Re: [freenet-support] temp files from gateway
On Fri, 21 Jan 2005 15:03:45 +0100, Marco A. Calamari <[EMAIL PROTECTED]> wrote: > Delete all cleartext info as soon as they are no more > necessary follow directly from this. He's got a point. I'm a bit surprised to learn that there's clear text information put onto the hard drive. To what extent is this done? To what extent should I worry? -todd ___ Support mailing list Support@freenetproject.org http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED]
Re: [freenet-support] temp files from gateway
On Fri, 2005-01-21 at 11:50 +, Toad wrote: > Filling with 0's then deleting is not reliable on journaled > filesystems.. the files should be encrypted in the first place. A while > back somebody did some changes to make sure that keys don't show up if > logLevel is less than debug (or minor?).. Er Toad, you give me a negative answer only to my fourth point. Typical commit time for journaled filesystem is 5 to 15 seconds, so modification not writtend is just a possibility. This is not my concern. Let me better explain my thoughts. By design, Freenet must protect his users giving the greater anonimity possible and the greater plausible deniability possible. AFAIK this philosophy must guide thru all implementation. Freenet must do his best to protect all his user (if this is an easy task) including user that doesn't know how use a cryptoloop or barely know how to install a windows program. Naive, wrongdoer or stupid users must be protected too, as long as this is an easy task. Delete all cleartext info as soon as they are no more necessary follow directly from this. I understand that the nature of the Freenet code doesn't allow for an easy review if this happens always in the code. BUT, I see really no reason why Fred must leave files filled of cleartext temporary info liying around, when Microsoft Word (R) itself lost this habit. So OK, do not overwrite, just delete temp & client-download files; at least the probability that a forensic analisys can recover it are greatly *reduced*. I think a single code line somewhere in Fred can do this job. Ok this is not an interesting issue, but IMHO it close a big, trivial problem in current implementation and add a resilience that worth well implement it. Or will be implemented only in 1.0 ? ;) Just my 2 eurocent. Ciao. Marco > > On Fri, Jan 21, 2005 at 08:23:15AM +0100, Marco A. Calamari wrote: > > On Wed, 2005-01-19 at 17:02 +, Toad wrote: > > > On Wed, Jan 19, 2005 at 04:36:13PM +, Ben Golding wrote: > > > > Doesn't storing decrypted data on disk break the "deniability" property > > > > of Freenet, which is important for freedom of speech? > > > > > > I'd have to check what the current behaviour is... I think we use > > > temporary file buckets and don't encrypt them, in fproxy, at present... > > > We should fix this, obviously. > > > > Another check on next minor release IMHO useful would be > > delete all file stored in cleartext BOTH when shutting > > down the node and when starting it. > > I mean all file in store/temp and the dir store/temp > > itself (to clean temo filenames) > > Another useful addition would be an config option to > > clean all clearinfo places: client-download (both > > content and dir), that can be used by others if the node is an > > http gateway (has the fproxy port public), logfile > > that from time to time can contain keynames in weird > > messages or other internal information as stacktraces. > > Doing this with a simple wiping algoritm (fill with > > zero before deletion) would be another good thing. > > > > JM2C. Marco > > > > > > > > > > (after all, you can disable writing the cache to disk, even in IE!) > > > > > > > > Ben Golding > > > > > > > > - Original message - > > > > From: "Toad" <[EMAIL PROTECTED]> > > > > To: support@freenetproject.org > > > > Date: Wed, 19 Jan 2005 12:53:51 + > > > > Subject: Re: [freenet-support] temp files from gateway > > > > > > > > The encrypted files are stored in the store. > > > > The decrypted files may be stored in the temp directory as well. Which > > > > is often in the store, subdir temp. > > > ___ > > > Support mailing list > > > Support@freenetproject.org > > > http://news.gmane.org/gmane.network.freenet.support > > > Unsubscribe at > > > http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support > > > Or mailto:[EMAIL PROTECTED] > > -- > > > > "Oggi e' il domani di cui ci dovevamo preoccupare ieri." > > > > > ___ > > Support mailing list > > Support@freenetproject.org > > http://news.gmane.org/gmane.network.freenet.support > > Unsubscribe at > > http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support > > Or mailto:[EMAIL PROTECTED] > > ___ > Support mailing list > Support@freenetproject.org > http://news.gmane.org/gmane.network.freenet.support > Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support > Or mailto:[EMAIL PROTECTED] -- "Oggi e' il domani di cui ci dovevamo preoccupare ieri." signature.asc Description: This is a digitally signed message part ___ Support mailing list Support@freenetproject.org http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED]
Re: [freenet-support] Freenet: Error
To correct this ..? Freenet could not find the data. I'm guessing this is the first time you are running Freenet? Did you try 'retrying' as the message below suggests? How long have you been running Freenet for? Have you read any of the documentation about Freenet yet? I recommend you do this first... thanks > Dear Freenet: > > When running your application, I get the following error > > >Freenet > > >Route Not Found > > > > Network Error > > > Couldn't retrieve key: [EMAIL PROTECTED]/YoYo// > Hops To Live: 10 > > Error: Route Not Found > > Attempts were made to contact 1 nodes. > > a.. 0 were totally unreachable. > b.. 1 restarted. > c.. 0 cleanly rejected. > d.. 0 backed off. > Route Not Found messages mean that your node, or the rest of the > network, didn't find the data or enough nodes to send the request > to. You should retry, with the same Hops-To-Live; if it persists, > there may be a problem (check that your internet connection is > working). Try reseeding your node, and if that doesn't work, contact > [EMAIL PROTECTED] > > Change Hops To Live to and > > > > Please tell me what I need in order to correct this. > > Thank you > > cneal___ > Support mailing list > Support@freenetproject.org > http://news.gmane.org/gmane.network.freenet.support > Unsubscribe at > http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support > Or mailto:[EMAIL PROTECTED] ___ Support mailing list Support@freenetproject.org http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED]
Re: [freenet-support] Freenet: Error
Hi. What version (build number) are you running, and under what operating system? If you go to Advanced mode on the Web Interface, then click on Open Connections, how many connections are open (and how many are inbound) ? Are you behind a NAT, firewall or DSL router? On Thu, Jan 19, 2006 at 01:53:36PM -0800, [EMAIL PROTECTED] wrote: > Dear Freenet: > > When running your application, I get the following error > > >Freenet > > >Route Not Found > > > > Network Error > > > Couldn't retrieve key: [EMAIL PROTECTED]/YoYo// > Hops To Live: 10 > > Error: Route Not Found > > Attempts were made to contact 1 nodes. > > a.. 0 were totally unreachable. > b.. 1 restarted. > c.. 0 cleanly rejected. > d.. 0 backed off. > Route Not Found messages mean that your node, or the rest of the > network, didn't find the data or enough nodes to send the request to. You > should retry, with the same Hops-To-Live; if it persists, there may be a > problem (check that your internet connection is working). Try reseeding your > node, and if that doesn't work, contact [EMAIL PROTECTED] > > Change Hops To Live to and > > > > Please tell me what I need in order to correct this. > > Thank you > > cneal -- Matthew J Toseland - [EMAIL PROTECTED] Freenet Project Official Codemonkey - http://freenetproject.org/ ICTHUS - Nothing is impossible. Our Boss says so. signature.asc Description: Digital signature ___ Support mailing list Support@freenetproject.org http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED]
[freenet-support] Freenet: Error
Dear Freenet: When running your application, I get the following error Freenet Route Not Found Network Error Couldn't retrieve key: [EMAIL PROTECTED]/YoYo// Hops To Live: 10 Error: Route Not Found Attempts were made to contact 1 nodes. 0 were totally unreachable. 1 restarted. 0 cleanly rejected. 0 backed off. Route Not Found messages mean that your node, or the rest of the network, didn't find the data or enough nodes to send the request to. You should retry, with the same Hops-To-Live; if it persists, there may be a problem (check that your internet connection is working). Try reseeding your node, and if that doesn't work, contact [EMAIL PROTECTED] Change Hops To Live to and Please tell me what I need in order to correct this. Thank you cneal ___ Support mailing list Support@freenetproject.org http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED]
Re: [freenet-support] temp files from gateway
If you're worried about tempfiles you might want to store your files in an encrypted filesystem (or e.g. an encrypted folder on Windows XP) > Filling with 0's then deleting is not reliable on journaled > filesystems.. the files should be encrypted in the first place. A while > back somebody did some changes to make sure that keys don't show up if > logLevel is less than debug (or minor?).. > > On Fri, Jan 21, 2005 at 08:23:15AM +0100, Marco A. Calamari wrote: >> On Wed, 2005-01-19 at 17:02 +, Toad wrote: >> > On Wed, Jan 19, 2005 at 04:36:13PM +, Ben Golding wrote: >> > > Doesn't storing decrypted data on disk break the "deniability" >> property >> > > of Freenet, which is important for freedom of speech? >> > >> > I'd have to check what the current behaviour is... I think we use >> > temporary file buckets and don't encrypt them, in fproxy, at >> present... >> > We should fix this, obviously. >> >> Another check on next minor release IMHO useful would be >> delete all file stored in cleartext BOTH when shutting >> down the node and when starting it. >> I mean all file in store/temp and the dir store/temp >> itself (to clean temo filenames) >> Another useful addition would be an config option to >> clean all clearinfo places: client-download (both >> content and dir), that can be used by others if the node is an >> http gateway (has the fproxy port public), logfile >> that from time to time can contain keynames in weird >> messages or other internal information as stacktraces. >> Doing this with a simple wiping algoritm (fill with >> zero before deletion) would be another good thing. >> >> JM2C. Marco >> >> > > >> > > (after all, you can disable writing the cache to disk, even in IE!) >> > > >> > > Ben Golding >> > > >> > > - Original message - >> > > From: "Toad" <[EMAIL PROTECTED]> >> > > To: support@freenetproject.org >> > > Date: Wed, 19 Jan 2005 12:53:51 + >> > > Subject: Re: [freenet-support] temp files from gateway >> > > >> > > The encrypted files are stored in the store. >> > > The decrypted files may be stored in the temp directory as well. >> Which >> > > is often in the store, subdir temp. >> > ___ >> > Support mailing list >> > Support@freenetproject.org >> > http://news.gmane.org/gmane.network.freenet.support >> > Unsubscribe at >> http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support >> > Or mailto:[EMAIL PROTECTED] >> -- >> >> "Oggi e' il domani di cui ci dovevamo preoccupare ieri." > > > >> ___ >> Support mailing list >> Support@freenetproject.org >> http://news.gmane.org/gmane.network.freenet.support >> Unsubscribe at >> http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support >> Or mailto:[EMAIL PROTECTED] > > -- > Matthew J Toseland - [EMAIL PROTECTED] > Freenet Project Official Codemonkey - http://freenetproject.org/ > ICTHUS - Nothing is impossible. Our Boss says so. > ___ > Support mailing list > Support@freenetproject.org > http://news.gmane.org/gmane.network.freenet.support > Unsubscribe at > http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support > Or mailto:[EMAIL PROTECTED] ___ Support mailing list Support@freenetproject.org http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED]
Re: [freenet-support] temp files from gateway
Filling with 0's then deleting is not reliable on journaled filesystems.. the files should be encrypted in the first place. A while back somebody did some changes to make sure that keys don't show up if logLevel is less than debug (or minor?).. On Fri, Jan 21, 2005 at 08:23:15AM +0100, Marco A. Calamari wrote: > On Wed, 2005-01-19 at 17:02 +, Toad wrote: > > On Wed, Jan 19, 2005 at 04:36:13PM +, Ben Golding wrote: > > > Doesn't storing decrypted data on disk break the "deniability" property > > > of Freenet, which is important for freedom of speech? > > > > I'd have to check what the current behaviour is... I think we use > > temporary file buckets and don't encrypt them, in fproxy, at present... > > We should fix this, obviously. > > Another check on next minor release IMHO useful would be > delete all file stored in cleartext BOTH when shutting > down the node and when starting it. > I mean all file in store/temp and the dir store/temp > itself (to clean temo filenames) > Another useful addition would be an config option to > clean all clearinfo places: client-download (both > content and dir), that can be used by others if the node is an > http gateway (has the fproxy port public), logfile > that from time to time can contain keynames in weird > messages or other internal information as stacktraces. > Doing this with a simple wiping algoritm (fill with > zero before deletion) would be another good thing. > > JM2C. Marco > > > > > > > (after all, you can disable writing the cache to disk, even in IE!) > > > > > > Ben Golding > > > > > > - Original message - > > > From: "Toad" <[EMAIL PROTECTED]> > > > To: support@freenetproject.org > > > Date: Wed, 19 Jan 2005 12:53:51 + > > > Subject: Re: [freenet-support] temp files from gateway > > > > > > The encrypted files are stored in the store. > > > The decrypted files may be stored in the temp directory as well. Which > > > is often in the store, subdir temp. > > ___ > > Support mailing list > > Support@freenetproject.org > > http://news.gmane.org/gmane.network.freenet.support > > Unsubscribe at > > http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support > > Or mailto:[EMAIL PROTECTED] > -- > > "Oggi e' il domani di cui ci dovevamo preoccupare ieri." > ___ > Support mailing list > Support@freenetproject.org > http://news.gmane.org/gmane.network.freenet.support > Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support > Or mailto:[EMAIL PROTECTED] -- Matthew J Toseland - [EMAIL PROTECTED] Freenet Project Official Codemonkey - http://freenetproject.org/ ICTHUS - Nothing is impossible. Our Boss says so. signature.asc Description: Digital signature ___ Support mailing list Support@freenetproject.org http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED]
Re: [freenet-support] temp files from gateway
On Wed, 2005-01-19 at 17:02 +, Toad wrote: > On Wed, Jan 19, 2005 at 04:36:13PM +, Ben Golding wrote: > > Doesn't storing decrypted data on disk break the "deniability" property > > of Freenet, which is important for freedom of speech? > > I'd have to check what the current behaviour is... I think we use > temporary file buckets and don't encrypt them, in fproxy, at present... > We should fix this, obviously. Another check on next minor release IMHO useful would be delete all file stored in cleartext BOTH when shutting down the node and when starting it. I mean all file in store/temp and the dir store/temp itself (to clean temo filenames) Another useful addition would be an config option to clean all clearinfo places: client-download (both content and dir), that can be used by others if the node is an http gateway (has the fproxy port public), logfile that from time to time can contain keynames in weird messages or other internal information as stacktraces. Doing this with a simple wiping algoritm (fill with zero before deletion) would be another good thing. JM2C. Marco > > > > (after all, you can disable writing the cache to disk, even in IE!) > > > > Ben Golding > > > > - Original message - > > From: "Toad" <[EMAIL PROTECTED]> > > To: support@freenetproject.org > > Date: Wed, 19 Jan 2005 12:53:51 + > > Subject: Re: [freenet-support] temp files from gateway > > > > The encrypted files are stored in the store. > > The decrypted files may be stored in the temp directory as well. Which > > is often in the store, subdir temp. > ___ > Support mailing list > Support@freenetproject.org > http://news.gmane.org/gmane.network.freenet.support > Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support > Or mailto:[EMAIL PROTECTED] -- "Oggi e' il domani di cui ci dovevamo preoccupare ieri." signature.asc Description: This is a digitally signed message part ___ Support mailing list Support@freenetproject.org http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED]