Re: [freenet-support] Building a new censorship circumvention tool: what do we need to know?

2017-02-23 Thread Robert John Morton 
Spam detection software, running on the system "freenetproject.org",
has identified this incoming email as possible spam.  The original
message has been attached to this so you can view it or label
similar future email.  If you have any questions, see
the administrator of that system for details.

Content preview:  ] You could use YaCy for that:http://www.yacy.net Ivan, Arne
   Thanks for your replies. I looked at YaCy. It's new to me. [...] 

Content analysis details:   (5.6 points, 5.0 required)

 pts rule name  description
 -- --
 2.0 FREENET_FROM_BACKUPMX  Received from the backup-MX server
 0.8 BAYES_50   BODY: Bayes spam probability is 40 to 60%
[score: 0.5000]
 2.0 FREENET_LOC_SHORT  Contains short body and URI
 0.8 RDNS_NONE  Delivered to internal network by a host with no rDNS


--- Begin Message ---

] You could use YaCy for that:http://www.yacy.net

Ivan, Arne

Thanks for your replies. I looked at YaCy. It's new to me.

Best wishes, Robert


--- End Message ---
___
Support mailing list
Support@freenetproject.org
http://news.gmane.org/gmane.network.freenet.support
Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support
Or mailto:support-requ...@freenetproject.org?subject=unsubscribe

Re: [freenet-support] Building a new censorship circumvention tool: what do we need to know?

2017-02-22 Thread Ivan Vilata-i-Balaguer 
Arne Babenhauserheide (2017-02-21 18:44:48 +0100) wrote:

> Do I remember correctly that the bundler replicates the site as is —
> with all its dangers to privacy? (Freenet provides heavy whitelist
> filtering to protect its users from uploaded content).

Sorry, but I do not know the software that much, but thanks for the
heads up, it'll be useful if we decide to work more on bundler.

> >> >   3. Access to censored dynamic content (i.e. web apps) is
> >> >   possible.
> >> 
> >> That’s a hard one. You’d need to remodel the web apps to use
> >> Freenet as backend instead of the clearnet.
> >> 
> >> I do not think that it is possible at all to provide anything which
> >> uses Javascript and at the same time preserve the anonymity of your
> >> users.
> >
> > Yeah, that's a hard one, that's why we may probably end up combining
> > several tools.
> 
> You could even go as far as simply re-developing popular tools on top
> of Freenet as locally running tools. That might turn out to be easier
> than trying to secure javascript.

Yes probably, but we have limited resources and code reuse may save much
effort.  For some particular components providing a "more native"
solution may still be feasible, and the projects you're working (and
mainly babcom) on may be of special interest there.`:)`

Thanks again for your advice!

-- 
Ivan Vilata i Balaguer
___
Support mailing list
Support@freenetproject.org
http://news.gmane.org/gmane.network.freenet.support
Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support
Or mailto:support-requ...@freenetproject.org?subject=unsubscribe

Re: [freenet-support] Building a new censorship circumvention tool: what do we need to know?

2017-02-21 Thread Arne Babenhauserheide 

Ivan Vilata-i-Balaguer writes:

> Robert John Morton (2017-02-20 08:19:36 -0300) wrote:
>
>> Dear CENO team:
>> 
>> An extremely worth-while and timely project. I wish you well.
>> 
>> I think that the deliberate exclusion of sites from popular search engine
>> listings is one of the worst forms of censorship on the Web. Perhaps the
>> only way to combat this is to create a search engine that has no commercial
>> or political motives behind it: an "open source" search engine if you like.
>> But it would have to be made popular and that's the difficult part.

You could use YaCy for that: http://www.yacy.net

Best wishes,
Arne
___
Support mailing list
Support@freenetproject.org
http://news.gmane.org/gmane.network.freenet.support
Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support
Or mailto:support-requ...@freenetproject.org?subject=unsubscribe

Re: [freenet-support] Building a new censorship circumvention tool: what do we need to know?

2017-02-21 Thread Arne Babenhauserheide 
Hi Ivan,

Ivan Vilata-i-Balaguer writes:
> Hi Arne, thanks for the insights and the links.  Please note that the
> current CENO project is actually using Freenet as a signalling and
> storage backend!`:)`

It’s great to know that this is still the case!

>> (I submitted a project plan for improving this to NLnet which shows what
>>  would have to be done for an uncensorable and attack resistant
>>  news-network. It got into the short-list but wasn’t selected for
>>  funding: http://www.draketo.de/english/freenet/news-of-the-day )
>
> That looks like a very interesting system!  CENO already includes some
> RSS feeds from selected sites, I'm not sure how this would aling with
> the particular requirement (we were focusing more in web sites), but
> it's without doubt an innovative approach.  Thanks for sharing it!

I’d have liked to finish it faster, but that requires about 10k€ to
finance the required WoT speedups (WoT interaction is what currently
slows down the system the most).

>> >   2. Censored content is made available within a reasonable time.
>> 
>> Just ask someone to run
>> 
>> copyweb -d  ; freesitemgr add 
>> 
>> Or integrate that functionality into a program. You might want to use
>> beautifulsoup to clean up the code for the Freenet content filter, i.e.:
>> http://127.0.0.1:/freenet:USK@0iU87PXyodL2nm6kCpmYntsteViIbMwlJE~wlqIVvZ0,nenxGvjXDElX5RIZxMvwSnOtRzUKJYjoXEDgkhY6Ljw,AQACAAE/freenetproject-mirror/491/update.sh?type=text/plain
>
> CENO currently uses [bundler](https://github.com/equalitie/bundler),
> which does a similar task.  Thanks for the hints!

Do I remember correctly that the bundler replicates the site as is —
with all its dangers to privacy? (Freenet provides heavy whitelist
filtering to protect its users from uploaded content).

>> >   3. Access to censored dynamic content (i.e. web apps) is possible.
>> 
>> That’s a hard one. You’d need to remodel the web apps to use Freenet as
>> backend instead of the clearnet.
>> 
>> I do not think that it is possible at all to provide anything which uses
>> Javascript and at the same time preserve the anonymity of your users.
>
> Yeah, that's a hard one, that's why we may probably end up combining
> several tools.

You could even go as far as simply re-developing popular tools on top of
Freenet as locally running tools. That might turn out to be easier than
trying to secure javascript.

> Wow, these a very useful links, thanks!

We should communicate more often.

>> […] PS: I’m only a few more hours away from being able to do proper
>> Freenet releases, so we can finally deploy improvements to the
>> freenet core again.
>
> Cool, good luck with that, and thanks again for the very informative
> reply!

Good luck to you, too! And Happy Hacking!
- Arne
___
Support mailing list
Support@freenetproject.org
http://news.gmane.org/gmane.network.freenet.support
Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support
Or mailto:support-requ...@freenetproject.org?subject=unsubscribe

Re: [freenet-support] Building a new censorship circumvention tool: what do we need to know?

2017-02-21 Thread Ivan Vilata-i-Balaguer 
Hi, thanks for your advice!  Maybe I should have mentioned that the
current version of the project does use Freenet for signalling and
storage, so we already enjoy these features from Freenet.  The harder
part will surely be dynamic or user-dependent content, along maybe
privacy-preserving statistics, so we may en up combining several tools.

Regarding content availability, we were more focused in replicated
content (as with Freenet), but we got a couple suggestions regarding
mesh networking.  That's a more ambitious solution, but we may give some
thought to it.

Thank you!

Freenet (2017-02-21 07:46:00 +) wrote:

> Ivan Vilata-i-Balaguer:
> > 
> >   1. Content is available under censorship conditions, ideally even
> >  after connection to the Internet has been completely cut for a
> >  whole region.
> 
> Try http://project-byzantium.org/ for inspiration. Maybe also
> https://github.com/cjdelisle/cjdns. Freenet can use ShoeShop to move
> fblobs via sneakernet.
> 
> >   2. Censored content is made available within a reasonable time.
> 
> FLIP (Freenet's IRC) has RTT of about 45 seconds.
> 
> >   3. Access to censored dynamic content (i.e. web apps) is possible.
> 
> Userscripts can give JavaScript, but any Turing complete code will be an
> issue to secure.
> 
> >   4. The system benefits from the user's participation, and is resistant
> >  to participants dropping off and to rogue nodes in the hands of the
> >  censor.
> 
> Freenet does this.
> 
> >   5. Users of the system are anonymous to someone observing their
> >  traffic, even if that someone is a participant in the system.
> 
> Freenet mostly does this. Darknet protects against currently known attacks.
> 
> >   6. Users' devices don't reveal the content that they or other users
> >  have accessed.
> 
> Set up something like https://tails.boum.org/
> 
> >   7. The system is amenable to privacy-preserving analytics to check its
> >  impact.
> 
> There are a couple projects that monitor the state of Freenet.

-- 
Ivan Vilata i Balaguer
___
Support mailing list
Support@freenetproject.org
http://news.gmane.org/gmane.network.freenet.support
Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support
Or mailto:support-requ...@freenetproject.org?subject=unsubscribe

Re: [freenet-support] Building a new censorship circumvention tool: what do we need to know?

2017-02-21 Thread Ivan Vilata-i-Balaguer 
Arne Babenhauserheide (2017-02-20 22:12:59 +0100) wrote:

> Hi Ivan, Dear eQualit.ie Hackers,
> 
> Aside from the web-apps part, Freenet can already provide everything
> you asked for.

Hi Arne, thanks for the insights and the links.  Please note that the
current CENO project is actually using Freenet as a signalling and
storage backend!`:)`

> Ivan Vilata-i-Balaguer  writes:
> >   1. Content is available under censorship conditions, ideally even
> >  after connection to the Internet has been completely cut for a
> >  whole region.
> 
> If you still have IP-based connections to people inside the region, this
> is the case, if you run a specialized darknet within that region (so
> content only gets replicated within the regional net).
> 
> There are already tools to make automatic Freenet connections. Talk to
> Michael Grube (thesnark).
> 
> For auto-spawning Freenet nodes when an application is started, see
> https://github.com/ArneBab/lib-pyFreenet-staging/blob/py3/freenet3/spawn.py
> 
> For communication with sub-5-minute latency from external programs, see
> https://github.com/ArneBab/lib-pyFreenet-staging/blob/py3/babcom.py
> 
> (I submitted a project plan for improving this to NLnet which shows what
>  would have to be done for an uncensorable and attack resistant
>  news-network. It got into the short-list but wasn’t selected for
>  funding: http://www.draketo.de/english/freenet/news-of-the-day )

That looks like a very interesting system!  CENO already includes some
RSS feeds from selected sites, I'm not sure how this would aling with
the particular requirement (we were focusing more in web sites), but
it's without doubt an innovative approach.  Thanks for sharing it!

> >   2. Censored content is made available within a reasonable time.
> 
> Just ask someone to run
> 
> copyweb -d  ; freesitemgr add 
> 
> Or integrate that functionality into a program. You might want to use
> beautifulsoup to clean up the code for the Freenet content filter, i.e.:
> http://127.0.0.1:/freenet:USK@0iU87PXyodL2nm6kCpmYntsteViIbMwlJE~wlqIVvZ0,nenxGvjXDElX5RIZxMvwSnOtRzUKJYjoXEDgkhY6Ljw,AQACAAE/freenetproject-mirror/491/update.sh?type=text/plain

CENO currently uses [bundler](https://github.com/equalitie/bundler),
which does a similar task.  Thanks for the hints!

> >   3. Access to censored dynamic content (i.e. web apps) is possible.
> 
> That’s a hard one. You’d need to remodel the web apps to use Freenet as
> backend instead of the clearnet.
> 
> I do not think that it is possible at all to provide anything which uses
> Javascript and at the same time preserve the anonymity of your users.

Yeah, that's a hard one, that's why we may probably end up combining
several tools.

> >   4. The system benefits from the user's participation, and is resistant
> >  to participants dropping off and to rogue nodes in the hands of the
> >  censor.
> 
> Resilient yes, for absolute resistance, you need to replicate
> everything, which limits the amount of data you can provide.
> 
> >   5. Users of the system are anonymous to someone observing their
> >  traffic, even if that someone is a participant in the system.
> 
> Jepp. A weak yes for automatic connections, a strong yes, if they
> connect to people they know.
> 
> >   6. Users' devices don't reveal the content that they or other users
> >  have accessed.
> 
> Jepp (as long as you use a separate browser in incognito mode).
> 
> >   7. The system is amenable to privacy-preserving analytics to check its
> >  impact.
> 
> Jepp.
> 
> i.e. http://asksteved.com/stats/2 — though it’s currently in sleep mode,
> there’s a new site for that in Freenet: 
> http://127.0.0.1:/USK@2zwBwyJeZnkbqH0N7WZXp6BQqR1Ys85rkthOFvfXOts,HIouq2elJyNt9VIsFfYbYmtvinOEeeY3LAAKVUqiSXo,AQACAAE/YAFS/175/

Wow, these a very useful links, thanks!

> […] PS: I’m only a few more hours away from being able to do proper
> Freenet releases, so we can finally deploy improvements to the
> freenet core again.

Cool, good luck with that, and thanks again for the very informative
reply!

-- 
Ivan Vilata i Balaguer
___
Support mailing list
Support@freenetproject.org
http://news.gmane.org/gmane.network.freenet.support
Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support
Or mailto:support-requ...@freenetproject.org?subject=unsubscribe

Re: [freenet-support] Building a new censorship circumvention tool: what do we need to know?

2017-02-21 Thread Ivan Vilata-i-Balaguer 
Robert John Morton (2017-02-20 08:19:36 -0300) wrote:

> Dear CENO team:
> 
> An extremely worth-while and timely project. I wish you well.
> 
> I think that the deliberate exclusion of sites from popular search engine
> listings is one of the worst forms of censorship on the Web. Perhaps the
> only way to combat this is to create a search engine that has no commercial
> or political motives behind it: an "open source" search engine if you like.
> But it would have to be made popular and that's the difficult part.
> 
> More determined censoring, I suppose, is where a particular government
> blocks content at specific IP addresses from entering its jurisdiction. I
> imagine that a set of obscured relays could manage this by making censored
> content available via unblocked addresses. This could, however, end up as a
> cat and mouse chase in which the content consumer would have to be able to
> hop quickly to ever-changing unblocked IP addresses.
> 
> Many difficult problems but well worth overcoming.

Thanks for your reply, Robert.  The search engine issue is one aspect I
hadn't reflected upon, and it may indeed have very broad consequences
given the way the web is used nowadays.

Thanks again for your comments!

-- 
Ivan Vilata i Balaguer
___
Support mailing list
Support@freenetproject.org
http://news.gmane.org/gmane.network.freenet.support
Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support
Or mailto:support-requ...@freenetproject.org?subject=unsubscribe

Re: [freenet-support] Building a new censorship circumvention tool: what do we need to know?

2017-02-20 Thread Freenet 
Ivan Vilata-i-Balaguer:
> 
>   1. Content is available under censorship conditions, ideally even
>  after connection to the Internet has been completely cut for a
>  whole region.

Try http://project-byzantium.org/ for inspiration. Maybe also
https://github.com/cjdelisle/cjdns. Freenet can use ShoeShop to move
fblobs via sneakernet.

>   2. Censored content is made available within a reasonable time.

FLIP (Freenet's IRC) has RTT of about 45 seconds.

>   3. Access to censored dynamic content (i.e. web apps) is possible.

Userscripts can give JavaScript, but any Turing complete code will be an
issue to secure.


>   4. The system benefits from the user's participation, and is resistant
>  to participants dropping off and to rogue nodes in the hands of the
>  censor.

Freenet does this.


>   5. Users of the system are anonymous to someone observing their
>  traffic, even if that someone is a participant in the system.

Freenet mostly does this. Darknet protects against currently known attacks.

>   6. Users' devices don't reveal the content that they or other users
>  have accessed.

Set up something like https://tails.boum.org/

>   7. The system is amenable to privacy-preserving analytics to check its
>  impact.

There are a couple projects that monitor the state of Freenet.
___
Support mailing list
Support@freenetproject.org
http://news.gmane.org/gmane.network.freenet.support
Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support
Or mailto:support-requ...@freenetproject.org?subject=unsubscribe

Re: [freenet-support] Building a new censorship circumvention tool: what do we need to know?

2017-02-20 Thread Arne Babenhauserheide 

Arne Babenhauserheide  writes:

> Hi Ivan, Dear eQualit.ie Hackers,
>
> Aside from the web-apps part, Freenet can already provide everything you
> asked for.
>
> Ivan Vilata-i-Balaguer  writes:
>>   1. Content is available under censorship conditions, ideally even
>>  after connection to the Internet has been completely cut for a
>>  whole region.
>
> If you still have IP-based connections to people inside the region, this
> is the case, if you run a specialized darknet within that region (so
> content only gets replicated within the regional net).
>
> There are already tools to make automatic Freenet connections. Talk to
> Michael Grube (thesnark).
>
> For auto-spawning Freenet nodes when an application is started, see
> https://github.com/ArneBab/lib-pyFreenet-staging/blob/py3/freenet3/spawn.py
>
> For communication with sub-5-minute latency from external programs, see
> https://github.com/ArneBab/lib-pyFreenet-staging/blob/py3/babcom.py
>
> (I submitted a project plan for improving this to NLnet which shows what
>  would have to be done for an uncensorable and attack resistant
>  news-network. It got into the short-list but wasn’t selected for
>  funding: http://www.draketo.de/english/freenet/news-of-the-day )
>
>>   2. Censored content is made available within a reasonable time.
>
> Just ask someone to run
> PS: I’m only a few more hours away from being able to do proper Freenet
> releases, so we can finally deploy improvements to the freenet core
> again.

PPS: See http://www.draketo.de/proj/freenet-release-management/
-- 
Unpolitisch sein
heißt politisch sein
ohne es zu merken


signature.asc
Description: PGP signature
___
Support mailing list
Support@freenetproject.org
http://news.gmane.org/gmane.network.freenet.support
Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support
Or mailto:support-requ...@freenetproject.org?subject=unsubscribe

Re: [freenet-support] Building a new censorship circumvention tool: what do we need to know?

2017-02-20 Thread Arne Babenhauserheide 
Hi Ivan, Dear eQualit.ie Hackers,

Aside from the web-apps part, Freenet can already provide everything you
asked for.

Ivan Vilata-i-Balaguer  writes:
>   1. Content is available under censorship conditions, ideally even
>  after connection to the Internet has been completely cut for a
>  whole region.

If you still have IP-based connections to people inside the region, this
is the case, if you run a specialized darknet within that region (so
content only gets replicated within the regional net).

There are already tools to make automatic Freenet connections. Talk to
Michael Grube (thesnark).

For auto-spawning Freenet nodes when an application is started, see
https://github.com/ArneBab/lib-pyFreenet-staging/blob/py3/freenet3/spawn.py

For communication with sub-5-minute latency from external programs, see
https://github.com/ArneBab/lib-pyFreenet-staging/blob/py3/babcom.py

(I submitted a project plan for improving this to NLnet which shows what
 would have to be done for an uncensorable and attack resistant
 news-network. It got into the short-list but wasn’t selected for
 funding: http://www.draketo.de/english/freenet/news-of-the-day )

>   2. Censored content is made available within a reasonable time.

Just ask someone to run

copyweb -d  ; freesitemgr add 

Or integrate that functionality into a program. You might want to use
beautifulsoup to clean up the code for the Freenet content filter, i.e.:
http://127.0.0.1:/freenet:USK@0iU87PXyodL2nm6kCpmYntsteViIbMwlJE~wlqIVvZ0,nenxGvjXDElX5RIZxMvwSnOtRzUKJYjoXEDgkhY6Ljw,AQACAAE/freenetproject-mirror/491/update.sh?type=text/plain

>   3. Access to censored dynamic content (i.e. web apps) is possible.

That’s a hard one. You’d need to remodel the web apps to use Freenet as
backend instead of the clearnet.

I do not think that it is possible at all to provide anything which uses
Javascript and at the same time preserve the anonymity of your users.

>   4. The system benefits from the user's participation, and is resistant
>  to participants dropping off and to rogue nodes in the hands of the
>  censor.

Resilient yes, for absolute resistance, you need to replicate
everything, which limits the amount of data you can provide.

>   5. Users of the system are anonymous to someone observing their
>  traffic, even if that someone is a participant in the system.

Jepp. A weak yes for automatic connections, a strong yes, if they
connect to people they know.

>   6. Users' devices don't reveal the content that they or other users
>  have accessed.

Jepp (as long as you use a separate browser in incognito mode).

>   7. The system is amenable to privacy-preserving analytics to check its
>  impact.

Jepp.

i.e. http://asksteved.com/stats/ — though it’s currently in sleep mode,
there’s a new site for that in Freenet: 
http://127.0.0.1:/USK@2zwBwyJeZnkbqH0N7WZXp6BQqR1Ys85rkthOFvfXOts,HIouq2elJyNt9VIsFfYbYmtvinOEeeY3LAAKVUqiSXo,AQACAAE/YAFS/175/

> We know that we'll probably need a combination of several tools to
> achieve these properties, so we're not looking for a silver bullet but
> rather some advice and suggestions from you that may help us move in the
> right direction.  We will be dedicating at least 2 years solid
> development to a chosen infrastructure design and hope to contribute to
> existing models, as part of our (likely hybrid) appraoch to the
> eventuating infrastructure.

Nice!

Best wishes,
Arne

PS: I’m only a few more hours away from being able to do proper Freenet
releases, so we can finally deploy improvements to the freenet core
again.
-- 
Unpolitisch sein
heißt politisch sein
ohne es zu merken


signature.asc
Description: PGP signature
___
Support mailing list
Support@freenetproject.org
http://news.gmane.org/gmane.network.freenet.support
Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support
Or mailto:support-requ...@freenetproject.org?subject=unsubscribe

Re: [freenet-support] Building a new censorship circumvention tool: what do we need to know?

2017-02-20 Thread Robert John Morton 

Dear CENO team:

An extremely worth-while and timely project. I wish you well.

I think that the deliberate exclusion of sites from popular search 
engine listings is one of the worst forms of censorship on the Web. 
Perhaps the only way to combat this is to create a search engine that 
has no commercial or political motives behind it: an "open source" 
search engine if you like. But it would have to be made popular and 
that's the difficult part.


More determined censoring, I suppose, is where a particular government 
blocks content at specific IP addresses from entering its jurisdiction. 
I imagine that a set of obscured relays could manage this by making 
censored content available via unblocked addresses. This could, however, 
end up as a cat and mouse chase in which the content consumer would have 
to be able to hop quickly to ever-changing unblocked IP addresses.


Many difficult problems but well worth overcoming.

Robert John Morton
Belo Horizonte-MG, Brasil
___
Support mailing list
Support@freenetproject.org
http://news.gmane.org/gmane.network.freenet.support
Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support
Or mailto:support-requ...@freenetproject.org?subject=unsubscribe