopefully, Freenet -- or the idea of Freenet -- will have enough popular support to make my government wary of cracking down on it. And as long as Freenet exists, there is at least one forum for truly free speech.

guns dont kill people ...

For the same reason that a gun is not sent to jail after a homocide, the tools (software and networks) cannot be held liable for the actions of the people that use them.

Now, let me have my new anonymous data transfer protocol already!!!

Re:guns dont kill people ...

True. But the people who use the guns can be held liable.

As an earlier poster pointed out, the problem with this is that a user's home computer could be providing kiddie porn. It's one thing to steal songs and software, but it's another thing to host pictures of some 7 year old getting raped. I don't want to even have the possibility of that happening, so I think I'll stick with another distributed client.

Legally, would host computers be analogous to the phone company -- a common carrier? If you use a telephone to plot to kill the president, the feds don't bust the phone company as part of the conspiracy. Just like they don't bust AOL for providing chat rooms for 35 year olds to pick up 12 year old English girls. Are people hosting files or parts of files like the phone company in the eyes of the law?

NIO - the buggiest api ever.

Or close to it.

I'm one of the main developers for freenet (see zab_ on the opn irc logs the cvs logs)

When 60% of the code (measured in locs) is workarounds for jvm bugs, you know you have problems.

If the sun QA dept. had pulled their act together, this release would have happend at least a month ago.

zab

Re:NIO - the buggiest api ever.

and yet whenever i try to tell people in the 'woe is java because of MS' threads that java has its own problems - i get called an MS plant and troll.

i'm just a developer who's run into these kinds of things too, and java left a damn sour taste in my mouth.

it's portable ansi C for me.

Searching on freenet?

As far as I've understood, freenet is designed to be somewhere where you can access content, as long as somebody has given you the exact address to the file.

The problem I see here, is that there are no easy ways to search for content, except for out-of-band stuff like the web or e-mail, which mostly defeats the entire concept.

What Freenet needs in order to be a viable platform for not only publishing content anonymously, but also for finding it, is a search mechanism built into freenet. Before that happens, there is no way that it will become any popular with the file sharing masses -- it's just too find to hard something to download.

Re:Searching on freenet?

When you install Freenet, on the start page (http://127.0.0.1:8888 by default) are several links to index pages. Most people writing freenet sites submit a link to their own site, along with a description. While one cannot directly search for content, most freesites have a definite topic. I consider this "good enough," at least at this size of network.

Re:Searching on freenet?

Well, that's sort of wrong.

In freenet, you are ALWAYS searching. You're searching for a KEY, that LOOKS like a URL but doesn't have any information about where it's stored, that translates to a piece of data. When you make a request, you tell your fellow clients what you're looking for, and they either return it, or keep looking for you.

The problem with "keyword" searching over freenet is that somebody, somewhere has to index everything -- make a list of keywords, associate them by "URL," etc. On the internet, the indexing is performed by spiders that work for massive database engines. On Freenet, there's not really any way to perform indexing without exposing the data inside keys being passed back and forth.

To get around this, applications have been written to publish indexes of the data to common KEYs (like "INDEX07162003"), so you can download them and maintain a search engine on your own PC. One such application is Frost. They work pretty damned well.

In the early days of freenet, OFF freenet spiders created search engines, but these are by nature not anonymous -- and they were kind of crap. There was also some experimentation with english language keys -- eg, KSK@GPL.txt -- but the problem was that people were uploading FALSE data on top of what was supposed to be there. So most freenet content is now published using a private/public key system, so only change requests from the initial producer are honored.

The result is this system which works in the exact opposite way of the regular internet. On the regular internet, the client can only handle static content, so manipulation is handled by the server. On Freenet, the content on the server is static, so manipulation is handled by the client. You don't get the full understanding of how strange this is until you've used some of the funkee freenet messaging systems.

Lack of Content

The biggest issue I had with Freenet was not reliability or the fact that I might be sharing kiddy porn, but the fact that THERE WERE NO GOOD KEY INDEXes. Seriously, do a search on Google and the only ones you find are down or haven't been updated in two years. It's the big Catch-22; I won't use it 'til there's something to look at, but there won't be anything to look at until somebody uses it.

Excuse me? Lack of index?

There are at least half a dozen reliable index sites within Freenet itself, and several of them are linked to from the gateway page.

Why would you want an index outside of freenet anyway? Holding such a thing on a regular web server means your access can be tracked and logged, which defeats the purpose!

There's plenty to look at in Freenet. I'd bet a significant sum that you haven't tried it recently.

New upgrades work well

I have been running a node with 10k down, 5k up and a 1gb store forever now (niced at -15), and the new version of the software has made a huge difference.

No longer is my CPU at 100% all the time - before when I got put in seednodes I was flatlined, even with the thing niced to -18. Now it's not even noticable.

Bandwidth usage also seems to be more steady, rather than spiking every now and again it holds steady at one number. (~85-90% of allocation.)

Responsiveness has increased slightly - it's about what you would expect from a 56k modem connection.

Run one in the background for a few days - you won't notice it, really. The more people running these things the better, even if they have no use for the system yet and throttle it right back. (10/5 on DSL adds less than 1ms to my ping on ut2k3.)

Did anyone else notice how many cookies RIAA sends

just to read that article? I think they're starting their monitoring from their own site. I rejected them all, but I'm thinking about going back to read the content. If those cookies are trackable through ad sites..........

Weak analogies

Matt Oppenheim: An individual who illegally distributes music on a peer-to-peer network has less of an expectation of privacy than a bank robber wearing a mask when holding up a teller. And, just as the bank robber cannot be heard to complain when the guard pulls off his mask, an infringer on a P2P network cannot complain. The bank robber can at least claim that until his mask is pulled off, nobody knows who he is.

I'll tell you what. If I'm robbing a bank and someone tries to pull of my mask they're getting shot.

Truth be known his comment gives us all a nice hint on how to further anonymize ourselves. What happens when the guard pulls off the mask and you have panty hose pulled over your head? Clean ones...He still can't indentify you...plus if you shoot him he can never tell anyone.

So today's lesson is if the guard/RIAA tries to pull back the mask/masque to make you identifiable then you must shoot to kill and leave no witness behind.

Thank you for playing

The Arms Race Begins

As it has been stated before, this is nothing more than an arms race with each side escalating the threat and the defense with each move. The problem howver is that the RIAA is fighting against ALOT of techies and as such, not just in the US but worldwide. Even if they manage to pass laws against it in the US, people will still be developing tools to bypass in and will host them on international servers.

The sooner they discover they are fighting a losing battle and just accept it and look for a better marketing scheme, the better.

Re:Mark my words:

"Freenet is dead"

Please don't say that. The "BSD is Dying" Trolls are looking to expand their operations.

pfft..

I played with freenet for about 6 hours one weekend and it just wasn't doing it for me. There was no central search function and a lot of sites with indexes weren't responding. I'm not saying that the technology behind the scenes isn't top notch, but the user interface leaves a lot to be desired if it's aiming for the mainstream or even just a blip below. It was actually infuriating me.

Summary of my experience: I found it nearly impossible to use and it was giving me massive Gopher flashbacks.

IP GO BYE BYE

Hey, since we're all throwing intellectual property rights to the wind by trying to deceive the RIAA, how can I apply FreeNet to misusing GPL'd software for my own benefit?

I'm sure none of you would have a problem with that, because you're not all about double standards, right?

Support Chinese dissidents

should provide increased rest to Chinese dissidents

Unfortunately, while freenet might be somewhat secure and private, it would be pretty clear by monitoring a link to an ISP that you were using Freenet. If the Chinese government were to do this they could easily identify and round up the Freenet dissidents. What can we do to help protect freedom behind the bamboo curtain? You can do your part by making sure that Freenet is also used for downloading music! Everyone knows the Chinese like to download and pirate copyrighted material. The Chinese gub'mint will not give it a second look as long as they believe it's being used for piracy and not for dissident speech. We can all do our part for freedom by making sure that Freenet becomes a popular tool for file sharing.

How do you spell "clueless"?

How about "O.P.P.E.N.H.E.I.M."?

From the C|Net interview:

Oppenheim: How does this have anything to do with corporations? This has to do with artists and creators. Artists and creators, like anybody else who creates something, should have the right to sell what they create...Indeed, most artists spend a lifetime trying to sell the result of their efforts to record companies so that they may make a living making music. At the end of the day, that is a great thing for music lovers--otherwise artists would have a lot less time to create the music we all love.

Fine, let's take the corporate aspect out of it & pay only the artists' share for compact discs. That would be somewhere on the order of 30 or 40 cents per disc, if that much (if the artist has a good contract). OK. Throw in $2 for the media & production. CDs start selling for $3 (like vinyl in the early '70s) & P2P would be irrelevant.

Yes, artists deserve to be able to sell what they create. That's why the record company moguls, agents & hangers-on often make as much as or more than the artists themselves.

20 years ago, I remember the high price of CDs being explained as "recouping research & development costs." Ummm... Methinks those costs were recouped long ago. Corporate greed is what it is...

But yeah, Oppenheim, let's take the corporations out of this. Who do you think is paying RIAA in the first place? Roadies?

When the guy equated file sharing with bank robbery, he showed that he is a nutcase.

Re:What concerns me about Freenet

You are not "all for" freedom of speech, then. You are partially -- perhaps mostly -- for freedom of speech. Just not speech which crosses your own personal boundary, in this case, pornography involving children.

Re:What concerns me about Freenet

whether they tolerate speech which they disagree with, or even find disgusting.

If child porn were speech, it would be just talk. As it stands, at the best it is evidence of a crime that was committed in creating it. At the worst, it is a product that required the rape of a child to create and is a tainted product.

Child Porn != Speech.
Child Porn != Expression.

NIO

For anyone in the dark as to what the NIO reference is to, it's the new + revised Java APIs [sun.com] for sockets and files.

These include:

• non-blocking I/O similar to a Unix select()
• no-copy buffering
• file locking
• memory-mapped files

There's also a transparently obvious move to appeal to the /. audience in the form of the new Perl-style regexp handling [sun.com]!

Re:If all content could be encrypted ....

Encryption is not the same thing as anonymization, authentication, or authorization. Encryption is a method for hindering the decoding of your communications. It is not a method of disguising the identities of parties in a transaction, verifying an identity, or granting privileges to an identity.

Encryption everywhere without the rest of the infrastructure means that there is a better than average chance that the spam in your inbox has not been snooped in transit.

How to make Freenet suck less: Leave it running!

For the Freenet newbie: This is NOT your plain jane filesharing program! You don't just point it at files and say "let people leech these". Freenet is a transport layer. Most users access it through a browser, retrieving HTML and images stored within Freenet. It's also possible to use it as a messageboard, file repository, and more.

When you start up Freenet, you give it some disk space to use as a "datastore". This starts empty, and fills itself up over time as your node participates in the network.

When you click a link in Freenet, your web browser requests the key (sort of like a url) from your local node. Assuming your node doesn't have the key, it asks another node for it, which then asks another and another until the key is located. The data is then passed back up the chain to your node, and along the way some of the intermediate nodes keep a copy.

In this manner, popular content propagates in Freenet. By leaving your node running (and making sure it's actively participating in the network, serving requests) you'll allow it to store some of the keys that make up Freenet's content. When you use your node, it's likely that some of the keys you want are already stored there.

Routing is similar. When you first install Freenet, it has knowledge of a few "seed nodes", and that's all it knows about. As your node talks to the seed nodes, they tell it about other nodes, and your routing table grows. This makes you less dependent on the seed nodes (which are probably melting today).

A new system in Freenet called "probabilistic caching" results in a certain amount of specialization, and a significant performance improvement. It's based on keys (which are cryptographic hashes of content) and node IDs (which are crypto keys). Both are fairly randomly distributed, numerically. Here's how PCaching works:

If your node ID ends in 0x3F, then when your node participates in the chain for a piece of data whose key ends in 0x3F, it's very likely to keep a copy. When your node handles other keys, it might still keep a copy but it's not as likely. Likewise when you request a key that ends in 0xD3, that request will be passed, if possible, to a node whose ID also ends in 0xD3. This is a simplified explanation and I'm not a Freenet coder, but that's how it's been explained to me.

Obviously, the larger and more up-to-date your routing table is, the more easily your node can find the pages you request. Being an active part of the network is the best way for your node to keep a healthy routing table and a relevant datastore.

Freenet is unique among p2p apps in that your user experience actually improves if you contribute more bandwidth and space. (Bandwidth is much more important than drive space. 100 nodes with datastores of 1 gig each will make a much bigger impact on the network than 1 node with a 100 gig datastore!)

Freenet is *not* risk-free.

All Freenet does is spread around the liability. If I own a copyrighted peice of information, and I find you sharing a copy of it, I have every right to ask you to stop, and take you to court if you refuse.

With Freenet, all I need to do is record the IP address of people who I got the data from. It doesn't matter if they were the ones who posted the key in the first place. If I can verify that you were serving my IP, you're liable for it.

Not Anonymous, Not Deniable?

Do yourself a favor and carefully read the security section of the Freenet FAQ [freenetproject.org]. The two big draws for Freenet are anonymity and plausible deniability, and both have issues people need to be aware of.

One highly relevant quote about anonymity:

Freenet does not offer true anonymity in the way that the Mixmaster and cypherpunk remailers do. Most of the non-trivial attacks (advanced traffic analysis, compromising any given majority of the nodes, etc.) that these were designed to counter would probably be successful in identifying someone making requests on Freenet. On Freenet, whatever you do, your identity is still revealed to the first Freenet Node you talk to, and even if you limit yourself to talk only to trusted nodes (a feature that will be implemented in the future), they will have to talk to the rest of the network at some time or another. The anonymity that Freenet offers is really just obscurity in the fact that it is hard to prove that your node wasn't proxying the request for or insert of data on behalf of somebody else (who might also just have been proxying it).

And another quote highly relevant to plausible deniability (which is effectively what Freenet relies upon to store potentially controversial content on any connected node, hopefully without exposing that node's owner to prosecution for hosting that content):

Hashing the key and encrypting the data is not meant a method to keep Freenet Node operators from being able to figure out what type of information is in their nodes if they really want to (after all, they can just find the key in the same way as someone who requests the information would) but rather to keep operators from having to know what information is in their nodes if they don't want to. This distinction is more a legal one than a technical one. It is not realistic to expect a node operator to try to continually collect and/ or guess possible keys and then check them against the information in his node (even if such an attack is viable from a security perspective), so a sane society is less likely to hold an operator liable for such information on the network.

They are clearly moving in the right direction, but are they really there yet? Would it be possible, for example, for the RIAA to say, "Hey everybody, this free application will help you decrypt your Freenet node so that you can ensure you're not infringing," and then they're free to nail if you if you're "trafficking" in illegal files? Obviously there are other hurdles (such as identifying you and the content you're hosting), but I suspect the basic idea still describes a potentially unpleasant scenario.

Also, I saw a slashdot reply to another article recently (somebody help me here?) which quoted a legal decision (somehow involving Sony?) which pretty clearly stated that you're still considered guilty if the prosecution can prove that you were intentionally trying to avoid having knowledge of what you suspected was illegal activity for the sole purpose of using that as a defense later on. (At least, that's how I interpreted it... I wish I could find the citation.) Freenet seems to fall flat on it's face in this respect.

Don't get me wrong, I've been fascinated with Freenet and I think they're trying to do a Very Good Thing, but these are two points that I think are important which a lot of people overlook.

Heh, ironically, slashdot is currently showing me this quote: Be careful how you get yourself involved with persons or situations that can't bear inspection. :)

Re:Huzzah!

Ahhh, the now-infamous kiddy-porn rhetoric. I know you're probably joking, but this always comes up... "Oh no, private communications! But, now they'll distribute kiddy-porn! Think of the children! Oh god, won't someone please think of the children!" Puhlease... yes, something like this will be used for illegal means. So does the US postal service, or PGP for that matter. Does that make it any less useful? No.

The fact is, the minute you guarantee anonymity (something which, IMHO, is required for free speech... after all, what's the point of free speech if you're afraid to exercise that right?), people will abuse it. However, if you truly believe in the right to free speech, you must be willing to take the good with the bad. Anyone who suggests anything else doesn't truly believe in free speech.

Re:Flaw in your analogy.

So, if someone hacks an FTP server you run and copies kiddy porn to it, that makes you liable? Somehow, I doubt that... it's called plausable deniability.

Another example, you own a field and someone grows weed on it, does that make you liable? I double that, too...

The fact is, Freenet protects the node operator because they honestly have no idea what content is on their computer. Moreover, they aren't even likely to have the full contents of any given file... only parts of it. Therefore, I suspect there's a real defence for people running Freenet nodes.

Re:Hrm...

You mean your web browser's UI? I'd recommend mozilla, konqueror, opera, or internet explorer. If you have trouble with any of these I'd recommend this book [amazon.com]. This page [amishrakefight.org] might also be useful.