Hi freenetters and interested, Over the last few weeks I discussed with a few people about help in getting funding (thanks to Sandra from OpenITP for making the connections!). During these exchanges I wrote some stuff about freenet which I want to share. This will be unstructured, because my time is too limited right now to make it coherent. Please bear with me…
# Freenet for Journalists (use-case) To make “Freenet as tool for Journalists” a bit clearer, I worked on a use-case. All the following is already possible with the current capabilities of freenet, but much less convenient than described here. The usecase is similar to secure-drop¹, but instead of relying on tor, GnuPG and a centralized hidden-service, we use the inherently distributed freenet-store with the freemail plugin which have a smaller attack surface for the organization - and the friend-to-friend-mode in freenet (darknet) offers a way to increase the security against institutional surveillance (simply finding all users of the software). ¹: https://pressfreedomfoundation.org/securedrop ------ Nick is a Journalist. He has been active in Freenet for a few months, using a small plug-computer running in his . He maintains a website in Freenet which he links from his site in the clearnet, and he republishes some of his articles to Freenet to spread information about his work to anonymous people. On this website he publishes an email-address for contacting him over Freenet, and he regularly gets feedback to his articles from anonymous and non-anonymous people alike. On his business-card he publishes the link to this website as well as a link to Freenet, so potential sources can get information about him without exposing their identity. Janice is working for a big military contractor. She has been questioning the effect of her work for years, and last year she got information about a secret project she cannot reconcile with her conscience. One week ago she talked to a friend about this, and the friend passed her the business-card of Nick, along with a USB-stick with a Linux Live System which can connect them over Freenet. Janice now goes to a bar with internet access, puts a USB-stick into her laptop and starts Freenet. She types the link to Nicks site into her browser, and after she is certain that Nick is the right person to contact, she clicks the anonymous email link. The link brings her to a textfield for entering the mail along with the note “will be sent after creation of a new Web of Trust ID”. She types her message and sends it. Freenet shows her the confirmation message “mail sent. Your new anonymous ID is Koyah_McLaughlin_Everest. Please write down the following key. You can use that key to connect with your ID from any Freenet installation.” Janice writes the key SSK@Y~zhpj9hXhnwp52NI4owiY~KVPb73zgXVEYnr~LAzgc,fnmGDfSGU5GZq8Iha8WdTICb5etw6Mj0vcZAb64Y5Lw,AQECAAE into her notebook. Then she orders a coffee and reads on: “Your message will be delivered after you solve about 10 captchas to prove that you are human. If you see no captchas yet, please give Freenet at least 15 minutes to collect the captchas. You will only have to solve captchas once per ID.” After 10 minutes Freenet shows her 20 captchas. She solves them and sees the message “captchas are being inserted. This will take about 10 minutes.” Then she watches a progressbar count up. 8 minutes later, after the second coffee the progressbar finishes. Janice shuts down her laptop, pays in cash and leaves the bar. Since she only ran a Live Linux, no trace of what she did is left on her stick. One day later Nick comes home and checks his E-Mail. He instantly sees the new email sent via Freenet. While reading the information from Janice he feels the familiar jolt of excitement. This could be big. He crosschecks what he can, then answers Janice. The next week, Janice goes into another bar with internet access. She orders a coffee and plugs in the USB-stick. After starting the system, she goes to the email plugin and enters the key she wrote down to check her inbox. A message asks her to wait a few minutes while her ID is being restored. Just as she finishes her coffee, she sees the new email in her inbox: Nick answered. Over the next few weeks Nick and Janice keep in contact. Nick gives Janice advise how she can keep a low profile, then he runs his story. A few years later Nick gets another email from Janice. The news story shook up the company, but Janice was able to keep clear of major problems. Freenet helped her to keep her name out of trouble despite complete email metadata surveillance on the clearnet. Now she has gotten wind of another unethical project, and she wants to ensure that it does not stay hidden from the public. # Target Group: Journalists We discussed target users a bit over the week, and one of the target groups who could already benefit a lot are Journalists: Freemail (E-Mail over Freenet) provides non-tracable communication for them without need for resilient infrastructure on the part of the Journalist. And those two parts together aren’t easy to get by anywhere else. A special point is that when using a freemail address the only information which surveillance can find is that the Journalist got contacted, but not by whom, not the content and not whether a longer discussion took place. But it’s still far too hard to use and requires too much effort on the part of people who want to reach the Journalist. Both problems are solvable (and we already floated around ideas to solve them), but as always someone has to write the code... One other reason for focussing on journalists is that Freemail is the solution which (in my understanding) provides the strongest security. So this would allow us to make our technically strongest solution usable for a very important use-case - which today is more important than ever, now that journalists have to worry that their hint-givers are exposed by surveillance from the NSA. Freemail could allow to break that surveillance: It can even hide metadata under total internet surveillance (as long as freenet itself stays legal - our plans for situations where freenet is illegal aren’t yet realized far enough that I would dare to tell people to bet their lives on them). # what are your projects success and how will funding provide new growth? Freenet is a pretty old project (the first paper on Freenet appeared 1999) which has been moving forward bit by bit and was never shy to target the really high goals instead of going for instant usefulness. And this was also one of its big problems: Freenet already includes real-life solutions for problems which are only now getting broader attention - like efficient routing on restricted routes as you need it in a mesh or for swarms of drones as well as anonymous, verifyable updates and spam resistance in anonymous communication - but these were found because they were actually needed and we published no papers on them. At the same time, the freenet project was mostly ignored by the filesharing crowd, because censorship-resistance done right has a big impact on performance. Still we nowadays have working anonymous forums, microblogging, email, chat and website-publishing. And we have some really old websites which are still accessible, though they have not seen an update for years - which speaks for the longevity of well-spread sites in freenet. The basic papers on Freenet were pretty big in academia (routing in a small world), but once it came to the real-life implementation, that interest quickly faded: We could not theorize about the big new routing breakthroughs, because we actually walked the hard road of realizing the benefits of one of these methods, and the metrics required in academia for new algorithms are pretty hard to come by in a really anonymous network with very heterogenous participants - and lots of hard-to-prove code-paths which are necessary to persist in the real world. (when I use “we” here, I mostly mean the main developers. I support development, but rather from the sidelines, so I do not see me as a core developer - despite having mentored Steve during the last GSoC) But at the same time, freenet was always plagued by a lack of polish. The problems in front of us were so big, that user experience was often pushed to the back row and many solutions we have did not actually get used, because the last few steps to make them practical were missing - or in the worst case because they were not merged, when our main developer could not keep up with the needed code-review - which is needed to make it less likely that freenet-users would be exposed due to potentially malicious contributors. So I actually welcome the need to focus on use-cases for funding. This is something we have been lacking for too long, and it should allow turning lots of almost finished solution into something which more people can use - and enjoy to use. # what makes freenet different? Different from i2p and tor, the main contenders in anonymous communication, freenet is no general routing layer, but rather a censorship resistant publishing system. On the technical side, it provides a global, anonymous datastore which purges non-accessed data after a certain time to make room for new data. It is performant enough, that messaging applications can be built on it and get down to latencies of 30s (we have this for IRC), but when going to such low latency, quite a few timing attacks become possible (which is why most of our anonymous contributors stopped using IRC-over-freenet again). The store provides private-public-key-based namespaces, into which only those can upload who have access to the private key. On the practical side this means, that you can publish something and go offline, and people will still be able to retrieve it. If it does not get accessed it will drop out in a matter of weeks, but as long as people access it, it stays available. Also since only you hold the private key, you can establish a stable pseudonym, which people can start to trust over time without having to really know you personally. This makes it an ideal tool to provide a newsfeed without exposing yourself to censorship. And different from the general internet, if many people access your site, it does not go down but rather becomes faster as it spreads inside caches within freenet. On top of this store, freenet provides many kinds of services, which automatically benefit from anynomity, stable pseudonyms, DDoS resilience, and so on. Most of them are implemented as plugins, but there’s also a simple API (as well as bindings for several programming languages) which allows other applications to access freenet. # The current state of Freenet (I’ll just write it to keep the round-trip time short. Simply skip the following 3 text-blocks if you first need something else. If there’s anything more you need, please say so!): - The project is freenet, available from http://freenetproject.org - It provides censorship-resistant communication and sharing of arbitrary data among its users. - Freenet is free software and has been in practical use for about 10 years with about 10k users, rising and falling by about 5k. There are some scientific papers on its operation: https://freenetproject.org/papers.html - Up till half a year ago, we had a donation-funded main developer, who now got hit by a high-ranking university (he enrolled). We have a new paid developer, but he can only tackle selected features and the money isn’t enough for full-time. - A new developer (Steve) has taken over maintenance. He already finished 2 GSoC tasks and has experience with most of freenet, but he is close to finishing his studies, so he needs to go looking for a job soon to repay his studying debts. That’s where I hope that the grant could come in. He would need about 60k a year to be able to take on Freenet as his main work. - Freenet offers some unique features: - Strong focus on censorship resistance: All features in freenet derive from the goal of providing censorship resistant publishing: Persistent anonymous IDs, WebOfTrust for spam resistance, Global datastore which purges non-accessed data, and quite a few more. - Multiple modes of operation, with tradeoffs between ease of network integration and effective security. Users can elect to be automatically connected to the network (opennet), but this makes their participation in freenet visible. Darknet mode avoids this kind of user harvesting by only connecting to trusted friends, but currently is not simple to set up. Freenet users running both modes can act as a bridge between several disconnected darknets to form a single global darknet. - Publishing of files and websites which stay available after the uploader went offline. Different from tor, there is no single provider for hidden sites: They are stored decentrally in the global datastore. - Truly anonymous microblogging without any centralized components. - Spam resistant discussions through a web of trust. This allows for seamless discussions with anonymous and non-anonymous participants. - Freenet's main weaknesses are a non-intuitive User Interface, a dependency on a brittle database (db4o), brittle installers, and lots of rough edges. That’s something the new maintainer would like to fix - and for which he definitely has the skills. But to do so, he needs time. A small brainstorm with the current maintainer gave a potential goal: Easy to use freenet without any centralized weaknesses. Deliverables: No more db4o. Darknet invites¹. Better website infrastructure. Distro packages and improved installers. Refactoring to use an already mostly finished new web UI. ¹: Darknet invites mean, that every freenet user could generate installation bundles for friends which instantly connect the friends to his freenet, so a darknet-style freenet can spread virally. Currently that’s already possible but very cumbersome. Best wishes, Arne -- 1w6 sie zu achten, sie alle zu finden, in Spiele zu leiten und sacht zu verbinden. → http://1w6.org _______________________________________________ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
