I will be able to work full time on Freenet for four months after my exams are over. After that, it's iffy.
Obviously the first priority has to be to make sure that other people can do releases. Beyond that, IMHO I should focus primarily on sorting out darknet. Darknet should be easy, fast, and secure. It should coexist with opennet, and automatically detect when opennet is unnecessary. And then we can implement tunnels, probably based on Pisces. This is a fairly limited amount of time, and IMHO darknet is *the key issue* for Freenet. The fact is, right now using Freenet in darknet mode is slow, insecure and above all inconvenient. Using Freenet in opennet mode is slow to bootstrap (darknet invites would actually solve this problem), and even more insecure. IMHO the major police support agencies probably already have tools to trace opennet users, they just avoid showing them in court. The academic literature shows tunneling makes much more sense on darknet than on opennet; peer selection for DHTs is an unsolved problem. Our key selling point is anonymity, as evidenced by the frequent requests for accessing Freenet over Tor. People tend to assume Freenet has good security; they're wrong, and sooner or later this will become obvious. Our first-time wizard tries to make this clear and probably puts off a lot of people as a result. Major benefits of sorting out darknet: - Hard to block. - Strong security for small inserts with reasonable performance. This applies to chat posts, but also to top blocks for e.g. freesites and files where the attacker is assumed to be initially distant. - Optional strong security for even large inserts (e.g. reinserts) and requests, at a significant performance cost. - Fast performance out of the box from an invite, via your friend who invited you, and his friends. No more waiting for opennet to bootstrap. - You can customise the bookmarks you give to your friend in the invite. - Fix published attacks on darknet, notably Pitch Black. - Can use published academic work on tunnels on darknet, e.g. Pisces. Note that darknet is a much better bet for tunneling than opennet; various opennet DHT tunnel setup algorithms have severe flaws. - Much easier viral growth. - Darknet infrastructure supports even stronger protection (e.g. non-real time tunnels for inserts) in the longer term. I'd like to hear opinions on this. Others may want me to focus on getting rid of db4o, or load management, or lots of other things. There are lots of important things to do, but not enough time to do everything. Thoughts? Obviously I hope other people will be working on other things; this is a question of how to use paid project resources.
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Devl mailing list [email protected] https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
