Last year I came up with a list of things that Freenet needs to make a real impact, and concluded that most of them were impossible. However, we have made considerable progress on many of them, at least in theory; we know what we need to do for many.
[Sunday 12 Feb 2012] [22:50:14] <toad_> evanbd: i summed them up as basically 4 problems - 1) pitch black, 2) social feasibility of a darknet, 3) feasibility of captchas, 4) fea sibility of scalable fast-enough WoT-based chat, 5) relative ease of a regime blocking freenet, no matter what we do re stego [Sunday 12 Feb 2012] [22:50:54] <toad_> pitch black = technical feasibility of darknet re security; there are also issues with scalability of darknet [Sunday 12 Feb 2012] [22:51:32] * TheSeeker argues to change focus to preserving what freedom exists, rather than trying to guarantee safety or useful purpose for the a lready criminally oppressed [Sunday 12 Feb 2012] [22:51:36] <evanbd> 1) I don't think we've proven we can get good topology on opennet, never mind deal with an adversary on darknet 2) I think has to start with better brand awareness (aka large opennet) [Sunday 12 Feb 2012] [22:51:46] <toad_> #2 and #5 are the most obvious though - if things are bad enough for enough people for a darknet, then they're bad enough for the state t o crush it, even if they have to put a dollar a month on the cost of an internet connection to do it [Sunday 12 Feb 2012] [22:51:55] <evanbd> 3) is hard, but other people may solve for us [Sunday 12 Feb 2012] [22:51:59] <evanbd> 4) seems doable [Sunday 12 Feb 2012] [22:52:06] <toad_> imho re #1 we have good topology, there are other problems; the graphs mostly look good iirc? [Sunday 12 Feb 2012] [22:53:00] <toad_> evanbd: i'm skeptical that #4 is feasible even for 10k users of such a system - FMS isn't that big [Sunday 12 Feb 2012] [22:53:13] <toad_> WoT certainly isn't [Sunday 12 Feb 2012] [22:54:46] <toad_> evanbd: five impossible things before breakfast? [Sunday 12 Feb 2012] [22:54:54] <evanbd> Yep :) [Sunday 12 Feb 2012] [22:55:08] <toad_> if you've done five impossible things before breakfast, why not round it off with a trip to the restaurant at the end of the universe... [Sunday 12 Feb 2012] [22:55:13] <evanbd> toad_: I think the long-term problems are largely tractable or avoidable. But not easy. [Sunday 12 Feb 2012] [22:55:27] <toad_> evanbd: i see no evidence that any of those 5 are tractable [Sunday 12 Feb 2012] [22:55:49] <toad_> evanbd: and the political/moral aspects have become enormously more complicated in the last 2 years thanks to bitcoin [Sunday 12 Feb 2012] [22:55:53] <evanbd> toad_: What they need is more developers. And more math people. Which, imho, requires more brand awareness, and a big enough user base to make smart, passionate people think it's worth their time. [Sunday 12 Feb 2012] [22:56:01] <TheSeeker> toad_: build it and see, don't give up until everyone runs out of ideas ;) [Sunday 12 Feb 2012] [22:56:26] <evanbd> toad_: I don't have any evidence either, but giving up seems like a bad approach :) [Sunday 12 Feb 2012] [22:58:03] <evanbd> So anyway, what I was trying to say is: usability and publicity are things we should be worrying about. And attracting new users matters both in general, and *specifically to the security of our existing users* [Sunday 12 Feb 2012] [22:58:25] <evanbd> And therefore it's reasonable to work on things like usability and publicity even though we have outstanding security problems. [Sunday 12 Feb 2012] [22:58:59] <toad_> evanbd: perhaps, perhaps not. cost of comprehensive surveillance is linear at worst with network size, and a bigger network may be a more tempting target. [Sunday 12 Feb 2012] [22:59:13] <toad_> evanbd: especially if we were to maintain a pretence that freenet is really secure [Sunday 12 Feb 2012] [22:59:30] <toad_> evanbd: no ideas [Sunday 12 Feb 2012] [22:59:32] <evanbd> "more secure than not using freenet" seems like a good selling point :) However, out of the below, which are a superset of the above, most seem tractable, and one or two are either social problems which may yet turn out to be tractable, or are problems the wider world also has to deal with. Whether we have enough developers etc remains to be seen. Security -------- Fix Pitch Black: We're pretty sure Oskar's solution will work. Our friend hasn't got back to us with simulations proving this, I may need to do them eventually. Note that this isn't the only problem with swapping - the current algorithm doesn't scale well, but Vive has a partial solution for that or at least a research direction. Fix Mobile Attacker Source Tracing: Several proposals dramatically reduce vulnerability, including random routing and restrictions on routing to newish nodes at high HTL. Fix opennet: Opennet is a lot safer if MAST is difficult. It's always going to be vulnerable to some degree, but maybe we can quantify that. Blocking: If a country wants to block Freenet and doesn't care about collateral damage, or is prepared to spend somewhat significant sums and bill the consumer, we can't prevent them blocking it. See e.g. Iran, North Korea, Cuba. However, it's looking like it'll be a long time before that happens in most of the western world. If we can make some serious progress and get more users, it may not happen at all, and Freenet becomes a long-term safeguard on the freedom of the internet. In other words it's not hopeless. Forums ------ How to make fast spam-proof distributed scalable forums: With the new key type, and some sort of per-board announcement, I am convinced that we can do this, for "good enough" scalability. The number of regular posters on a board is likely to be limited in practice, and that helps. Bootstrapping/announcement onto a forum: This one really is problematic - but it's a problem that the rest of the Internet shares. The basic problem is CAPTCHAs suck; they can often be cracked by computer, and even if they can't, solutions can be bought by the thousand very cheaply. One specific problem Freenet has is that we allow multiple attempts at the same CAPTCHA, because we use them to create keys. I don't see any immediate solution to that. Darknet ------- We need to grow a darknet. This is a social problem as well as a technical one. It may yet be intractable. But we know what we need to do technically, at least. Performance ----------- This one (raw speed, data persistence) may really be intractable, in that I don't know how much more speed we can get, though I suspect we might get a lot more data persistence. But it's not terrible, and we have a lot of ideas on how to improve it, for example there are proposals for ways to probe how exactly content falls out of the network, and our probe data suggests there is a problem with link lengths, which we should be able to investigate. Disk I/O and general system overheads: There are some important suggestions on this, it should be possible to make massive progress, we probably can't eliminate all periodic disk I/O but we can avoid writing many times every second. Bandwidth requirements: This is a serious problem, especially in places where Freenet might be most useful. On the other hand, the situation may be improving a bit. Uptime requirements: See darknet, general performance; for darknet, FOAF connections will help, for opennet, it's a matter of general performance. There are various additional possibilities on darknet for long term requests. Hardware Freenet Boxes would really help; router/home server boxes and cheap hobbyist systems are rapidly approaching the point where they might solve the uptime problem. Fast distributed search ----------------------- Right now even not-really-distributed search doesn't work very well, or isn't official, or probably doesn't scale well. However, IMHO the problem is tractable. There are various older proposals e.g. to limit the number of blocks we need to fetch, while still preserving the indexes, and in the long term new key types may allow for things that previously seemed impossible, such as collaboratively maintained yet spam-proof indexes. Transport plugins ----------------- This was in the category of "technically feasible, great idea but will never happen because there are always more important things to do". However chetan has made major progress on this (for UDP-like transports for now), and hopefully it will be merged soon. Greets to the estate of Douglas Adams. ;)
signature.asc
Description: Digital signature
_______________________________________________ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
