On Jan 7, 2011, at 7:17 AM, Alex Rollin wrote: > Hello, > > I'd like to share my uses cases for a Darknet in a neighborhood > wireless network. Please feel free to tear them apart. I'm wondering > where and how Freenet can be "the filesharing program" of choice, > here, and I realize some cases may be missing some necessary detail. > Perhaps this group can help me to understand where I need to do more > work. Thank you for your time and for creating such an awesome and > needed program!
I just wanted to say thank you for trying to set something like this up. If I was in that situation I would love to have access to this awesome community darknet. It's kind of like a speakeasy; except instead of alcohol, it's knowledge (my personal drug). Please note that I don't have all the answers. For one subject I linked to some software which might help out, but that I have no experience with. For many others I'll be posting a second message after this one filled with questions that hopefully someone else in the community can answer. > Summary > > In Indonesia bandwidth to outside the country is very expensive. It > is much simpler to construct a network that allows users to share > files within a small-world local area network. Our goal is to > preserve anonymity and to increase access to education materials > through trusted individuals over a wifi network. > > Nouns > > These use cases revolve around these objects: > Trainee - the trainee is a computer user who is assumed to have > minimal computer savvy. They are engaged in training to learn more > about computers! > Trainer - the trainer is loading traning videos to the network along > with support information > Cafe Operator - this person controls the hardware and configuration of > several computers. Users of the computers are anonymous. > Training Site - an html file with descriptions of and links to Video > files and support files like PDFs and additional sites with exercises. > Training Video - the distribution of video is a key to this system. > Downloading copies of the large video files from other countries is > not practical in our example. > Wifi Network - this network is NOT connected to the internet; it only > connects users to each other. > File sharing program - should allow for maximum anonymity. Only > connect with known friends in the network. No sharing of personal > information by default. Best if it can be configured with default > settings for maximum protection. > > Objectives > > Plausible deniability - any one person should not know what file/s are > stored on a computer. That's how it should be. And if guest accounts are set up to auto-delete it protects the cafe owner as well. > Ease of use - if given the name of a friend, the SSID of the network, > and the name of the fliesharing client the user should be able to > setup the program with maximum security > Speed of access - even large video files should be relatively > accessible. The wait for a 1GB download should be less than 1 hour. > Run in the background - the file sharing program should be running in > the background unobtrusively so as to speed packages through the > network. Ideally the program could be configured to make connections > through a "preferred" network connection to 'stop' any connections > being made over an ISP network. Whether or not the file in question was uploaded by a Trainer or was taken from the outside internet, it will naturally propagate to most/all of the nodes in your Darknet. Assuming there is enough Freenet cache space in your Darknet, and that files are accessed somewhat often, they should last for a very long time and would maintain fast download speeds. Note: the more nodes that have a copy of a file, the faster the download will be for new nodes. Cafe nodes would be particularly useful in a community Darknet, as they would be used by multiple people requesting the same files. Thus, the downloads would be near instantaneous for regularly accessed files. If an ISP node owner wants a particular file or Freesite easily available to community members, they will want to access it themselves ahead of time so that their node has cached it in advance so that community members have rapid access. One very important issue will be bandwidth usage over ISP-connected nodes. Everyone else in the network depends on them for access to the "outside world." You cannot expect every Trainee to respect that they shouldn't try downloading huge files from outside your Darknet, so it would be absolutely necessary to protect any volunteers (that are essentially donating their ISP-bandwidth) from overage charges. I found some useful information here[1]. ISP-connected nodes can limit their data usage either by uploading custom firmware such as Gargoyle[2] to their router or by running something Squish[3] on their node. If going the Squish route, one would want to limit ethernet-based data usage (ISP), but not wifi-based (Darknet). > > Use Cases > > Use Case: Adding a new Video and Updating the Index > > The Trainer signs into their file sharing program > They choose a video to share and load the video > They receive a key that is a reference link to the video > The user stores this key in an html file > The user shares the new version of the html file This should work just fine. If a Trainer wants their files to be available to the outside world, they should publish a Freesite with links to them. If the bandwidth usage is too great, however, then some other way to host the file links must be used. One possibility is to run a simple web server that loads the plain html site for anyone that connects to the wifi network so that they can copy/paste the file refs into their Freenet node and download the files. With this set-up there would be no chance of the outside world consuming your bandwidth because they wouldn't have the file refs to download them. > Use Case: Watch a Training Video from the Darknet > > User can sit at an internet cafe and login to a machine anonymously > User can click a link and be taken to a web page > The web page is loaded from a distributed filestore anonymously > The web page points to video file link > The user clicks on the link and the video loads > The user watches the video The cafe owner will have to be very careful when setting up user permissions on these computers. The guest user shouldn't have access to /any/ part of the filesystem that isn't necessary for them to run a web browser, copy files to the desktop, and copy files to a portable drive. Mac OS X does very well at creating limited, temporary guest accounts (which are deleted after use); I don't know about other operating systems. The admin account should be the only one that has access to Freenet, both starting up and shutting down, and changing preferences. Unfortunately, I do not know of a way to prevent guest users from changing the node's preferences. Currently anyone that has access to 127.0.0.1:8888 (any user of that computer) can do serious damage to the node (Freenet software, not the OS or hardware ((( I hope))) ). I vaguely remember that some of us are pushing to create "accounts" on a node so that multiple people can use it. At any rate, it would be useful to create an admin account to secure control of the node's preferences. This is a big problem that needs to be fixed before you or anyone else try setting up a Freenet cafe. > Use Case: New User > > A new user receives a "friend code" from a friend and a key for a > shortcut to the Training Site > The user downloads a piece of file-sharing software and configures it > for maximum security > The user adds the "friend code" > The user is now "connected" to the friend > They login to their home computer and connect to an unsecured wifi network > The user enters the key for the Training Site and downloads it. Currently, to my understanding, a new user must connect to 10 friends before they can implement the maximum security setting. Though with such a tight-knit community that shouldn't really be necessary. Earlier you mentioned "a few trusted individuals" that everyone would connect to. Would new users get their friend code as well? You might want to limit the number of connections that cafe nodes have with other cafe nodes so that there are empty slots for users with personal computers. What I mean is that, say, each cafe machine should have a hard-linked connection to only 10 other cafe machines. Of course, you will want to choose those connections wisely so that the entire network can quickly recover from a cold restart. I'm sure there is some mathematical formula that describes how they should all be interlinked so that such a reboot happens quickly (doesn't put too much strain on any one node). > Use Case: New wifi extension and dedicated storage > > A cafe operator installs a wireless router to extend the wifi network > The cafe operator sets up a computer that is connected to the wifi > network and running the file-sharing program. > The operator calls the new node "kamicave" > The operator shares 2TB of diskspace on the computer. > The machine is then connected to the operator's friend in the Darknet > through a friend key. As far as I understand that computer with 2TB storage won't accumulate many files because it wouldn't be acting as either [A] a primary router for other nodes or [B] an active downloader of files. If the computer's just sitting there, it won't be of much use. It seems to me that the best solution would be to distribute those 2TB of drives in the cafe machines and allocating it to Freenet for cache space. I don't understand why you group the storage computer and the wifi extension in one. Personally, I'm not sure that a wifi extension would work correctly unless the second router delegated DHCP duties to the primary wifi router. That everyone would have a unique IP address in the LAN. > Use Case: New Multi-user machine > > The operator sets up the filesharing software on 15 machines on site > in their internet cafe. > The machines are then connected to the operators' friend as well as > his own "kamicave" > The cafe owner shares 20GB of space on each of 15 machines > He chooses to run the file-sharing program in the background as a service > He locks down the configuration of the service so that the cafe users > may not adjust the privacy and security settings > He configures a link so that each machine can browse and download > files from the Darknet through "kamicave" or other friends that he > adds to the network. One thing to note here is that the connection limit per node is 40. That means that, if every device is to connect directly to the operator's friend and kamicave, there isn't much room to scale. Either way, remember that nodes by default share the noderef of their peers to other nodes they connect to. That means that one way or another new nodes can fetch data from kamicave and the operator's friend. > Use Case: User on multi-user machine > > User logs in anonymously to a machine > They bring up the filesharing program and add a new friend > They download a file from the friend and view it > After logging out of the machine their "friend" is purged from the > settings of the file sharing program and all data downloaded or > associated with the sessions is erased and overwritten It doesn't seem feasible to allow guest users to change the routing of a multi-user machine. That would mean giving them access to other preferences. It seems that you might just have to tell those people to use their own machine. ... That is, unless we implement a feature that specifically allows a user to temporarily connect to a node of their choosing, even though they can't change the other preferences. Thinking about it, such a feature sounds very useful if Freenet is to become a widespread phenomenon.
