On 01/12/15 00:25, Arne Babenhauserheide wrote: > Am Montag, 30. November 2015, 16:45:43 schrieb Matthew Toseland: >>>> 2. Freenet needs an always-on always-connected device, especially on >>>> darknet. Most people don't have one, the costs are significant. >>> This is not true. 2-12 hours runtime are completely OK. We would have >>> this using mobile phones which run Freenet only while plugged into >>> power and already mostly charged and connected over WiFi. >> Darknet needs high uptime, or at least strongly correlated uptimes. 2 >> hours is definitely not enough - even with FOAF connections, you'll be >> lucky to find enough peers. > It’s OK when some only have 2 hours, as long as others have 12 or 24 > hours.
This is the key issue, so I'll try to reply to every aspect raised here. Darknet only works efficiently when you have a reasonable number of peers online simultaneously. FOAF makes the set of possible peers bigger, but low uptime dramatically reduces that. If you know 3 people on Freenet, and your friends are likewise, then you might have a total of 9 peers - but it's probably less than that in practice because we expect darknets to be highly clustered, i.e. there is overlap between friend 1's friends and friend 2's friends. If you then have low and non-intersecting uptimes, you'd be lucky to have 5 actually online peers at a time. And this is not enough to give good performance. The possible fixes for this are: 1) Connect to friends of a friend of a friend etc. Tradeoffs worth thinking about. Arguably the invisibility we get from darknet is bogus anyway, even darknet can be blocked; what matters more is that friends are less likely to be Sybil. This is worth seriously considering: How many hops can we safely go with FOAFOAFOAF...? Can we restrict what we use more distant peers for, e.g. only relaying low HTL traffic? What effect would that have on routing effectiveness and performance? 2) Connect to opennet. This is much more tolerant of low uptimes: It still costs us storage, but it doesn't break connectivity completely. 3) Improve load management so you get more out of your 5 peers, even though fast opennet nodes have 150 peers. Maybe this is possible. I'm not sure how to make the maths add up! 4) Long term requests / delay tolerant networking. This is really hard, and doesn't match user expectations. UI can help with the latter. In the long run it may allow for new forms of steganography and new transports. 5) Hardware nodes to make it easier for people to have high uptimes. But there are still significant costs associated with them: Buying them (including a storage device with a limited lifespan), storage, noise, fire risk associated with leaving equipment on, instantaneous load on the internet connection (often a shared policy issue which you have limited input into), monthly traffic limits / effect of higher monthly traffic on upstream contention policy on other users. If you rent you may not have the option of getting a new provider, other than expensive, capped, p2p-blocking mobile carriers, and guess what, in our brave new world everyone under 40 rents. Energy and noise too - but hardware nodes greatly reduce these factors. Privacy/performance tradeoffs for e.g. long term downloads (e.g. do you want to turn off the client layer when you're not physically present). How to advertise the device to your local clients without advertising it to other people on the LAN. Etc. >>>> 3. Darknet is slow. >>> This is not true. 5-10 Darknet connections are enough to get good >>> performance. >> Right, and with FOAF we could have tens of peers. But you do need the 5+ >> friends to start with. That's hard. > with FOAS 3+ would suffice. No, it won't. Certainly not with poor uptimes. > >> I agree that this part is fixable and we must fix it: There are lots of >> technical things we can do to make darknet work better, easier and faster. > Yes, and those are the things we should do before discussing to death > how we could fix opennet if that would prove to not work. > >> We need an opennet to link up all the slowly expanding darknet pockets. >> For now. > I think Opennet is already good enough for that. Let’s focus on > improving Darknet. That depends on your threat model. One proposed recently is "corporations can't data mine my browsing on Freenet". The problem with that is the classic chicken and egg: There isn't much content, there aren't many users, so only people who have something to hide or are interested in the politics and technology use it. Avoiding corporate data mining only makes sense if there is something you actually want to do that you could do on both Freenet and the corporate data mined "free" internet. Is the answer to that simply that we need more content and services such as Sone etc? Maybe. >>>> Marginally. Old opennet peer connections don't often work because when >>>> you want to reconnect your old peer probably doesn't - even if it hasn't >>>> changed its IP address. >>> Why can’t we fix that? >> How? The immediate problem is that the other side 1) may have changed IP >> and 2) may have moved on, i.e. got other peers. That's not obviously >> fixable? > We could allow old peers to go over the limit (i.e. keeping 20% > additional slots open). Hmm, maybe. Or we could allow them to connect for the sole purpose of reannouncing. That requires merging "announce through any peer", IIRC there were issues with that but maybe not important ones. The real problem is they've probably changed IP address, especially if they have uptime issues - which they presumably do since they're reconnecting. >>> I want to say this once and clear: Anything which makes it harder for >>> people to join is a really, really dumb idea, and charging money will >>> make it harder for legitimate users while making it easier for >>> attackers (who have a lot more money). >> In which case the only possible hope is darknet. The problem is building >> a big global darknet is hard. > We haven’t even been trying for years, so we don’t know. Most of the > obvious improvements for Darknet are open bugs, documeted for years. > >>> If we want to consider any pay-layer, it would be >>> pay-for-fast-darknet-peer. That does not need any centralization. >> What does that even mean? > Offer people that they can connect to one or more high-speed darknet > peer for a monthly payment. In which case the provider would need to be well-connected, and probably uses hacked versions of opennet? >>> We still have no one-click darknet introduction bundles, and no >>> darknet FOAF. As long as I cannot send a friend a zip with a prepared >>> Freenet node which connects to me and can route over my darknet >>> friends, any work which only benefits opennet shows totally warped >>> priorities. >> You really think it is possible to build a big global darknet quickly >> enough that opennet's vulnerability doesn't matter? > I think that improving Darknet will be less work than improving > Opennet, That's very probably true. > and that it will yield much stronger improvements in security > than spending the same amount of work on improving Opennet. That may be true eventually. >> IMHO even in the best case scenario we will have to link darknet pockets >> via opennet for many years. Because the barriers to using darknet are >> high enough that most people who use Freenet don't have any friends >> willing to do so. And will remain so even with some performance and >> usability enhancements. > I don’t think this is still true. I’m pretty sure that if 50% of > Freenet users would try to get their friends to connect via Darknet, > they’d on average get at least one or two darknet peers each. Viral growth would be great, and it's a second good reason to work on darknet enhancements, after the first one (building towards eventual better security). But it doesn't necessarily result in a single routable global f2f darknet. At least not quickly. AFAICS to get that you need very high penetration - if not globally then at least within important sub-communities. In general our network size declines slowly when we don't get press coverage, and increases substantially when we do. Getting some press coverage has to be a high priority. But that sort of thing gets us users all over the place, from the website. Viral growth from such a decentralised community will not result quickly in a big connected darknet - it will result in pockets. Each of the pockets is dependent on opennet to get to the rest of the network, and therefore users of that pocket can be traced back to it. > > Best wishes, > Arn
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
