Re: [freenet-support] Building a new censorship circumvention tool: what do we need to know?

2017-02-21 Thread Ivan Vilata-i-Balaguer
Arne Babenhauserheide (2017-02-20 22:12:59 +0100) wrote:

> Hi Ivan, Dear eQualit.ie Hackers,
> 
> Aside from the web-apps part, Freenet can already provide everything
> you asked for.

Hi Arne, thanks for the insights and the links.  Please note that the
current CENO project is actually using Freenet as a signalling and
storage backend!`:)`

> Ivan Vilata-i-Balaguer  writes:
> >   1. Content is available under censorship conditions, ideally even
> >  after connection to the Internet has been completely cut for a
> >  whole region.
> 
> If you still have IP-based connections to people inside the region, this
> is the case, if you run a specialized darknet within that region (so
> content only gets replicated within the regional net).
> 
> There are already tools to make automatic Freenet connections. Talk to
> Michael Grube (thesnark).
> 
> For auto-spawning Freenet nodes when an application is started, see
> https://github.com/ArneBab/lib-pyFreenet-staging/blob/py3/freenet3/spawn.py
> 
> For communication with sub-5-minute latency from external programs, see
> https://github.com/ArneBab/lib-pyFreenet-staging/blob/py3/babcom.py
> 
> (I submitted a project plan for improving this to NLnet which shows what
>  would have to be done for an uncensorable and attack resistant
>  news-network. It got into the short-list but wasn’t selected for
>  funding: http://www.draketo.de/english/freenet/news-of-the-day )

That looks like a very interesting system!  CENO already includes some
RSS feeds from selected sites, I'm not sure how this would aling with
the particular requirement (we were focusing more in web sites), but
it's without doubt an innovative approach.  Thanks for sharing it!

> >   2. Censored content is made available within a reasonable time.
> 
> Just ask someone to run
> 
> copyweb -d  ; freesitemgr add 
> 
> Or integrate that functionality into a program. You might want to use
> beautifulsoup to clean up the code for the Freenet content filter, i.e.:
> http://127.0.0.1:/freenet:USK@0iU87PXyodL2nm6kCpmYntsteViIbMwlJE~wlqIVvZ0,nenxGvjXDElX5RIZxMvwSnOtRzUKJYjoXEDgkhY6Ljw,AQACAAE/freenetproject-mirror/491/update.sh?type=text/plain

CENO currently uses [bundler](https://github.com/equalitie/bundler),
which does a similar task.  Thanks for the hints!

> >   3. Access to censored dynamic content (i.e. web apps) is possible.
> 
> That’s a hard one. You’d need to remodel the web apps to use Freenet as
> backend instead of the clearnet.
> 
> I do not think that it is possible at all to provide anything which uses
> Javascript and at the same time preserve the anonymity of your users.

Yeah, that's a hard one, that's why we may probably end up combining
several tools.

> >   4. The system benefits from the user's participation, and is resistant
> >  to participants dropping off and to rogue nodes in the hands of the
> >  censor.
> 
> Resilient yes, for absolute resistance, you need to replicate
> everything, which limits the amount of data you can provide.
> 
> >   5. Users of the system are anonymous to someone observing their
> >  traffic, even if that someone is a participant in the system.
> 
> Jepp. A weak yes for automatic connections, a strong yes, if they
> connect to people they know.
> 
> >   6. Users' devices don't reveal the content that they or other users
> >  have accessed.
> 
> Jepp (as long as you use a separate browser in incognito mode).
> 
> >   7. The system is amenable to privacy-preserving analytics to check its
> >  impact.
> 
> Jepp.
> 
> i.e. http://asksteved.com/stats/2 — though it’s currently in sleep mode,
> there’s a new site for that in Freenet: 
> http://127.0.0.1:/USK@2zwBwyJeZnkbqH0N7WZXp6BQqR1Ys85rkthOFvfXOts,HIouq2elJyNt9VIsFfYbYmtvinOEeeY3LAAKVUqiSXo,AQACAAE/YAFS/175/

Wow, these a very useful links, thanks!

> […] PS: I’m only a few more hours away from being able to do proper
> Freenet releases, so we can finally deploy improvements to the
> freenet core again.

Cool, good luck with that, and thanks again for the very informative
reply!

-- 
Ivan Vilata i Balaguer
___
Support mailing list
Support@freenetproject.org
http://news.gmane.org/gmane.network.freenet.support
Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support
Or mailto:support-requ...@freenetproject.org?subject=unsubscribe

Re: [freenet-support] Building a new censorship circumvention tool: what do we need to know?

2017-02-21 Thread Ivan Vilata-i-Balaguer
Hi, thanks for your advice!  Maybe I should have mentioned that the
current version of the project does use Freenet for signalling and
storage, so we already enjoy these features from Freenet.  The harder
part will surely be dynamic or user-dependent content, along maybe
privacy-preserving statistics, so we may en up combining several tools.

Regarding content availability, we were more focused in replicated
content (as with Freenet), but we got a couple suggestions regarding
mesh networking.  That's a more ambitious solution, but we may give some
thought to it.

Thank you!

Freenet (2017-02-21 07:46:00 +) wrote:

> Ivan Vilata-i-Balaguer:
> > 
> >   1. Content is available under censorship conditions, ideally even
> >  after connection to the Internet has been completely cut for a
> >  whole region.
> 
> Try http://project-byzantium.org/ for inspiration. Maybe also
> https://github.com/cjdelisle/cjdns. Freenet can use ShoeShop to move
> fblobs via sneakernet.
> 
> >   2. Censored content is made available within a reasonable time.
> 
> FLIP (Freenet's IRC) has RTT of about 45 seconds.
> 
> >   3. Access to censored dynamic content (i.e. web apps) is possible.
> 
> Userscripts can give JavaScript, but any Turing complete code will be an
> issue to secure.
> 
> >   4. The system benefits from the user's participation, and is resistant
> >  to participants dropping off and to rogue nodes in the hands of the
> >  censor.
> 
> Freenet does this.
> 
> >   5. Users of the system are anonymous to someone observing their
> >  traffic, even if that someone is a participant in the system.
> 
> Freenet mostly does this. Darknet protects against currently known attacks.
> 
> >   6. Users' devices don't reveal the content that they or other users
> >  have accessed.
> 
> Set up something like https://tails.boum.org/
> 
> >   7. The system is amenable to privacy-preserving analytics to check its
> >  impact.
> 
> There are a couple projects that monitor the state of Freenet.

-- 
Ivan Vilata i Balaguer
___
Support mailing list
Support@freenetproject.org
http://news.gmane.org/gmane.network.freenet.support
Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support
Or mailto:support-requ...@freenetproject.org?subject=unsubscribe

Re: [freenet-support] Building a new censorship circumvention tool: what do we need to know?

2017-02-21 Thread Ivan Vilata-i-Balaguer
Robert John Morton (2017-02-20 08:19:36 -0300) wrote:

> Dear CENO team:
> 
> An extremely worth-while and timely project. I wish you well.
> 
> I think that the deliberate exclusion of sites from popular search engine
> listings is one of the worst forms of censorship on the Web. Perhaps the
> only way to combat this is to create a search engine that has no commercial
> or political motives behind it: an "open source" search engine if you like.
> But it would have to be made popular and that's the difficult part.
> 
> More determined censoring, I suppose, is where a particular government
> blocks content at specific IP addresses from entering its jurisdiction. I
> imagine that a set of obscured relays could manage this by making censored
> content available via unblocked addresses. This could, however, end up as a
> cat and mouse chase in which the content consumer would have to be able to
> hop quickly to ever-changing unblocked IP addresses.
> 
> Many difficult problems but well worth overcoming.

Thanks for your reply, Robert.  The search engine issue is one aspect I
hadn't reflected upon, and it may indeed have very broad consequences
given the way the web is used nowadays.

Thanks again for your comments!

-- 
Ivan Vilata i Balaguer
___
Support mailing list
Support@freenetproject.org
http://news.gmane.org/gmane.network.freenet.support
Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support
Or mailto:support-requ...@freenetproject.org?subject=unsubscribe

Re: [freenet-support] Building a new censorship circumvention tool: what do we need to know?

2017-02-21 Thread Arne Babenhauserheide
Hi Ivan,

Ivan Vilata-i-Balaguer writes:
> Hi Arne, thanks for the insights and the links.  Please note that the
> current CENO project is actually using Freenet as a signalling and
> storage backend!`:)`

It’s great to know that this is still the case!

>> (I submitted a project plan for improving this to NLnet which shows what
>>  would have to be done for an uncensorable and attack resistant
>>  news-network. It got into the short-list but wasn’t selected for
>>  funding: http://www.draketo.de/english/freenet/news-of-the-day )
>
> That looks like a very interesting system!  CENO already includes some
> RSS feeds from selected sites, I'm not sure how this would aling with
> the particular requirement (we were focusing more in web sites), but
> it's without doubt an innovative approach.  Thanks for sharing it!

I’d have liked to finish it faster, but that requires about 10k€ to
finance the required WoT speedups (WoT interaction is what currently
slows down the system the most).

>> >   2. Censored content is made available within a reasonable time.
>> 
>> Just ask someone to run
>> 
>> copyweb -d  ; freesitemgr add 
>> 
>> Or integrate that functionality into a program. You might want to use
>> beautifulsoup to clean up the code for the Freenet content filter, i.e.:
>> http://127.0.0.1:/freenet:USK@0iU87PXyodL2nm6kCpmYntsteViIbMwlJE~wlqIVvZ0,nenxGvjXDElX5RIZxMvwSnOtRzUKJYjoXEDgkhY6Ljw,AQACAAE/freenetproject-mirror/491/update.sh?type=text/plain
>
> CENO currently uses [bundler](https://github.com/equalitie/bundler),
> which does a similar task.  Thanks for the hints!

Do I remember correctly that the bundler replicates the site as is —
with all its dangers to privacy? (Freenet provides heavy whitelist
filtering to protect its users from uploaded content).

>> >   3. Access to censored dynamic content (i.e. web apps) is possible.
>> 
>> That’s a hard one. You’d need to remodel the web apps to use Freenet as
>> backend instead of the clearnet.
>> 
>> I do not think that it is possible at all to provide anything which uses
>> Javascript and at the same time preserve the anonymity of your users.
>
> Yeah, that's a hard one, that's why we may probably end up combining
> several tools.

You could even go as far as simply re-developing popular tools on top of
Freenet as locally running tools. That might turn out to be easier than
trying to secure javascript.

> Wow, these a very useful links, thanks!

We should communicate more often.

>> […] PS: I’m only a few more hours away from being able to do proper
>> Freenet releases, so we can finally deploy improvements to the
>> freenet core again.
>
> Cool, good luck with that, and thanks again for the very informative
> reply!

Good luck to you, too! And Happy Hacking!
- Arne
___
Support mailing list
Support@freenetproject.org
http://news.gmane.org/gmane.network.freenet.support
Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support
Or mailto:support-requ...@freenetproject.org?subject=unsubscribe

Re: [freenet-support] Building a new censorship circumvention tool: what do we need to know?

2017-02-21 Thread Arne Babenhauserheide

Ivan Vilata-i-Balaguer writes:

> Robert John Morton (2017-02-20 08:19:36 -0300) wrote:
>
>> Dear CENO team:
>> 
>> An extremely worth-while and timely project. I wish you well.
>> 
>> I think that the deliberate exclusion of sites from popular search engine
>> listings is one of the worst forms of censorship on the Web. Perhaps the
>> only way to combat this is to create a search engine that has no commercial
>> or political motives behind it: an "open source" search engine if you like.
>> But it would have to be made popular and that's the difficult part.

You could use YaCy for that: http://www.yacy.net

Best wishes,
Arne
___
Support mailing list
Support@freenetproject.org
http://news.gmane.org/gmane.network.freenet.support
Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support
Or mailto:support-requ...@freenetproject.org?subject=unsubscribe