Re: [freenet-support] Question
Czery Swizier writes: > Anyone can store anything onto the network. > You do not know what is stored on your particular node since the data is > encrypted and distributed. And just as important: Files are encrypted and then split into small chunks of 32KiB. These chunks cannot be decrypted by themselves. You need the key for the file (which conveniently is just the link used to access them). So what’s on your disk are just small chunks of white noise which are totally useless without the key. They cannot even be correlated to a specific link without having the link in the first place. Essentially your computer acts as part of a distributed caching proxy server which cannot know what it caches. That’s how "the cloud" *should* work (but typically does not). Best wishes, Arne -- Unpolitisch sein heißt politisch sein ohne es zu merken signature.asc Description: PGP signature ___ Support mailing list Support@freenetproject.org http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:support-requ...@freenetproject.org?subject=unsubscribe
Re: [freenet-support] Question
Anyone can store anything onto the network. You do not know what is stored on your particular node since the data is encrypted and distributed. The entire goal of freenet is to provide storage such that - you don't know who inserted files - you don't know where the files are kept - if you access a node, you cannot actually discover what files the node is storing This gives the ability to deny any wrongdoing! This is much like how tor relay operators (NOT exit operators) can deny any responsibility for the content that passes through their nodes. In regards to your IP address question, people can see your IP since you need it to connect to *other people* in an opennet at least.. If you don't want strangers to know your IP, you can choose darknet mode which will only connect you to people you already trust. If you are using an opennet, people will be able to tell you are using freenet but as long as you are careful, no one can trace data to and from you. On Tue, Dec 20, 2016 at 9:20 AM, Kevin S.wrote: > Hello, > > Im interested in using Freenet, but I have 2 questions. > > "Users contribute to the network by giving bandwidth and a portion of > their hard drive (called the "data store") for storing files. Files are > automatically kept or deleted depending on how popular they are" > > Can you elaborate on this? Does that mean someone can store whatever they > want on my HDD? How do I know its not something illegal? > > Also, when using freenet, how do I know others cant see my real IP? Can > you describe? > > Thank you > > ___ > Support mailing list > Support@freenetproject.org > http://news.gmane.org/gmane.network.freenet.support > Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/ > support > Or mailto:support-requ...@freenetproject.org?subject=unsubscribe > ___ Support mailing list Support@freenetproject.org http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:support-requ...@freenetproject.org?subject=unsubscribe
Re: [freenet-support] Question regarding legal case
The files where uploaded to a temporary filehost, they should still be available on Freenet. Seems the pastie.org is still working for me. Bryce: > >>These two files may be of assistance [0][1], and I believe the developer >>volunteer by the name of ArneBab on FMS has posted a correction to the >>math used by LEA in regards to their black ice project [2]. Maybe try >>contacting them. >> >>[0] Clearnet >>https://transfer.sh/WWpvv/freenet-investigations-white-paper-black-ice-090413-.pdf > >>[1] Clearnet >>https://transfer.sh/rzP7z/freenet-investigations-ppt.pdf >>[2] Clearnet >>http://pastie.org/private/opjj1qtbbhkbkwif5mjhq > > Curious that the clearnet links are all inaccessable!? at least when I > tried. > Except [2] but that page links to a page that needs an account to logon. > > > ___ > Support mailing list > Support@freenetproject.org > http://news.gmane.org/gmane.network.freenet.support > Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support > Or mailto:support-requ...@freenetproject.org?subject=unsubscribe > ___ Support mailing list Support@freenetproject.org http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:support-requ...@freenetproject.org?subject=unsubscribe
Re: [freenet-support] Question regarding legal case
>These two files may be of assistance [0][1], and I believe the developer >volunteer by the name of ArneBab on FMS has posted a correction to the >math used by LEA in regards to their black ice project [2]. Maybe try >contacting them. > >[0] Clearnet >https://transfer.sh/WWpvv/freenet-investigations-white-paper-black-ice-090413-.pdf >[1] Clearnet >https://transfer.sh/rzP7z/freenet-investigations-ppt.pdf >[2] Clearnet >http://pastie.org/private/opjj1qtbbhkbkwif5mjhq Curious that the clearnet links are all inaccessable!? at least when I tried. Except [2] but that page links to a page that needs an account to logon.___ Support mailing list Support@freenetproject.org http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:support-requ...@freenetproject.org?subject=unsubscribe
Re: [freenet-support] Question regarding legal case
Hayley Rosenblum: > Hello, > I am a law intern at Rosenblum, Schwartz, Rogers, & Glass, P.C. in St. > Louis, MO. As a criminal defense firm, we have recently been hired for a > Possession of Child Pornography case. According to the police report , a > special investigator began running copies of Freenet that had been modified > for law enforcement to log the IP address, key, and date, and time of > requests that were sent to these law enforcement Freenet nodes which were > then compared to keys of known child pornography. The special investigator > observed an IP address routing/and or requesting suspected child > pornography file blocks. The special investigation noted that the number > and timing of the request was significant enough to indicate that the IP > address was the apparent original requester of the file. These two files may be of assistance [0][1], and I believe the developer volunteer by the name of ArneBab on FMS has posted a correction to the math used by LEA in regards to their black ice project [2]. Maybe try contacting them. > > We have doubts about the legitimacy of this based off some brief research > we have done on Freeness and how it works. Is there anyone I could contact > to discuss having a Freenet employee/specialist to review the search > warrant and police report and/or potentially hire as an expert witness. If > so, how much would you charge for that? > Due to Freenet being volunteer run we do not have any employees currently, you can maybe contact some of the core developers and see if they will be willing to do the work required to be an expert witness. I assume most do not live near the court house so they might ask for accommodations and financial compensation for the time they use not working their normal jobs. Outside of that I assume you can always donate to the Freenet project so we can hire an employee who then can be tasked with helping you. Clearnet Tor and Freenet links [0] Clearnet https://transfer.sh/WWpvv/freenet-investigations-white-paper-black-ice-090413-.pdf [0] Tor link http://jxm5d6emw5rknovg.onion/WWpvv/freenet-investigations-white-paper-black-ice-090413-.pdf [0] Frennet http://127.0.0.1:/CHK@NNYanp2t1gz12R12bg7Yct-SYOPTYvW2PNwids4vWz4,iqKClogwL6uLAFdxB6uxQQnA2ZNeyJ3hXW2sIJmx9aE,AAMC--8/Freenet%20Investigations%20White%20Paper%20-Black%20Ice%20%20%28090413%29.pdf [1] Tor Link http://jxm5d6emw5rknovg.onion/rzP7z/freenet-investigations-ppt.pdf [1] Clearnet https://transfer.sh/rzP7z/freenet-investigations-ppt.pdf [1] Freenet http://127.0.0.1:/CHK@a~ELucMCX0l9ZsnaT65b3U4wHFnQEAMTJvtNcPBPpi0,zldlhl2CRhOgrK6dQP1dNWtwMlNrchlb6Oc-Kucpc04,AAMC--8/Freenet_Investigations_PPT.pdf [2] Clearnet http://pastie.org/private/opjj1qtbbhkbkwif5mjhq [2] Freenet http://127.0.0.1:/SSK%40%2DjtTqLLTLaRaqqNx4Jq9Kxw5ejhGDxkeCdlDN9ckH1w%2Cd9Vg7c6m3QnsidlVyEMkxJB5e4XSrx8PZ4ahzY0nwoQ%2CAQACAAE/fms%7C2016%2D04%2D13%7CMessage%2D0?type=text/plain ___ Support mailing list Support@freenetproject.org http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:support-requ...@freenetproject.org?subject=unsubscribe
Re: [freenet-support] Question regarding legal case
On Mon, Jul 25, 2016, at 03:03 PM, Steve Dougherty wrote: > > Now addressing others on the list: I note an ethical dilemma here. It > may well be that the accused is guilty of the things they are accused > of, and invalidating this presumably-mistaken search warrant would > allow them to go free. That said, do we want to resist the application > of flawed statistics in prosecuting Freenet users? I'm leaning toward > probably. Selectively assisting in fighting search warrants that seem > invalid also seems unethical. Are we obligated to help? > This is a great ethical question and it's been answered a million times in courts. There is a reason you hear about bad guys going free on "technicalities" and it's not that the system is broken or corrupt. The system is designed with an important safeguard: It's better for a HUNDRED guilty people to go free than for ONE innocent person to go to jail. If the prosecutors are using flawed statistics or a misunderstanding of Freenet to send GUILTY people to jail, then there is going to come a time when they use those same flaws to send an INNOCENT person to jail. If you provide testimony that truthfully describes how Freenet works and that sets a guilty person free, that is not your fault. (Likewise, if cops were using Tarot cards or a Magic 8-ball to "prove" people were guilty, and someone provided the truth about Tarot cards and Magic 8- ball's, and that causes a guilty person to go free, consider it a good thing that the system has been FIXED and good innocent people aren't wrongly going to jail.) Those "technicalities" that the cops in TV shows seem to hate so much are carefully designed protections to make sure that the system errs on the side of protecting the innocent. You will sleep better at night knowing that you told the truth. Consider the alternative: If you are ONLY going to provide testimony in cases where the defendant is innocent, then you're going to have to determine who's guilty and innocent. [And if you can do that, we don't really need courts anymore, we can all just Ask Steve.] If you withhold testimony because the guy is a scumbag and he goes to jail on flawed statistics, and then you find out years later that he was innocent, you are going to feel a lot worse than if you found out that a guilty guy went free. Just tell the truth about how your software works. Whatever happens after that is at least done with everyone's eyes open instead of closed. But fucking charge for it. $300 an hour seems fair. FOSS authors have a right to get paid for their time, knowledge, and expertise. If a court needs to understand how your software works, you already did the world a favor by WRITING the software, you're not obligated to ALSO teach everyone how to use it, teach them how to read code or to teach them statistics that they should have learned in high school. Be sure you get WELL paid for your time. The EFF will back me up on everything I'm saying. This isn't about twisting my mustache with an evil laugh because I've figured out how to get away with being a bad guy. This is about freedom to use software to be anonymous - the crypto community has been trying for decades to get people to understand that good and bad people EACH have uses for tools like encryption, hammers, guns, and Freenet. Encryption and Anonymity doesn't mean your probably guilty. The Federalist Papers, for example, were published anonymously and provided the ideas that eventually grew into the US Constitution. You are on solid ethical and moral ground - and in good company - by telling the truth about how your software works. - Eric ___ Support mailing list Support@freenetproject.org http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:support-requ...@freenetproject.org?subject=unsubscribe
Re: [freenet-support] Question regarding legal case
Op 25 jul. 2016 22:03 schreef "Steve Dougherty": > Now addressing others on the list: I note an ethical dilemma here. It may well be that the accused is guilty of the things they are accused of, and invalidating this presumably-mistaken search warrant would allow them to go free. That said, do we want to resist the application of flawed statistics in prosecuting Freenet users? I'm leaning toward probably. Selectively assisting in fighting search warrants that seem invalid also seems unethical. Are we obligated to help? > I do think that at least morally, we are obligated to help in reviewing the technical legitimacy of relevant evidence against a user of Freenet. For myself I'd rather ignore what the bigger picture is in this case, but focus on the technicalities instead (such as possibly a case of a law enforcement agency misusing statistics on Freenet against one of the software's users). >From what I read from Hayley's message, this is exactly what has been requested so far. I am willing to assist any other volunteer in reviewing said technicalities, but I would not feel comfortable doing that on my own (for I am just another volunteer who does not necessarily know about every single aspect of Freenet). > > On Mon, Jul 25, 2016, 2:33 PM Hayley Rosenblum wrote: >> We have doubts about the legitimacy of this based off some brief research we have done on Freeness and how it works. Is there anyone I could contact to discuss having a Freenet employee/specialist to review the search warrant and police report and/or potentially hire as an expert witness. If so, how much would you charge for that? ___ Support mailing list Support@freenetproject.org http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:support-requ...@freenetproject.org?subject=unsubscribe
Re: [freenet-support] Question regarding legal case
Hi Hayley, To make sure it's clear, this is a publicly visible mailing list. I assume you've seen the news post about flawed surveillance techniques? https://freenetproject.org/news.html#20160526-htl18attack It goes over our understanding of attacks used by law enforcement and why they appear to be heavily fundamentally flawed. If we can help elaborate on parts of it please let us know. The attacks we are aware of included information about how far away the request probably originated; (Hops To Live - HTL) you didn't mention that, and without it the attack is even less accurate than the effectively entirely inaccurate thing it already is. As a non-profit organization running an open source project, we don't currently have employees, hence the lack of a phone number. You may be able to find someone in the community willing to participate; if this is the case I think it is we've been following it with interest for a while now. Could you please elaborate on what is involved in reviewing the search warrant, reviewing the police report, or being an expert witness? Would this be an attempt to invalidate the search and suppress evidence acquired with it? Now addressing others on the list: I note an ethical dilemma here. It may well be that the accused is guilty of the things they are accused of, and invalidating this presumably-mistaken search warrant would allow them to go free. That said, do we want to resist the application of flawed statistics in prosecuting Freenet users? I'm leaning toward probably. Selectively assisting in fighting search warrants that seem invalid also seems unethical. Are we obligated to help? - Steve On Mon, Jul 25, 2016, 2:33 PM Hayley Rosenblumwrote: > Hello, > I am a law intern at Rosenblum, Schwartz, Rogers, & Glass, P.C. in St. > Louis, MO. As a criminal defense firm, we have recently been hired for a > Possession of Child Pornography case. According to the police report , a > special investigator began running copies of Freenet that had been modified > for law enforcement to log the IP address, key, and date, and time of > requests that were sent to these law enforcement Freenet nodes which were > then compared to keys of known child pornography. The special investigator > observed an IP address routing/and or requesting suspected child > pornography file blocks. The special investigation noted that the number > and timing of the request was significant enough to indicate that the IP > address was the apparent original requester of the file. > > We have doubts about the legitimacy of this based off some brief research > we have done on Freeness and how it works. Is there anyone I could contact > to discuss having a Freenet employee/specialist to review the search > warrant and police report and/or potentially hire as an expert witness. If > so, how much would you charge for that? > > Any information or further contacts would be great. I didn’t see a phone > number on the website, so I figured i’d start with an email! > > Thank you, > > Hayley Rosenblum > Law Intern > Rosenblum, Schwartz, Rogers, & Glass P.C. > rsrglaw.com > hrose...@slu.edu > office: 314-862-4332 > ___ > Support mailing list > Support@freenetproject.org > http://news.gmane.org/gmane.network.freenet.support > Unsubscribe at > http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support > Or mailto:support-requ...@freenetproject.org?subject=unsubscribe ___ Support mailing list Support@freenetproject.org http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:support-requ...@freenetproject.org?subject=unsubscribe
Re: [freenet-support] Question about handling churn in FreeNet
On Wed, Jan 6, 2016 at 10:59 AM, Nawfal Abbassi Saberwrote: > Hi FreeNet, > > I'm doing a research about peer to peer file storage systems and i would > like to know if the system FreeNet has some mechanisms to deal with churn. > Short answer: yes, Freenet has mechanisms to deal with network churn I suppose you'd also like to learn something about those mechanism, so let me introduce you to the basic concepts. Most files on Freenet are stored with several layers of redundancy. 1. On the lowest level, for large files, Freenet uses segmentation with forward error correction to keep entire files available when some of their segments are unavailable on the network. 2. Freenet nodes store newly inserted data they consider to match their own location closely enough, so a single segment may end up stored on multiple nodes. 3. When a segment is retrieved, it will be cached by most of the nodes that relay the data to the requester. 4. After a large file is retrieved, some if its non-retrievable segments may with probability be recalculated and re-inserted by the requester, further restoring the reliability of the file. As for request routing, Freenet maintains a small-world network topology that allows for efficient routing. This topology can be maintained even under the presence of network churn. How this works depends on the particular mode of operation of Freenet, e.g. opennet vs. darknet, but it boils down to path folding and location swapping strategies. For more information, especially on the ongoing work of maintaining the network topology, please refer to the literature presented on the Freenet website [0]. Kind regards, Bert [0]: https://freenetproject.org/about.html#papers ___ Support mailing list Support@freenetproject.org http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:support-requ...@freenetproject.org?subject=unsubscribe
Re: [freenet-support] Question about freenet DHT
On Thursday 10 Feb 2011 12:42:25 Volodya wrote: On 02/10/2011 01:19 PM, Thomas Anderson wrote: I am very new to freenet. I read wiki[1] and some doc saying that freenet implements dht protocol. I am going to learn something about dht based on freenet, so I have a few questions. 1st, is it possible for a node (supposed it is located in a data center) querying to know if other nodes contain a specific data/ doc (maybe search by e.g. file name)? So the node who issues the query can, for instance, do a simple counting, such as how many nodes currently holds the filename called license.txt. 2nd, what would the right place (in source code) to start checking the dht related stuff? I check out the source code but do not find dht related comment or function. Also, freenet wiki search returns `no matches for dht'. I appreciate any advice. Thank you. [1]. Wikipedia. http://en.wikipedia.org/wiki/Distributed_hash_table#DHT_protocols_and_implementations That's not how Freenet works. Everything that is inserted in the global datastore is first encrypted and error correction is added, it also splits everything into 32K pieces each of which is inserted separately. Therefore it is impossible to search Freenet proper for DHT hash of the specific file. Because you only have pieces which are encrypted, and you don't know what they mean until you have enough of them and you have also the decryption key. Now if you do possess the decryption key, you could, on the Opennet, start connecting to people's nodes one at the time and send them requests for pieces that you know comprise that file. There's much more, maybe others will help you also. Right. Freenet is DHT-like but it's not a classic DHT. It's sort of vaguely a heuristic DHT. :) It also distributes files for swarming and redundancy, as VolodyA explained, and no, it doesn't provide a definitive this key must be on this node (although there are nodes where it should be stored), nor does it provide a probing operation that doesn't transfer the key. signature.asc Description: This is a digitally signed message part. ___ Support mailing list Support@freenetproject.org http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:support-requ...@freenetproject.org?subject=unsubscribe
Re: [freenet-support] Question about freenet DHT
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 02/10/2011 01:19 PM, Thomas Anderson wrote: I am very new to freenet. I read wiki[1] and some doc saying that freenet implements dht protocol. I am going to learn something about dht based on freenet, so I have a few questions. 1st, is it possible for a node (supposed it is located in a data center) querying to know if other nodes contain a specific data/ doc (maybe search by e.g. file name)? So the node who issues the query can, for instance, do a simple counting, such as how many nodes currently holds the filename called license.txt. 2nd, what would the right place (in source code) to start checking the dht related stuff? I check out the source code but do not find dht related comment or function. Also, freenet wiki search returns `no matches for dht'. I appreciate any advice. Thank you. [1]. Wikipedia. http://en.wikipedia.org/wiki/Distributed_hash_table#DHT_protocols_and_implementations That's not how Freenet works. Everything that is inserted in the global datastore is first encrypted and error correction is added, it also splits everything into 32K pieces each of which is inserted separately. Therefore it is impossible to search Freenet proper for DHT hash of the specific file. Because you only have pieces which are encrypted, and you don't know what they mean until you have enough of them and you have also the decryption key. Now if you do possess the decryption key, you could, on the Opennet, start connecting to people's nodes one at the time and send them requests for pieces that you know comprise that file. There's much more, maybe others will help you also. - volodya - -- http://freedom.libsyn.com/ Echo of Freedom, Radical Podcast None of us are free until all of us are free.~ Mihail Bakunin -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBAgAGBQJNU90oAAoJENW9VI+wmYasfIgH/3vlQUd2dg8ODm4f6SURDjfG /bDRwjNHnkRsWBvYAT8fTno8wDem++IPLWSBUGcU8IzCgfXKHTy9W/1ebhKJ2bQG QHBs4qOtSxGtgwi1wQ8SQweUkcp++16ViLxQm/waULIeDE8tfxSTT1aWdvV0fd+S Tz4dY7jjvPa/b6AQ0YABF8z7FMOBNGYcXTJrHDveGCQeTAuVcXMSUBbauiGq4VoS jqoinmr92f8BlhcVL/0pv9RmQkFbud51F2rflLes13aZ/nGwh4uT0kStz2fiZwHJ yJFcBVDhUnXnMQJSItSr7TbcrVSGkiUHaUzkuEh8kpaj+sE7hR/o3VhBLVHqX+4= =lUj2 -END PGP SIGNATURE- ___ Support mailing list Support@freenetproject.org http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:support-requ...@freenetproject.org?subject=unsubscribe
Re: [freenet-support] Question About Anonymity
I hope this is the right forum to do this on but I'm trying to see what freenet offers in the way of privacy/anonymity. I've been exploring Tor for sometime which seems to have an incredible system of security via the circuit. The only 2 vulnerabilities that I see being: bad exit nodes that try to scam off insecure packets; a group owning several nodes in a circuit that can figure out who is requesting what. There are no 'exit nodes' like in Tor or I2P, Freenet is self-containing network. The latter concern is known but there are people more knowledgeable, who should explain what is done with that. That said, I'm trying to see what freenet is and is not in comparison. As far as I can see, it provides anonymity in retrieving content because of the use of the storage space on the computer. Posting freesites would also seem somewhat anonymous but a little bird in my ear brings back memories of forces such as the RIAA being able to tell which computer originated a mp3 and thus I wonder if the same would be for freesites. Freenet is not only anonymous, it's also censorship resistant. This means that if you were to publish a freesite, it could not be taken down (even by yourself). Also Freesites are somewhat better than eepsites or .onion sites, since correlation attacks are much harder. You should inspect html that you insert before inserting it, as some website creation software helps you out by adding useful things like comments of the name of the creator, etc. In uploading and downloading a freesite, there appears to be a key encryptor and a key reader (similar to PGP). What kind of methodology do we use to get these keys (i.e. SHA1, MD5, PGP etc)? Mainly, I want to be aware of these methodologies as things such as MD5 are later exposed to have a weaknesses that appears through the progress of time. Lastly, some more general questions that I have about freesites and the overall setup of freenet. I read that a freesite can't have javascript. Is the javascript stripped out upon upload or how is this done? It is stripped out by freenet before presenting the page in the browser. If for some reason you need to see the html as it appears before that you can append ?type=text/plain at the end of the url, that works because FProxy does nothing to the plain text document. I currently have 0 trusted people so I'm therefore testing freenet more as an open-net (?). How is this insecure? This may go back to one of my previous questions on anonymity. This makes it easier for a powerful enough attacker to connect to you. This also exposes you to the world as somebody who uses Freenet (even if they will have much harder time figuring out why). In a darknet, do the nodes actually know who is posting the content (i.e. obviously they were added but I'm talking about the computer) or is that somehow encrypted (i.e. they are only able to read things encrypted by a particular key. So if I have 5 keys for 5 different freesites, people can only read the freesites that they have a key for)? Each key has 2 parts, separated by comma, routing part is what your node uses to request the content from its neighbours, and decryption part for actually then reading the content, when you simply pass on the request from one of your peers to another you do not know the decryption key. Thus somebody has to already know what the content is in order to decrypt it. There are KSK keys where the name of the file is the decryption key. Sorry if these are stupid questions covered somewhere but I'm just trying to get specific questions answered. I'm sure I'll have more. LOL Thanks, Chris If you have Freenet actually running, you might want to set up FMS and ask on 'freenet' board. There will be more people replying there. -- http://freedom.libsyn.com/ Voice of Freedom, Radical Podcast http://eng.anarchopedia.org/ Anarchopedia, A Free Knowledge Portal None of us are free until all of us are free.~ Mihail Bakunin ___ Support mailing list Support@freenetproject.org http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED]
Re: [freenet-support] Question.7
On Thu, Sep 22, 2005 at 05:48:37PM -0400, Juiceman wrote: Wasn't there an idea to have a separate encrypted user store with a key that is only in ram? When a person turns off their node or computer the user store is essentially unreadable and would be erased on next start-up? Locally requested content would only be kept there. Sure. This will help. We might support HTL 0 requests/inserts but have them only go to the client cache. Or we might overload it so that that was HTL=3D-1, and HTL=3D0 goes to the client cache and then the store, but is not routed. I was under the impression, that *every* answer to a request initiated by the node would be stored in the client cache with a one-time-memory-only-key. Other passing DataFounds would be stored as usual in the normal data store. Who's wrong here? ___ Support mailing list Support@freenetproject.org http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED]
Re: [freenet-support] Question.7
No, but it might not cache it in the first place if it's the result of a local request. This is to beat the Register attack. Unfortunately it means that you are highly vulnerable to your immediate neighbours. It is possible to increase the effort needed to break your anonymity somewhat at the cost of performance. On Thu, Sep 22, 2005 at 10:16:02AM +0100, Volodya Mozhenkov wrote: I have heard somewhere that in the 0.7 your node might chose not to give a block that it has, in order to protect the anonymity. Is that true? If so will that also apply at HTL=0? -- Matthew J Toseland - [EMAIL PROTECTED] Freenet Project Official Codemonkey - http://freenetproject.org/ ICTHUS - Nothing is impossible. Our Boss says so. signature.asc Description: Digital signature ___ Support mailing list Support@freenetproject.org http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED]
Re: [freenet-support] Question.7
Matthew Toseland wrote: No, but it might not cache it in the first place if it's the result of a local request. This is to beat the Register attack. Unfortunately it means that you are highly vulnerable to your immediate neighbours. It is possible to increase the effort needed to break your anonymity somewhat at the cost of performance. On Thu, Sep 22, 2005 at 10:16:02AM +0100, Volodya Mozhenkov wrote: I have heard somewhere that in the 0.7 your node might chose not to give a block that it has, in order to protect the anonymity. Is that true? If so will that also apply at HTL=0? Well, not necessarily. Here is one way to approach the problem: 1. Increase the probability of a forced decreace of HTL in the range of 15-25. 2. Keep it the same for 5-14 3. Actually have a larger chance of increase of HTL between 1-5. Pseudocode: If DATAINLOCALSTORE Then Return DATA If HTL 25 Then HTL = 25 If HTL =25 AND HTL =15 Then If RANDOMNUMBER 0.9 Then HTL = HTL-2 Elseif RANDOMNUMBER 0.7 Then HTL = HTL-1 End If If HTL =1 AND HTL =5 Then If RANDOMNUMBER 0.9 Then HTL = HTL+2 Elseif RANDOMNUMBER 0.7 Then HTL = HTL+1 End If Return GETDATA(HTL-1) :End Pseudocode As far as i understand it such thing already exists, i'm just saying that if you play around with numbers you make HTL=1 attack useless (since there is 30% chance that the request was passed to another node, and about 15% chance that it was passed to more than one). Of course if you make the numbers too large you risk requests going on forever (or nearly so). -- === Contact details: Alt e-mail: [EMAIL PROTECTED] ICQ: 253627744 Frost: VolodyA! V [EMAIL PROTECTED] pm4pigs: VolodyA! V [EMAIL PROTECTED],5T0rxHZ7rar4uOtnHlSY5A Forum: ethical_anarhist on www.kingstonuniversity.org Please visit http://www.whengendarmesleeps.org/ When Gendarme Sleeps - Anarchy's Zine of Poetry None of us are free until all of us are free. ~ Mihail Bakunin ___ Support mailing list Support@freenetproject.org http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED]
Re: [freenet-support] Question.7
That's not the point. We already intend to make HTL=0 attacks infeasible, and they go well beyond datastore probing (think social engineering with NIM forms, Frost posts; put a different KSK/SSK on each node). The point is, you can still time it, and there's no real way to beat timing attacks in this area. On Thu, Sep 22, 2005 at 01:38:10PM +0100, Volodya Mozhenkov wrote: Matthew Toseland wrote: No, but it might not cache it in the first place if it's the result of a local request. This is to beat the Register attack. Unfortunately it means that you are highly vulnerable to your immediate neighbours. It is possible to increase the effort needed to break your anonymity somewhat at the cost of performance. On Thu, Sep 22, 2005 at 10:16:02AM +0100, Volodya Mozhenkov wrote: I have heard somewhere that in the 0.7 your node might chose not to give a block that it has, in order to protect the anonymity. Is that true? If so will that also apply at HTL=0? Well, not necessarily. Here is one way to approach the problem: 1. Increase the probability of a forced decreace of HTL in the range of 15-25. 2. Keep it the same for 5-14 3. Actually have a larger chance of increase of HTL between 1-5. Pseudocode: If DATAINLOCALSTORE Then Return DATA If HTL 25 Then HTL = 25 If HTL =25 AND HTL =15 Then If RANDOMNUMBER 0.9 Then HTL = HTL-2 Elseif RANDOMNUMBER 0.7 Then HTL = HTL-1 End If If HTL =1 AND HTL =5 Then If RANDOMNUMBER 0.9 Then HTL = HTL+2 Elseif RANDOMNUMBER 0.7 Then HTL = HTL+1 End If Return GETDATA(HTL-1) :End Pseudocode As far as i understand it such thing already exists, i'm just saying that if you play around with numbers you make HTL=1 attack useless (since there is 30% chance that the request was passed to another node, and about 15% chance that it was passed to more than one). Of course if you make the numbers too large you risk requests going on forever (or nearly so). -- === Contact details: Alt e-mail: [EMAIL PROTECTED] ICQ: 253627744 Frost: VolodyA! V [EMAIL PROTECTED] pm4pigs: VolodyA! V [EMAIL PROTECTED],5T0rxHZ7rar4uOtnHlSY5A Forum: ethical_anarhist on www.kingstonuniversity.org Please visit http://www.whengendarmesleeps.org/ When Gendarme Sleeps - Anarchy's Zine of Poetry None of us are free until all of us are free. ~ Mihail Bakunin ___ Support mailing list Support@freenetproject.org http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED] -- Matthew J Toseland - [EMAIL PROTECTED] Freenet Project Official Codemonkey - http://freenetproject.org/ ICTHUS - Nothing is impossible. Our Boss says so. signature.asc Description: Digital signature ___ Support mailing list Support@freenetproject.org http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED]
Re: [freenet-support] Question.7
On Thu, Sep 22, 2005 at 10:39:33PM +0100, Volodya Mozhenkov wrote: Matthew Toseland wrote: That's not the point. We already intend to make HTL=0 attacks infeasible, and they go well beyond datastore probing (think social engineering with NIM forms, Frost posts; put a different KSK/SSK on each node). The point is, you can still time it, and there's no real way to beat timing attacks in this area. I'm getting lost once again. First i don't understand why that is not the point, since if you simply not cache the data if it was requested locally, then if it somehow can be proven that your node has requested the block, and it is not in the datastore, then you were the requester; that compromises anonymity, not increases it. Second, i don't see what you have meant by the social engineering with nim/frost. If they bust your node and get your store, or even if they can probe it, then they can prove what you've been downloading, with some degree of confidence (because you have *all of it*). This is the Register attack. This is what not caching locally requested files is working against. -- Matthew J Toseland - [EMAIL PROTECTED] Freenet Project Official Codemonkey - http://freenetproject.org/ ICTHUS - Nothing is impossible. Our Boss says so. signature.asc Description: Digital signature ___ Support mailing list Support@freenetproject.org http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED]
Re: [freenet-support] Question.7
Wasn't there an idea to have a separate encrypted user store with a key that is only in ram? When a person turns off their node or computer the user store is essentially unreadable and would be erased on next start-up? Locally requested content would only be kept there. On 9/22/05, Matthew Toseland [EMAIL PROTECTED] wrote: On Thu, Sep 22, 2005 at 10:39:33PM +0100, Volodya Mozhenkov wrote: Matthew Toseland wrote: That's not the point. We already intend to make HTL=0 attacks infeasible, and they go well beyond datastore probing (think social engineering with NIM forms, Frost posts; put a different KSK/SSK on each node). The point is, you can still time it, and there's no real way to beat timing attacks in this area. I'm getting lost once again. First i don't understand why that is not the point, since if you simply not cache the data if it was requested locally, then if it somehow can be proven that your node has requested the block, and it is not in the datastore, then you were the requester; that compromises anonymity, not increases it. Second, i don't see what you have meant by the social engineering with nim/frost. If they bust your node and get your store, or even if they can probe it, then they can prove what you've been downloading, with some degree of confidence (because you have *all of it*). This is the Register attack. This is what not caching locally requested files is working against. -- Matthew J Toseland - [EMAIL PROTECTED] Freenet Project Official Codemonkey - http://freenetproject.org/ ICTHUS - Nothing is impossible. Our Boss says so. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFDMyVjHzsuOmVUoi0RAqZsAJ0Rb/rJzgZ8HKYaESAFSAcJMS7COQCeLrp2 pDugYQwgz0ePU/SiEtskKyw= =rcwT -END PGP SIGNATURE- ___ Support mailing list Support@freenetproject.org http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED] -- I may disagree with what you have to say, but I shall defend, to the death, your right to say it. - Voltaire ___ Support mailing list Support@freenetproject.org http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED]
Re: [freenet-support] Question.7
On Thu, Sep 22, 2005 at 05:48:37PM -0400, Juiceman wrote: Wasn't there an idea to have a separate encrypted user store with a key that is only in ram? When a person turns off their node or computer the user store is essentially unreadable and would be erased on next start-up? Locally requested content would only be kept there. Sure. This will help. We might support HTL 0 requests/inserts but have them only go to the client cache. Or we might overload it so that that was HTL=-1, and HTL=0 goes to the client cache and then the store, but is not routed. On 9/22/05, Matthew Toseland [EMAIL PROTECTED] wrote: On Thu, Sep 22, 2005 at 10:39:33PM +0100, Volodya Mozhenkov wrote: Matthew Toseland wrote: That's not the point. We already intend to make HTL=0 attacks infeasible, and they go well beyond datastore probing (think social engineering with NIM forms, Frost posts; put a different KSK/SSK on each node). The point is, you can still time it, and there's no real way to beat timing attacks in this area. I'm getting lost once again. First i don't understand why that is not the point, since if you simply not cache the data if it was requested locally, then if it somehow can be proven that your node has requested the block, and it is not in the datastore, then you were the requester; that compromises anonymity, not increases it. Second, i don't see what you have meant by the social engineering with nim/frost. If they bust your node and get your store, or even if they can probe it, then they can prove what you've been downloading, with some degree of confidence (because you have *all of it*). This is the Register attack. This is what not caching locally requested files is working against. -- Matthew J Toseland - [EMAIL PROTECTED] Freenet Project Official Codemonkey - http://freenetproject.org/ ICTHUS - Nothing is impossible. Our Boss says so. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFDMyVjHzsuOmVUoi0RAqZsAJ0Rb/rJzgZ8HKYaESAFSAcJMS7COQCeLrp2 pDugYQwgz0ePU/SiEtskKyw= =rcwT -END PGP SIGNATURE- ___ Support mailing list Support@freenetproject.org http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED] -- I may disagree with what you have to say, but I shall defend, to the death, your right to say it. - Voltaire ___ Support mailing list Support@freenetproject.org http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED] -- Matthew J Toseland - [EMAIL PROTECTED] Freenet Project Official Codemonkey - http://freenetproject.org/ ICTHUS - Nothing is impossible. Our Boss says so. signature.asc Description: Digital signature ___ Support mailing list Support@freenetproject.org http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED]
Re: [freenet-support] Question about the bunny app
The answer would be no, as far as I can tell. Supposedly there was going to be another line added into the flaunch.ini that would let you send parameters to java to startup Freenet with, however there does not seem to be any at this time. The current workaround is: 1. Start Freenet directly through the command line, without the bunny icon. you'd do something like: javaw -server -Xmx256m -jar freenet.jar 2. Change how your Java starts by default so that it will *always* try to start in server mode before it tries client mode. You can do this by editing your jvm.cfg file make sure -server KNOWN comes before -client KNOWN (you'll just need to rearrange them). The file is in your Java Runtime directly..mines is in the jre\lib\i386 folder. If you're using Sun Java, remember you need to have the SDK version to be able to run Java in server mode. Enjoy! - Original Message - From: Someone [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, August 05, 2004 10:59 AM Subject: [freenet-support] Question about the bunny app Is it possible to add additional commandline parameters to the flaunch.ini that is used by the bunny app to start freenet. So I can for ex. add the server switch for java to it instead of starting freenet via a batch file? It's nothing important, just something that might be usefull. ___ Support mailing list [EMAIL PROTECTED] http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED] ___ Support mailing list [EMAIL PROTECTED] http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED]
RE: [freenet-support] Question re: accessing my Freenet node fromanother computer
I had no trouble getting the firewall to do the appropriate port forwarding to the server. Here's the problem. When I sit at my Linux server, fire up Mozilla, and go to http://127.0.0.1:/ or http://192.168.1.10:/ Freenet works just fine. When I sit at my laptop and try http://192.168.1.10:/ nothing happens. My freenet.conf file includes mainport.allowedHosts=* mainport.bindAddress=* which I thought would allow me to browse my Freenet node from another computer. What do I need to do to get this to work? Hmmm.. That ought to do it.. If you spawn a standard apache on the linux machine, can your 10.* machines access pages from it successfully? If not, then I think this is a TCP/IP routing issue... Do the test and we'll talk more it this is the issue. If they can.. Then I suggest that you crank up the loglevel on your freenet server and track what really happens when your 10.* machines tries to request something from http://192.168.1.10:/ Cheers /N ___ Support mailing list [EMAIL PROTECTED] http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED]
Re: [freenet-support] Question on IPNetRouter for Macintosh
Toad wrote: On Tue, Nov 18, 2003 at 02:45:27PM +0100, Jan wrote: [...] Guess I need to leave Freenet running in hope of better times. When there will be a Mac OS9 version, perhaps. Technically you can run it on OS/9... you need a 1.4 JDK, and a command line, though. I don't have a mac to try it on. A java version with CLI, hmmm. I guess that's stretching my capacities too much. I've got that ugly box.. PC, I mean, anyway. Thx for the reply. -- Jan ___ Support mailing list [EMAIL PROTECTED] http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support
Re: [freenet-support] Question on IPNetRouter for Macintosh
On Tue, Nov 18, 2003 at 02:45:27PM +0100, Jan wrote: Hi, Just checking if I filled out the Port Mapping right. I have Freenet running on a win98 PC behind the IPNR router/firewall. Yeah, I know 98 isn't recommended, w98, w2k and xp just don't play well together on this box. In the Port Mapping window I added a line: Protocol: TCP Apparent Endpoint: my outside IP#:Freenet port# Actual Endpoint: 192.168.0.2:Freenet port# Flags: P S (Permanent and Static) I find the IPNR documentation pretty confusing, probably because I don't understand much of networking. So if anyone can say the above is okay, I can sleep again g. Freenet does work be it very badly. Lately I also don't get past the warning page but that has been better, I've seen a couple of sites. Fuqid has managed to get a few files, Freenet Message Board starts up but doesn't show a single message, Frost idem dito. Guess I need to leave Freenet running in hope of better times. When there will be a Mac OS9 version, perhaps. Technically you can run it on OS/9... you need a 1.4 JDK, and a command line, though. I don't have a mac to try it on. Thanks for any answer. -- groet! jan -- Matthew J Toseland - [EMAIL PROTECTED] Freenet Project Official Codemonkey - http://freenetproject.org/ ICTHUS - Nothing is impossible. Our Boss says so. signature.asc Description: Digital signature ___ Support mailing list [EMAIL PROTECTED] http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support
Re: [freenet-support] Question
On Thursday 06 November 2003 01:39 am, Kyle Weigel wrote: | I run a server, and I donate space to freenet and all that fun stuff, | but I was wondering if I could post something on MY donated space.. and | I know it's there, but give the link to people just like I would link to | anything else on Freenet. I know one of the points is that no one knows | where data is, but I want to be able to have people download/view from | my server without them knowing where my server resides. What is the advantage to that? Does it just give you warm fuzzies to know that they are getting your data from your server or are you trying to avoid the time involved in inserting data in the usual way? As suggested by somebody else, if it's the the latter, then using Frost to make it available might be your best bet, but of course only Frost users can find it then, so it's not open the entirety of freenet. Before even the Frost users can get it, though, Frost has to insert it in the usual way, so the users still won't be pulling the bits directly off your node, and it's entirely possible that none of it will actually be in *your* freenet store. (Frost will insert it into freenet directly from your regular file location, not from the freenet store.) ___ Support mailing list [EMAIL PROTECTED] http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support
Re: [freenet-support] Question
Kyle Weigel [EMAIL PROTECTED] writes: I run a server, and I donate space to freenet and all that fun stuff, but I was wondering if I could post something on MY donated space.. and I know it's there, but give the link to people just like I would link to anything else on Freenet. I know one of the points is that no one knows where data is, but I want to be able to have people download/view from my server without them knowing where my server resides. Kyle Weigel Sorry, freenet isn't the system you're looking for if you want reliable hosting. The network has to be able to put the data on the nodes it'll look for it on. If you have data on your node, and noone knows about it, it's a waste of space. Thelema. -- E-mail: [EMAIL PROTECTED]Raabu and Piisu GPG 1024D/36352AAB fpr:756D F615 B4F3 BFFC 02C7 84B7 D8D7 6ECE 3635 2AAB ___ Support mailing list [EMAIL PROTECTED] http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support
Re: [freenet-support] Question
Aconfig item that is commented out will be set to a default. That item defaults to NGR. Dave - Original Message - From: John To: [EMAIL PROTECTED] Sent: Wednesday, November 05, 2003 10:24 PM Subject: [freenet-support] Question In the NGR installation instructions, there is the following line which I'm not sure aboutI've just installed the latest build (never used this program before, hence a newbie) and don't have a freenet.conf file, but do have a freenet.ini file.In this freenet.ini file, there is a line that starts "routingTableImpl=NGR" but surely I shouldn't # this out, should I ?If there is a line in your freenet.conf or freenet.ini file starting with "routingTableImpl" delete it or comment it out by prepending a '#'. ___Support mailing list[EMAIL PROTECTED]http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support ___ Support mailing list [EMAIL PROTECTED] http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support
Re: [freenet-support] Question 2
The seednodes file is only needed when you start freenet the first time. After that it will load the nodes that it has learned. You'll only need it again if your routingtables become corrupted. Dave - Original Message - From: John [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, November 05, 2003 10:48 PM Subject: [freenet-support] Question 2 Daily, when I download the most recent unstable build (to overwrite freenet.jar), should I also be downloading and overwriting the seednodes.ref file? ___ Support mailing list [EMAIL PROTECTED] http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support ___ Support mailing list [EMAIL PROTECTED] http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support
RE: [freenet-support] question
FreenetJview.zip is a package with the setup files set to work with microsoft version of Java. The interface has been translated into Chinese. It can run off a floppy. It can be downloaded from http://freenet-china.org/freenet/download -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of wu Sent: Monday, May 14, 2001 3:48 PM To: [EMAIL PROTECTED] Subject: [freenet-support] question Dear sir: Where has The FreenetJview.zip for downloading? ___ Support mailing list [EMAIL PROTECTED] http://lists.freenetproject.org/mailman/listinfo/support