Re: [freenet-dev] Separate browser or not

[Zero3]

Colin Davis skrev:
 We could probe on the main fproxy page, in the same place we have the IE 
 warning, IIRC.
 If they switch it off after that, it's their business; They turned it 
 on, and they can turn it off.

I agree.

We could include a first-time dismissable infobox informing the user 
that his browser was started in incognito mode and what that means for 
his privacy. If the user decides then to turns it off afterwards, we 
really should assume that he knows what he is doing (or in other words: 
His own responsibility).

Maybe in the future, browsers will support that we simply submit a 
domain that always should be browsed in incognito mode. But for now, the 
above seems like enough petting to me too.

- Zero3
___
Devl mailing list
Devl@freenetproject.org
http://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Separate browser or not

[Zero3]

Matthew Toseland skrev:
 Firefox has issues with coalescing windows, no? If I run firefox with command 
 line options to use one profile, it may use another if a window is already 
 open, there are things like that... Is opening a window with privacy mode 
 enabled safe and reliable?

I haven't tried out the beta yet, so I don't know how FireFox will 
handle incognito mode. Chrome handled it perfectly during my test 
session. Even with a non-private window open, launching a new chrome 
with the -incognito switch and the fproxy URL correctly made chrome open 
it in a new, private tab.

We shouldn't need to specify a specific profile as we did when we 
installed our own...

- Zero3
___
Devl mailing list
Devl@freenetproject.org
http://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Separate browser or not

[Zero3]

Matthew Toseland skrev:
 Detecting the version of an installed application in the launcher (at 
 least in Windows) shouldn't be a problem. It will most likely be 
 registered in the registry next to the .exe path we are checking already 
 for the individual browsers. We can also check the version info of .exes 
 as an alternative (most Windows applications are compiled with various 
 static info like version and author). The Windows launcher is already 
 running Chrome with a command line argument making it start in privacy 
 mode btw.
 
 You should prioritise Chrome with privacy mode over Firefox without it.

Agreed: https://bugs.freenetproject.org/view.php?id=3118.

- Zero3
___
Devl mailing list
Devl@freenetproject.org
http://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Separate browser or not

[Zero3]

Colin Davis skrev:
 As implemented currently, Private browsing is all-or-nothing in 
 FF3.5beta4 and Safari, but Google Chrome is per-window.
 Firefox has issues with coalescing windows, no? If I run firefox with 
 command 
 line options to use one profile, it may use another if a window is already 
 open, there are things like that... Is opening a window with privacy mode 
 enabled safe and reliable?

I guess both ways should work fine for us? We simply launch the browser 
with the command line arguments, and let the browser handle the 
window/tab management?

- Zero3
___
Devl mailing list
Devl@freenetproject.org
http://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Usability test results

[Zero3]

Matthew Toseland skrev:
   Well, we already have a Browse Freenet script on all three platforms.
 Currently it detects browsers that we know about. You don't have to use it if 
 you don't want to. But we should extend it to use incognito mode if possible, 
 and to favour browsers with such support. I dunno how we can determine 
 whether such a mode works with the particular installed version though...

Best clue is to check the versions of the found browsers - or simply 
assume that the user has fairly up-to-date software and pass the switch 
anyway. Old browsers will probably just ignore the command line switch 
if they don't know about it.

- Zero3

___
Devl mailing list
Devl@freenetproject.org
http://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Please help us test the new wininstaller (Vista users especially welcome)

[Zero3]

gh...@hushmail.com skrev:
 Using the current wininstaller (FreenetInstaller-1210), I installed
 into Windows 7 x64 Build 7100. Installed java as prompted (x32).
 Install went very well. The uninstaller leaves user 'Freenet' and I
 updated my open ticket(bug) with these results.

Your bug at https://bugs.freenetproject.org/view.php?id=3113 is a 
duplicate of https://bugs.freenetproject.org/view.php?id=3080 ;).

But you are correct. The issue has been discussed a couple of times 
already. The problem is that there is no easy/proper way of deleting the 
user folder. For some reason, Windows does not provide an easy way of 
doing this. Googling the issue will reveal that many people have 
stumbled upon this problem before us. At the moment, we include a 
third-party tool that correctly deletes the profile folder on Windows XP 
and earlier. We haven't yet found one that works for Vista as well.

  Freenet found that I had Chrome installed and used it, even though
  it was not my default browser.Bug/Feature?

That is actually a feature :). The launcher has a prioritized list of 
browsers it will look for, and use if found. Chrome is a lot more secure 
than IE (for example) and supports incognito mode, hence it is higher 
prioritized.

Maybe we should inform the user of this in someway. Hmm...

- Zero3
___
Devl mailing list
Devl@freenetproject.org
http://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

[freenet-dev] Usability test results

[Arne Babenhauserheide]

On Friday, 15. May 2009 22:07:34 xor wrote:
> Wouldn't it take much load off the "internet", i.e. small bandwidth
> connections, if any nodes which are connected via LAN used the LAN for
> routing requests if possible?

I assume that it would also help privacy, because then timing analysis and 
similar would become much harder, since external nodes can't look into the 
LAN. 

To avoid too  easy internal traceability, the option of switching to port 8080 
or 5223 (jabber server with SSL) (or 80 if started with sufficient rights) 
would be nice. It would avoid the question "what exactly are you running?"

Best wishes, 
Arne

--- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- 
   - singing a part of the history of free software -
  http://infinite-hands.draketo.de
-- next part --
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: 
<https://emu.freenetproject.org/pipermail/devl/attachments/20090517/b6505ab8/attachment.pgp>

[freenet-dev] Usability test results

[Matthew Toseland]

On Saturday 16 May 2009 23:20:08 Arne Babenhauserheide wrote:
> On Friday, 15. May 2009 22:07:34 xor wrote:
> > Wouldn't it take much load off the "internet", i.e. small bandwidth
> > connections, if any nodes which are connected via LAN used the LAN for
> > routing requests if possible?
> 
> I assume that it would also help privacy, because then timing analysis and 
> similar would become much harder, since external nodes can't look into the 
> LAN. 
> 
> To avoid too  easy internal traceability, the option of switching to port 
8080 
> or 5223 (jabber server with SSL) (or 80 if started with sufficient rights) 
> would be nice. It would avoid the question "what exactly are you running?"

Not much point hiding it if you're broadcasting the existence of nodes via 
MDNSDiscovery!
-- next part --
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 835 bytes
Desc: This is a digitally signed message part.
URL: 

[freenet-dev] Wininstaller deployed

[Juiceman]

On Thu, May 14, 2009 at 1:31 PM, Zero3  wrote:
> Matthew Toseland skrev:
> ?> We now include wget.exe and sha1test.jar. Also, I have put the
> update.cmd in
>> update-new.cmd on emu and updated it to fetch itself, and made it use icacls
>> on win 5.2 (XP64, win2k3 server etc). And fixed some problems with its use of
>> the start/stop scripts, and a bug that was causing it not to switch between
>> builds that had already been downloaded (which still exists in the other
>> version of update.cmd iirc). So it works now, despite java not being on the
>> path (causing the verification not to run; why doesn't it just fail?).
>
> Regarding these comments in update.cmd:
>
> ":Assume that it was running, no way to easily tell - FIXME what to grep
> for in the service list when multiple installs?"
>
> and
>
> ":: ?FIXME ? do we need a new error handling section for the new .exe?
> Will it handle errors itself?"
>
> The service name is "freenet", where  is
> the contents of installid.dat in the install dir (empty on first
> install, "_2" on second install, "_3" on third install and so on).
>
> Run "start.exe /?" and "stop.exe /?" to see command line options and
> return codes (or look in the source: src_freenethelpers/FreenetStart.ahk
> and src_freenethelpers/FreenetStop.ahk).
>
> - Zero3

I have committed a new version of the script that sets restart flag on
exit code 0, errors on 1 and continues on 2 (node already stopped).

Zero3- Do the start/stop exe's look for the installid.dat and use that
when starting and stopping the node?  I assume so, and that it is a
relative path .ie. ..\installid.dat  If so then we don't need to grep
for the service in the script at all?

[freenet-dev] Separate browser or not

[Zero3]

Colin Davis skrev:
> We could probe on the main fproxy page, in the same place we have the IE 
> warning, IIRC.
> If they switch it off after that, it's their business; They turned it 
> on, and they can turn it off.

I agree.

We could include a first-time dismissable infobox informing the user 
that his browser was started in incognito mode and what that means for 
his privacy. If the user decides then to turns it off afterwards, we 
really should assume that he knows what he is doing (or in other words: 
His own responsibility).

Maybe in the future, browsers will support that we simply submit a 
domain that always should be browsed in incognito mode. But for now, the 
above seems like enough petting to me too.

- Zero3

[freenet-dev] Separate browser or not

[Zero3]

Matthew Toseland skrev:
> Firefox has issues with coalescing windows, no? If I run firefox with command 
> line options to use one profile, it may use another if a window is already 
> open, there are things like that... Is opening a window with privacy mode 
> enabled safe and reliable?

I haven't tried out the beta yet, so I don't know how FireFox will 
handle incognito mode. Chrome handled it perfectly during my test 
session. Even with a non-private window open, launching a new chrome 
with the -incognito switch and the fproxy URL correctly made chrome open 
it in a new, private tab.

We shouldn't need to specify a specific profile as we did when we 
installed our own...

- Zero3

[freenet-dev] Separate browser or not

[Zero3]

Matthew Toseland skrev:
>> Detecting the version of an installed application in the launcher (at 
>> least in Windows) shouldn't be a problem. It will most likely be 
>> registered in the registry next to the .exe path we are checking already 
>> for the individual browsers. We can also check the version info of .exes 
>> as an alternative (most Windows applications are compiled with various 
>> static info like version and author). The Windows launcher is already 
>> running Chrome with a command line argument making it start in privacy 
>> mode btw.
> 
> You should prioritise Chrome with privacy mode over Firefox without it.

Agreed: https://bugs.freenetproject.org/view.php?id=3118.

- Zero3

[freenet-dev] Separate browser or not

[Zero3]

Colin Davis skrev:
> As implemented currently, Private browsing is all-or-nothing in 
> FF3.5beta4 and Safari, but Google Chrome is per-window.
>> Firefox has issues with coalescing windows, no? If I run firefox with 
>> command 
>> line options to use one profile, it may use another if a window is already 
>> open, there are things like that... Is opening a window with privacy mode 
>> enabled safe and reliable?

I guess both ways should work fine for us? We simply launch the browser 
with the command line arguments, and let the browser handle the 
window/tab management?

- Zero3

[freenet-dev] Usability test results

[Zero3]

Matthew Toseland skrev:
  > Well, we already have a Browse Freenet script on all three platforms.
> Currently it detects browsers that we know about. You don't have to use it if 
> you don't want to. But we should extend it to use incognito mode if possible, 
> and to favour browsers with such support. I dunno how we can determine 
> whether such a mode works with the particular installed version though...

Best clue is to check the versions of the found browsers - or simply 
assume that the user has fairly up-to-date software and pass the switch 
anyway. Old browsers will probably just ignore the command line switch 
if they don't know about it.

- Zero3

[freenet-dev] Please help us test the new wininstaller (Vista users especially welcome)

[Zero3]

ghoul at hushmail.com skrev:
> Using the current wininstaller (FreenetInstaller-1210), I installed
> into Windows 7 x64 Build 7100. Installed java as prompted (x32).
> Install went very well. The uninstaller leaves user 'Freenet' and I
> updated my open ticket(bug) with these results.

Your bug at https://bugs.freenetproject.org/view.php?id=3113 is a 
duplicate of https://bugs.freenetproject.org/view.php?id=3080 ;).

But you are correct. The issue has been discussed a couple of times 
already. The problem is that there is no easy/proper way of deleting the 
user folder. For some reason, Windows does not provide an easy way of 
doing this. Googling the issue will reveal that many people have 
stumbled upon this problem before us. At the moment, we include a 
third-party tool that correctly deletes the profile folder on Windows XP 
and earlier. We haven't yet found one that works for Vista as well.

 > Freenet found that I had Chrome installed and used it, even though
 > it was not my default browser.Bug/Feature?

That is actually a feature :). The launcher has a prioritized list of 
browsers it will look for, and use if found. Chrome is a lot more secure 
than IE (for example) and supports incognito mode, hence it is higher 
prioritized.

Maybe we should inform the user of this in someway. Hmm...

- Zero3

[freenet-dev] Using standard ports of encrypted protocols

[Arne Babenhauserheide]

Hi, 

It would be nice, if I could tell freenet to use standard ports for 
communication - especially for connections inside a LAN (where the possibility 
that an admin is watching all used ports might be a bit higher than on the 
internet). 

I'd think it would be useful to just test a list of ports normally used for 
communication (ideally encrypted), so that encrypted data wouldn't draw 
suspicions (and so we don't need to implement full steganography at once, but 
can move towards it). 

Maybe the option could include a list with the note "Only select services you 
DON'T want to run!"

Some ideas, not all encrypted: 

- 2190/UDP  TiVoConnect Beacon
- 2593/TCP,UDP  RunUO?Ultima Online server
- 3723/TCP,UDP  Used by many Battle.net Blizzard games (Diablo II, Warcraft 
II, Warcraft III, StarCraft)
- 3724/TCP,UDP  World of Warcraft Online gaming MMORPG
- 4000/TCP,UDP  Diablo II game
- 6619/TCP,UDP  odette-ftps, Odette File Transfer Protocol (OFTP) over TLS/SSL
- 6891?6900/TCP,UDP  Windows Live Messenger (File transfer)
- 6901/TCP,UDP  Windows Live Messenger (Voice)
- 28910  Nintendo Wi-Fi Connection

(all information from 
http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers 
I'm sure there are more...)

Is tehre any danger in using known ports? 

Best wishes, 
Arne

--- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- 
   - singing a part of the history of free software -
  http://infinite-hands.draketo.de
-- next part --
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: 
<https://emu.freenetproject.org/pipermail/devl/attachments/20090517/976af2ef/attachment.pgp>