Re: [freenet-support] Build 1474 status and the *Freenet-bite* attack

2016-06-12 Thread Anonymous Remailer (austria) 

On 07-Jun-16 3:54 PM, Matthew Toseland wrote:
> Freenet build 1474 has been partially released. It includes a critical bugfix
> for the "Frostbite" bug: if you visit a malicious key, downloads can stop
> working. This is being actively exploited on Frost and Sone/WoT. Unloading
> WoT / turning off Frost and restarting the node should make it work again.

This crack was an exploit of Freenet. Not of Frost.
It affected both users of WoT and users of Frost.

It should for that reason not be called 'Frostbite' but 
'Freenetbite'.


All users of both programs during the attack must upgrade to the 
repaired version
of Freenet, build 1474 because their node is corrupted and can not 
be repaired.
Users whose node is corrupted can not upgrade over Freenet, they 
must use the
clearweb upgrading method.

Shut down Freenet.
Windows users must use the DOS command line, navigate to the 
Freenet folder:
update.cmd
Linux users need this command: "./update.sh"


This was not just some bug in Freenet, this attack was the most 
severe attack on
Freenet I have seen in over 10 years of using Freenet.
This crack was damaging all nodes of everybody who used either the 
Web of Trust
plugin, or Frost.

I think the importance of this crack should be taken seriously.

This time the anonymity of Freenet users has not been endangered,
but an attack this effective may well expose all damaged nodes.

Since downloading a malicious key was enough, this crack could have 
been applied
to the key of a freesite or even to the key to download a 
particular file.

I know this is no good advertizing of Freenet but this has happened.
Please allow this anonymous message on the support list.
___
Support mailing list
Support@freenetproject.org
http://news.gmane.org/gmane.network.freenet.support
Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support
Or mailto:support-requ...@freenetproject.org?subject=unsubscribe

Re: [freenet-support] Rant for Opennet

2016-05-12 Thread Anonymous Remailer (austria) 

On 11-May-16 8:27 PM, Arne Babenhauserheide wrote:
>
> Anonymous writes:
(all previous text cut)

Okay, you convinced me of how Darknet could add to my security. I 
think I understand though I'm not sure.

Yet the practical problem for me stays the same, although I now 
would like to find a darknet peer, I would not know how.
Not nice for me to write but fact, I got no close friends at all. 
Would not want to ask family as they'd understand nothing of this 
even when one has been an IT worker all his life. I could explain 
the technics but he would understand nothing of why Freenet, 
anonymity, strong encryption is needed.
To trust a coworker with the fact I run a FN node, well, I don't 
dare that either. Only one of them /might/ understand, but I don't 
want to try.

A side comment; I do not see how the NSA could take over all my 
opennet connections, no matter how many nodes it runs.
The connections limit of 40 has been raised to, 100?
I have 73 opennet connections now, 16 backed off. How could the NSA 
take over all 57 remaining connections. If the NSA would run nearly 
all nodes, okay. Could supernodes, with an extremely high bandwidth 
do this?
If so, I imagine those nodes would be similar to black holes for 
them only 'sucking in', but very visible.

Also, I have read the surfaced docs on LE Freenet investigations, 
it looks like the NSA can well identify files within Freenet, but I 
read between the lines they are not as powerful as they would like 
to be on cracking Freenets pseudonymity, in fact hardly at all at 
the moment of writing.
I have read lots on how 'the cops' try to get warrants but very 
little on how Freenet is surveilled from within.
Don't see how surveillance within would give them much to go after 
either.

So I still think it will be next to impossible to link Freenet ID's 
to IP adresses. Linking downloads to IP adresses is easy, given the 
downloaders do it in the most unsafe way. So there can be thought 
of how to make it less unsafe.

Oh, will darknet be as unsafe for the 'friends' running both 
darknet and opennet?
___
Support mailing list
Support@freenetproject.org
http://news.gmane.org/gmane.network.freenet.support
Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support
Or mailto:support-requ...@freenetproject.org?subject=unsubscribe

[freenet-support] Rant for Opennet

2016-05-08 Thread Anonymous Remailer (austria) 

Arne Babenhauserheide:
>
> This reasoning falls for 3 misconceptions:
>
> 1. You do not give your Darknet friends the key to your house. You only
> make it easier for them to break in by letting them see the insides
> as if they looked through the windows. In Opennet everybody can get a
> connection to you and run exactly the same attacks a darknet friend
> can run. So by switching to darknet, you pull down the blinds and
> *only* your Darknet friends can look through. With Opennet you do not
> have blids, so everyone can look through.

The logic of this escapes me. I'll explain below.

> 2. If you are doing things LE wants to know badly and they already know
> your physical identity, nothing can protect you. If they do not know
> your physical identity, they also do not know your friends. If they
> get to know your friends, they also get to know you, which gives them
> your IP address, allowing them to run all Opennet attacks against you
> — which are easier than darknet attacks.

Is that a fact, am I on an 'open' Darknet, connected to Opennet 
too, less vulnerable, also towards an evil 'friend'?

> 3. You do not give your Darknet friends your in-Freenet identities. To
> be safe you have to start a *new* identity in Freenet, without ties
> to people you know physically.



Thanks for replying. I had not thought of separating real life 
friends from FN 'friends', because I have understood exchanging 
noderefs requires real-life trust in the other person. That trust 
implies shared interests so we'd be friends on Freenet too.

I am not telling anyone I use Freenet, if only for the obvious 
question why I need it.

- Well, maybe I do not need it but I do feel anonymity and 
encryption is important.
- Oh? For what?
- Protection against the all-seeing eyes of Google, NSA... for 
which reasons I hate Facebook and so on.. technics are 
interesting.. mail is very unsafe.. it's a rat race of encryption 
against NSA spionage..
- Man what a bullshit. Ain't you got something better to do? For 
that reason you run a complicated, slow network? I should encrypt 
mails to you? The NSA is interested in our cracked programs?
- Yes they read everything.. all talks over phone are registered.. 
worldwide spy industry.. will you read wikileaks?
- Alu hat?

I can't afford Freenet friends.  Few understand, most don't want to 
know any of this.

Am I wrong that exchanging noderefs makes you more vulnerable 
towards a 'friend', also more vulnerable over the net?
That person knows my IP adress, that I run a node and a lot about 
the person I am in real life, because we should trust eachother.
Our ID's on Freenet and our reallife id's are linked. But I can't 
know what my friend does and hides from me. He can make me unsafe 
for our shared 'secrets', even if there aren't any.

Now nobody in real life knows that I run a node. My ISP and LE can 
see it, but FN should be designed to keep them from knowing what I 
talk about or who I am on Freenet. My reallife me is separated from 
the FN 'me'. That feels more safe to me.

Is that false logic?
___
Support mailing list
Support@freenetproject.org
http://news.gmane.org/gmane.network.freenet.support
Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support
Or mailto:support-requ...@freenetproject.org?subject=unsubscribe

[freenet-support] Rant for Opennet - was: How to hide IP when give out noderef?

2016-05-05 Thread Anonymous Remailer (austria) 

Moses wrote:

>  wrote:
>> On Thursday, April 21, 2016 03:20:07 PM Moses wrote:
>>> Hi,
>>>
>>> I trust my friend, but still not want them to see my IP directly on
>>> the freenet web page when I give them my noderef, how to prevent my IP
>>> display on their freenet?
>>
>> It is not technically possible to implement Darknet connections without
>> revealing IP addresses: The purpose of Darknet connections is to establish a
>> direct Internet connection between you and your friend, and direct 
>> connections
>> over the Internet work by using IP addresses.
[]

> I trust my friends, I just want to hide my node's physical location
> and keep my little privacy/anonymity. That's different. And consider a
> extreme situation that if friends are questioned by police, If they do
> not know, they would have nothing to tell. The best way to keep a
> secret is not tell anybody. Anyway, if hide IP is not technically
> possible, I will have to use a VPN or not adding any friend...

Your reasoning is smart.
If you have the skills to run a Freenet node from a masked IP 
address,
more power to you.
Do not use Darknet though.

Darknet is good for a secure intranet with one individual, or a few 
you can trust
with your wallet and the keys to your house.

The big problem however is: you can't trust anyone.
For a simple reason: can you know what exactly you trust them with?
On top, the more people it's about, the more you should distrust 
them.

Say you've got one Freenet 'friend' you do trust with your IP 
address,
and it's no problem he can see much of what you do because you 
trust him.
But can you know what that trusted, for your business trusted 
friend does?
That friend you can actually trust and let him have the keys to 
your house?

Maybe he is doing completely unrelated, but dangerous things on 
other networks,
like bittorrent, maybe he does dangerous things on the open net.
Maybe he is doing something in real life that will have his 
computer confiscated.
You are in trouble too if his computer is not bulletproof LE 
resistant,
or if he hands down his passwords.
His friends connection may then be taken over by your friendly 
officer, and he
can now see way too much of you and everybody else in your 
'dark'net.
Effectively you have given the friendly officer the keys to your 
house now.

To connect to the 'big Freenet', in order to insert/download public 
files,
publish/visit freesites everybody can see, at least one of your 
'friends'
needs to connect to Opennet, the 'strangers' network.

If you are doing things LE wants to know badly, chances are good 
your darknet
will be infiltrated.

Darknet may seem more secure because traffic within a 'closed' 
darknet can
not easily be recognized as you running a Freenet node.
But this provides a false security because of the problems just 
described.
These problems do not exist on Opennet because you can not be 
recognized as
a real person, Frost/FMS/Sone identities can't be traced to your IP 
address.
Also, files you download/insert, freesites and messages can not be 
linked to your
identities by a third party. This is the good news on the 
distributed, decentralized
peer network Freenet is.
Freenet is pretty smart at hiding which node downloads a file, or 
inserts one.
In particular small files can't be traced because there is no time 
for an attacker
to 'see' it.


If you need anonymity, do not touch Darknet but stick to Opennet.
___
Support mailing list
Support@freenetproject.org
http://news.gmane.org/gmane.network.freenet.support
Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support
Or mailto:support-requ...@freenetproject.org?subject=unsubscribe

[freenet-support] latest 0.7 build blows

2006-11-06 Thread Anonymous Remailer (austria) 

first you have the damned thing spending forever farking with the store on 
startup, then you fark with the store so that it isn't going to grow like 
it should, now the farking thing starts up and pukes all over itself. 
logfile showed it was opening CHK store database when it happened. I tried 
everything, the only thing that fixed was to delete entire store. only then 
would it start up.

also, why cant 0.7 have more than a few peers connected?

[freenet-support] latest 0.7 build blows

2006-11-06 Thread Anonymous Remailer (austria) 

first you have the damned thing spending forever farking with the store on 
startup, then you fark with the store so that it isn't going to grow like 
it should, now the farking thing starts up and pukes all over itself. 
logfile showed it was opening CHK store database when it happened. I tried 
everything, the only thing that fixed was to delete entire store. only then 
would it start up.

also, why cant 0.7 have more than a few peers connected?

___
Support mailing list
Support@freenetproject.org
http://news.gmane.org/gmane.network.freenet.support
Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support
Or mailto:[EMAIL PROTECTED]