[freenet-support] Re: Hypothetical question...

2005-09-19 Thread Matthew Toseland 
On Sat, Sep 17, 2005 at 10:28:49PM -0400, John Meeks wrote:
> It seems to me that finding people to communicate with (trust) is the hard
> part, and actually communicating with them is the easy part.  The opennet
> allows you to not have to trust people, since everything is anonymous, and
> thus solves the hard problem (in addition to the easy one).  The friends
> network solves the easy problem (communication) but doesn't help with the
> hard problem (finding people to trust).

No. The hard problem is providing something vaguely resembling the
internet in scale and functionality that:
a) Prevents the powerful from tracing a given information source -
author, informant, whistleblower, artist, etc. AND
b) Will still be usable even if running a freenet node is itself 
illegal, and will make it expensive to destroy the network.

The opennet is for those who don't have any friends but trust the
government. The darknet is for those who trust their friends but not the
government. Take your pick, you can't have both. The opennet is
harvestable, and always will be harvestable. Only the darknet has a
chance in a hostile environment where running a node may in itself be
dangerous.
> 
> There is one change that I think would be good:  Make it impossible to
> construct any given file from any given node.  This turns deniability into
> impossibility (ie. someone can't say "the file was on the drive, and it
> was encrypted" they can only say "part of the file was on the drive, but
> we had to get the rest off the internet to get the file").  This seems to
> have a better chance of standing up in court.  In other words, never let a
> given node hold any complete file.

This is impossible unless the node knows which files belong to which
splitfile. Which would be very bad. Well I suppose we could do some
red/black colouring or something, but it would suck, and wouldn't work
on a darknet. In any case, the real problem here is that the whole file
might be in your store because you requested it (the Register attack).
There are several possible solutions to this. The obvious darknet
solution is just to not cache the files you request (unless somebody
else asks for them). The problem is this might be detected by your
immediate neighbours; unless we take fairly extreme measures, it is
likely that your immediate friends can detect what you are browsing if
they actively attack you with e.g. correlation attacks. All solutions to
this so far appear rather difficult and expensive (slow), so we are just
ignoring the problem for 0.7.0.
> 
> --- John
-- 
Matthew J Toseland - toad at amphibian.dyndns.org
Freenet Project Official Codemonkey - http://freenetproject.org/
ICTHUS - Nothing is impossible. Our Boss says so.
-- next part --
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL:

[freenet-support] Re: Hypothetical question...

2005-09-19 Thread Matthew Toseland 
On Sat, Sep 17, 2005 at 08:55:01PM +, Bob wrote:
> Matthew Toseland  writes:
> 
> --snip--
> > No, there will be an opennet. It will probably operate on similar
> > principles to the current 0.5 network, but will be 0.7.
> > > 
> > > We could have a rotating public nodes system like we currently do with
> > > seednodes.ref, but surely this would horribly break the routing?
> > 
> > Not necessarily.
> 
> So the friend small-world thing is purely for the scalable darknet, and the
> opennet will use something like ngrouting?

No, it will use the same routing, but will probably have some level of
(slowish) path folding.
> 
> > We have state level internet censorship?

Replied to his response direct to author and to chat at freenetproject.org.
Apologies for the noise.
-- 
Matthew J Toseland - toad at amphibian.dyndns.org
Freenet Project Official Codemonkey - http://freenetproject.org/
ICTHUS - Nothing is impossible. Our Boss says so.
-- next part --
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL:

Re: [freenet-support] Re: Hypothetical question...

2005-09-19 Thread Matthew Toseland 
On Sat, Sep 17, 2005 at 10:28:49PM -0400, John Meeks wrote:
> It seems to me that finding people to communicate with (trust) is the hard
> part, and actually communicating with them is the easy part.  The opennet
> allows you to not have to trust people, since everything is anonymous, and
> thus solves the hard problem (in addition to the easy one).  The friends
> network solves the easy problem (communication) but doesn't help with the
> hard problem (finding people to trust).

No. The hard problem is providing something vaguely resembling the
internet in scale and functionality that:
a) Prevents the powerful from tracing a given information source -
author, informant, whistleblower, artist, etc. AND
b) Will still be usable even if running a freenet node is itself 
illegal, and will make it expensive to destroy the network.

The opennet is for those who don't have any friends but trust the
government. The darknet is for those who trust their friends but not the
government. Take your pick, you can't have both. The opennet is
harvestable, and always will be harvestable. Only the darknet has a
chance in a hostile environment where running a node may in itself be
dangerous.
> 
> There is one change that I think would be good:  Make it impossible to
> construct any given file from any given node.  This turns deniability into
> impossibility (ie. someone can't say "the file was on the drive, and it
> was encrypted" they can only say "part of the file was on the drive, but
> we had to get the rest off the internet to get the file").  This seems to
> have a better chance of standing up in court.  In other words, never let a
> given node hold any complete file.

This is impossible unless the node knows which files belong to which
splitfile. Which would be very bad. Well I suppose we could do some
red/black colouring or something, but it would suck, and wouldn't work
on a darknet. In any case, the real problem here is that the whole file
might be in your store because you requested it (the Register attack).
There are several possible solutions to this. The obvious darknet
solution is just to not cache the files you request (unless somebody
else asks for them). The problem is this might be detected by your
immediate neighbours; unless we take fairly extreme measures, it is
likely that your immediate friends can detect what you are browsing if
they actively attack you with e.g. correlation attacks. All solutions to
this so far appear rather difficult and expensive (slow), so we are just
ignoring the problem for 0.7.0.
> 
> --- John
-- 
Matthew J Toseland - [EMAIL PROTECTED]
Freenet Project Official Codemonkey - http://freenetproject.org/
ICTHUS - Nothing is impossible. Our Boss says so.


signature.asc
Description: Digital signature
___
Support mailing list
Support@freenetproject.org
http://news.gmane.org/gmane.network.freenet.support
Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support
Or mailto:[EMAIL PROTECTED]

Re: [freenet-support] Re: Hypothetical question...

2005-09-19 Thread Matthew Toseland 
On Sat, Sep 17, 2005 at 08:55:01PM +, Bob wrote:
> Matthew Toseland <[EMAIL PROTECTED]> writes:
> 
> --snip--
> > No, there will be an opennet. It will probably operate on similar
> > principles to the current 0.5 network, but will be 0.7.
> > > 
> > > We could have a rotating public nodes system like we currently do with
> > > seednodes.ref, but surely this would horribly break the routing?
> > 
> > Not necessarily.
> 
> So the friend small-world thing is purely for the scalable darknet, and the
> opennet will use something like ngrouting?

No, it will use the same routing, but will probably have some level of
(slowish) path folding.
> 
> > We have state level internet censorship?

Replied to his response direct to author and to [EMAIL PROTECTED]
Apologies for the noise.
-- 
Matthew J Toseland - [EMAIL PROTECTED]
Freenet Project Official Codemonkey - http://freenetproject.org/
ICTHUS - Nothing is impossible. Our Boss says so.


signature.asc
Description: Digital signature
___
Support mailing list
Support@freenetproject.org
http://news.gmane.org/gmane.network.freenet.support
Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support
Or mailto:[EMAIL PROTECTED]

[freenet-support] Re: Hypothetical question...

2005-09-17 Thread John Meeks 
It seems to me that finding people to communicate with (trust) is the hard
part, and actually communicating with them is the easy part.  The opennet
allows you to not have to trust people, since everything is anonymous, and
thus solves the hard problem (in addition to the easy one).  The friends
network solves the easy problem (communication) but doesn't help with the
hard problem (finding people to trust).

There is one change that I think would be good:  Make it impossible to
construct any given file from any given node.  This turns deniability into
impossibility (ie. someone can't say "the file was on the drive, and it
was encrypted" they can only say "part of the file was on the drive, but
we had to get the rest off the internet to get the file").  This seems to
have a better chance of standing up in court.  In other words, never let a
given node hold any complete file.

--- John

[freenet-support] Re: Hypothetical question...

2005-09-17 Thread Bob 
Matthew Toseland  writes:

--snip--
> No, there will be an opennet. It will probably operate on similar
> principles to the current 0.5 network, but will be 0.7.
> > 
> > We could have a rotating public nodes system like we currently do with
> > seednodes.ref, but surely this would horribly break the routing?
> 
> Not necessarily.

So the friend small-world thing is purely for the scalable darknet, and the
opennet will use something like ngrouting?

> We have state level internet censorship?

Slight hyperbole perhaps, but the apparatus is there and it seems to be
happening. Right now known child porn sites are banned at the backbone/telco
level, which is fine, but this shows worrying signs of being expanded. Next on
the list is any criticism of a religion deemed to be "hate speech", and porn
deemed by some undefined party to be too "violent". The proposed incitement to
terrorism stuff is a bit open ended too.

http://news.bbc.co.uk/1/hi/uk/4195332.stm
OMG, must censor teh internets to protect our children because we have no
parenting skills. As for the insinuation that any porn harder than is allowed to
be sold in a UK sex shop must be censored, good luck censoring a third of the
internet.

http://news.bbc.co.uk/1/hi/uk_politics/3871867.stm
Scientologists rub their hands in glee as they gain a new weapon. Pointing out
Mohammed was by modern standards a paedo == offence? Claiming the 'lost books'
of the Bible that say Jesus had homosexual relations, served a hallucinogen at
the last supper etc. exist == offence? Etcetera.

http://news.bbc.co.uk/1/hi/uk_politics/4247638.stm
"Powers to tackle bookshops selling extremist material". So Mein Kampf is going
to be a thoughtcrime here too? Maybe we could have public bonfires of the
offending books while the security forces march around them and shout slogans,
y'know, to drive the point home.

Bob

Re: [freenet-support] Re: Hypothetical question...

2005-09-17 Thread John Meeks 
It seems to me that finding people to communicate with (trust) is the hard
part, and actually communicating with them is the easy part.  The opennet
allows you to not have to trust people, since everything is anonymous, and
thus solves the hard problem (in addition to the easy one).  The friends
network solves the easy problem (communication) but doesn't help with the
hard problem (finding people to trust).

There is one change that I think would be good:  Make it impossible to
construct any given file from any given node.  This turns deniability into
impossibility (ie. someone can't say "the file was on the drive, and it
was encrypted" they can only say "part of the file was on the drive, but
we had to get the rest off the internet to get the file").  This seems to
have a better chance of standing up in court.  In other words, never let a
given node hold any complete file.

--- John

___
Support mailing list
Support@freenetproject.org
http://news.gmane.org/gmane.network.freenet.support
Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support
Or mailto:[EMAIL PROTECTED]

[freenet-support] Re: Hypothetical question...

2005-09-17 Thread Matthew Toseland 
On Sat, Sep 17, 2005 at 03:53:27PM +, Bob wrote:
> John Meeks  writes:
> 
> > The new information about version 0.7 sounds pretty good, but one thing
> > about it concerns me.  Assuming I don't know anyone who is using freenet,
> > how do I get onto the network?  (Remember, I'm asking this about the next
> > version, since it says you can only connect if a "friend" lets you.
> > Assuming I don't have a friend already using freenet, how do I get
> > connected?)
> 
> As I understand it there will be two options : join the opennet, which is 
> public
> and harvestable like the current freenet (but hopefully has better performance
> etc), or join / create a private darknet which isn't. However, given that the
> routing model is predicated around the "friends form small-world networks"
> concept I think even the opennet is supposed to be joined via the noderefs of
> friend(s). This is of concern to me as well, I don't know anyone IRL who runs
> freenet. 

No, there will be an opennet. It will probably operate on similar
principles to the current 0.5 network, but will be 0.7.
> 
> We could have a rotating public nodes system like we currently do with
> seednodes.ref, but surely this would horribly break the routing?

Not necessarily.
> 
> > This change worries me (unless I'm mis-understanding it), since it
> > basically ties the network to a group of real-life friends, it creates a
> > nice friendly map that the authorities could use to find everyone
> > interested in a given subject.  I don't think the Chinese government would
> > have any problems getting someone's computer and seeing all the "friends"
> > it lists.
> 
> The idea of darknets is that they're not practical to detect. Assuming this is
> the case, if e.g. CCP busted one darknet-running dissident through some other
> means and got the chance to examine their computer, they could also find 
> others
> in that darknet. Hopefully dissidents in such situations have the sense to
> organise like terrorist cells so that damage is limited in this case.
> 
> > In short, it seems like this change would create a set of isolated
> > networks, and remove the plausable deniability of the previous network.
> 
> True to some extent, but the whole point of darknets is that they are isolated
> and secret. There is already a seperate freenet 0.5 network in China. An 
> opennet
> node could be run to push content from darknets onto the public network, or 
> vice
> versa, although this is probably risky for a dissident to do.
> 
> > The "network of trust" concept seems to me to be deeply flawed, since
> > spies have been able to infiltrate even the most guarded networks of
> > "friends" (ie. the Mafia, the Manhattan project, etc).  Trusting "some guy
> > I met on the internet" doesn't seem like something I'd really want to do.
> 
> Yeah, I could find freenet people on the 'net but not IRL, and as you say this
> makes strong trust difficult. Obviously core project people are trustworthy 
> but
> if we all connect to them then AFAICS routing breaks (plus their nodes would
> likely be DDoS'd ..)
> 
> > I guess another way to look at it is that the network seems to be going
> > towards being more useful for people in countries like China and less
> > useful for people in the US.  Plausable deniability is more useful in the
> > US, whereas secrecy is more useful in China.  While I feel for people in
> > China, I myself am in the US, and so therefore look at the project from my
> > point of view (especially in the current political climate).
> 
> It is not beyond the bounds of possibility that freenet could be banned in
> western countries too. The UK gov for example is reactionary, authoritarian 
> and
> power hungry - all it would take is one high-profile paedophille case or
> suchlike to whip the tabloids up into a frenzy, and a wish list bill 
> pre-written
> by the security services could probably be rushed through parliament. We 
> already
> have state level internet censorship and monitoring. The US is much the same, 
> in
> spite of supposed constitutional free speech protections.

We have state level internet censorship?
> 
> > I'm also a bit concerned about the constant restarts, it seems that the
> > project is following the "fad security of the month" (although networks of
> > trust were around with PGP like 10 years ago).
> 
> Well, as you see there will still be an opennet sort of like the current
> freenet. The reasons given over the months for the other changes and in
> particular the introduction of darknets all seem rational to me. It's a fact
> that freenet 0.5 doesn't perform very well, is harvestable etc and these
> problems need to be addressed somehow.
> 
> > Anyway, the reason I'm asking about this is because I currently have
> > Paypal set up to donate $20/month to the project, but I'm not
> > sure if I like the direction it's going.
> > 
> > Any better explanation of how this will work (mainly "how can I connect if
> > I don't already know someo

[freenet-support] Re: Hypothetical question...

2005-09-17 Thread Bob 
John Meeks  writes:

> The new information about version 0.7 sounds pretty good, but one thing
> about it concerns me.  Assuming I don't know anyone who is using freenet,
> how do I get onto the network?  (Remember, I'm asking this about the next
> version, since it says you can only connect if a "friend" lets you.
> Assuming I don't have a friend already using freenet, how do I get
> connected?)

As I understand it there will be two options : join the opennet, which is public
and harvestable like the current freenet (but hopefully has better performance
etc), or join / create a private darknet which isn't. However, given that the
routing model is predicated around the "friends form small-world networks"
concept I think even the opennet is supposed to be joined via the noderefs of
friend(s). This is of concern to me as well, I don't know anyone IRL who runs
freenet. 

We could have a rotating public nodes system like we currently do with
seednodes.ref, but surely this would horribly break the routing?

> This change worries me (unless I'm mis-understanding it), since it
> basically ties the network to a group of real-life friends, it creates a
> nice friendly map that the authorities could use to find everyone
> interested in a given subject.  I don't think the Chinese government would
> have any problems getting someone's computer and seeing all the "friends"
> it lists.

The idea of darknets is that they're not practical to detect. Assuming this is
the case, if e.g. CCP busted one darknet-running dissident through some other
means and got the chance to examine their computer, they could also find others
in that darknet. Hopefully dissidents in such situations have the sense to
organise like terrorist cells so that damage is limited in this case.

> In short, it seems like this change would create a set of isolated
> networks, and remove the plausable deniability of the previous network.

True to some extent, but the whole point of darknets is that they are isolated
and secret. There is already a seperate freenet 0.5 network in China. An opennet
node could be run to push content from darknets onto the public network, or vice
versa, although this is probably risky for a dissident to do.

> The "network of trust" concept seems to me to be deeply flawed, since
> spies have been able to infiltrate even the most guarded networks of
> "friends" (ie. the Mafia, the Manhattan project, etc).  Trusting "some guy
> I met on the internet" doesn't seem like something I'd really want to do.

Yeah, I could find freenet people on the 'net but not IRL, and as you say this
makes strong trust difficult. Obviously core project people are trustworthy but
if we all connect to them then AFAICS routing breaks (plus their nodes would
likely be DDoS'd ..)

> I guess another way to look at it is that the network seems to be going
> towards being more useful for people in countries like China and less
> useful for people in the US.  Plausable deniability is more useful in the
> US, whereas secrecy is more useful in China.  While I feel for people in
> China, I myself am in the US, and so therefore look at the project from my
> point of view (especially in the current political climate).

It is not beyond the bounds of possibility that freenet could be banned in
western countries too. The UK gov for example is reactionary, authoritarian and
power hungry - all it would take is one high-profile paedophille case or
suchlike to whip the tabloids up into a frenzy, and a wish list bill pre-written
by the security services could probably be rushed through parliament. We already
have state level internet censorship and monitoring. The US is much the same, in
spite of supposed constitutional free speech protections.

> I'm also a bit concerned about the constant restarts, it seems that the
> project is following the "fad security of the month" (although networks of
> trust were around with PGP like 10 years ago).

Well, as you see there will still be an opennet sort of like the current
freenet. The reasons given over the months for the other changes and in
particular the introduction of darknets all seem rational to me. It's a fact
that freenet 0.5 doesn't perform very well, is harvestable etc and these
problems need to be addressed somehow.

> Anyway, the reason I'm asking about this is because I currently have
> Paypal set up to donate $20/month to the project, but I'm not
> sure if I like the direction it's going.
> 
> Any better explanation of how this will work (mainly "how can I connect if
> I don't already know someone") would be greately appreciated.
> 
> Thanks.
> 
> --- John

Bob

[freenet-support] Re: Hypothetical question...

2005-09-17 Thread Bob 
Matthew Toseland <[EMAIL PROTECTED]> writes:

--snip--
> No, there will be an opennet. It will probably operate on similar
> principles to the current 0.5 network, but will be 0.7.
> > 
> > We could have a rotating public nodes system like we currently do with
> > seednodes.ref, but surely this would horribly break the routing?
> 
> Not necessarily.

So the friend small-world thing is purely for the scalable darknet, and the
opennet will use something like ngrouting?

> We have state level internet censorship?

Slight hyperbole perhaps, but the apparatus is there and it seems to be
happening. Right now known child porn sites are banned at the backbone/telco
level, which is fine, but this shows worrying signs of being expanded. Next on
the list is any criticism of a religion deemed to be "hate speech", and porn
deemed by some undefined party to be too "violent". The proposed incitement to
terrorism stuff is a bit open ended too.

http://news.bbc.co.uk/1/hi/uk/4195332.stm
OMG, must censor teh internets to protect our children because we have no
parenting skills. As for the insinuation that any porn harder than is allowed to
be sold in a UK sex shop must be censored, good luck censoring a third of the
internet.

http://news.bbc.co.uk/1/hi/uk_politics/3871867.stm
Scientologists rub their hands in glee as they gain a new weapon. Pointing out
Mohammed was by modern standards a paedo == offence? Claiming the 'lost books'
of the Bible that say Jesus had homosexual relations, served a hallucinogen at
the last supper etc. exist == offence? Etcetera.

http://news.bbc.co.uk/1/hi/uk_politics/4247638.stm
"Powers to tackle bookshops selling extremist material". So Mein Kampf is going
to be a thoughtcrime here too? Maybe we could have public bonfires of the
offending books while the security forces march around them and shout slogans,
y'know, to drive the point home.

Bob


___
Support mailing list
Support@freenetproject.org
http://news.gmane.org/gmane.network.freenet.support
Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support
Or mailto:[EMAIL PROTECTED]

Re: [freenet-support] Re: Hypothetical question...

2005-09-17 Thread Matthew Toseland 
On Sat, Sep 17, 2005 at 03:53:27PM +, Bob wrote:
> John Meeks <[EMAIL PROTECTED]> writes:
> 
> > The new information about version 0.7 sounds pretty good, but one thing
> > about it concerns me.  Assuming I don't know anyone who is using freenet,
> > how do I get onto the network?  (Remember, I'm asking this about the next
> > version, since it says you can only connect if a "friend" lets you.
> > Assuming I don't have a friend already using freenet, how do I get
> > connected?)
> 
> As I understand it there will be two options : join the opennet, which is 
> public
> and harvestable like the current freenet (but hopefully has better performance
> etc), or join / create a private darknet which isn't. However, given that the
> routing model is predicated around the "friends form small-world networks"
> concept I think even the opennet is supposed to be joined via the noderefs of
> friend(s). This is of concern to me as well, I don't know anyone IRL who runs
> freenet. 

No, there will be an opennet. It will probably operate on similar
principles to the current 0.5 network, but will be 0.7.
> 
> We could have a rotating public nodes system like we currently do with
> seednodes.ref, but surely this would horribly break the routing?

Not necessarily.
> 
> > This change worries me (unless I'm mis-understanding it), since it
> > basically ties the network to a group of real-life friends, it creates a
> > nice friendly map that the authorities could use to find everyone
> > interested in a given subject.  I don't think the Chinese government would
> > have any problems getting someone's computer and seeing all the "friends"
> > it lists.
> 
> The idea of darknets is that they're not practical to detect. Assuming this is
> the case, if e.g. CCP busted one darknet-running dissident through some other
> means and got the chance to examine their computer, they could also find 
> others
> in that darknet. Hopefully dissidents in such situations have the sense to
> organise like terrorist cells so that damage is limited in this case.
> 
> > In short, it seems like this change would create a set of isolated
> > networks, and remove the plausable deniability of the previous network.
> 
> True to some extent, but the whole point of darknets is that they are isolated
> and secret. There is already a seperate freenet 0.5 network in China. An 
> opennet
> node could be run to push content from darknets onto the public network, or 
> vice
> versa, although this is probably risky for a dissident to do.
> 
> > The "network of trust" concept seems to me to be deeply flawed, since
> > spies have been able to infiltrate even the most guarded networks of
> > "friends" (ie. the Mafia, the Manhattan project, etc).  Trusting "some guy
> > I met on the internet" doesn't seem like something I'd really want to do.
> 
> Yeah, I could find freenet people on the 'net but not IRL, and as you say this
> makes strong trust difficult. Obviously core project people are trustworthy 
> but
> if we all connect to them then AFAICS routing breaks (plus their nodes would
> likely be DDoS'd ..)
> 
> > I guess another way to look at it is that the network seems to be going
> > towards being more useful for people in countries like China and less
> > useful for people in the US.  Plausable deniability is more useful in the
> > US, whereas secrecy is more useful in China.  While I feel for people in
> > China, I myself am in the US, and so therefore look at the project from my
> > point of view (especially in the current political climate).
> 
> It is not beyond the bounds of possibility that freenet could be banned in
> western countries too. The UK gov for example is reactionary, authoritarian 
> and
> power hungry - all it would take is one high-profile paedophille case or
> suchlike to whip the tabloids up into a frenzy, and a wish list bill 
> pre-written
> by the security services could probably be rushed through parliament. We 
> already
> have state level internet censorship and monitoring. The US is much the same, 
> in
> spite of supposed constitutional free speech protections.

We have state level internet censorship?
> 
> > I'm also a bit concerned about the constant restarts, it seems that the
> > project is following the "fad security of the month" (although networks of
> > trust were around with PGP like 10 years ago).
> 
> Well, as you see there will still be an opennet sort of like the current
> freenet. The reasons given over the months for the other changes and in
> particular the introduction of darknets all seem rational to me. It's a fact
> that freenet 0.5 doesn't perform very well, is harvestable etc and these
> problems need to be addressed somehow.
> 
> > Anyway, the reason I'm asking about this is because I currently have
> > Paypal set up to donate $20/month to the project, but I'm not
> > sure if I like the direction it's going.
> > 
> > Any better explanation of how this will work (mainly "how can I connect if
> > I don't

[freenet-support] Re: Hypothetical question...

2005-09-17 Thread Bob 
John Meeks <[EMAIL PROTECTED]> writes:

> The new information about version 0.7 sounds pretty good, but one thing
> about it concerns me.  Assuming I don't know anyone who is using freenet,
> how do I get onto the network?  (Remember, I'm asking this about the next
> version, since it says you can only connect if a "friend" lets you.
> Assuming I don't have a friend already using freenet, how do I get
> connected?)

As I understand it there will be two options : join the opennet, which is public
and harvestable like the current freenet (but hopefully has better performance
etc), or join / create a private darknet which isn't. However, given that the
routing model is predicated around the "friends form small-world networks"
concept I think even the opennet is supposed to be joined via the noderefs of
friend(s). This is of concern to me as well, I don't know anyone IRL who runs
freenet. 

We could have a rotating public nodes system like we currently do with
seednodes.ref, but surely this would horribly break the routing?

> This change worries me (unless I'm mis-understanding it), since it
> basically ties the network to a group of real-life friends, it creates a
> nice friendly map that the authorities could use to find everyone
> interested in a given subject.  I don't think the Chinese government would
> have any problems getting someone's computer and seeing all the "friends"
> it lists.

The idea of darknets is that they're not practical to detect. Assuming this is
the case, if e.g. CCP busted one darknet-running dissident through some other
means and got the chance to examine their computer, they could also find others
in that darknet. Hopefully dissidents in such situations have the sense to
organise like terrorist cells so that damage is limited in this case.

> In short, it seems like this change would create a set of isolated
> networks, and remove the plausable deniability of the previous network.

True to some extent, but the whole point of darknets is that they are isolated
and secret. There is already a seperate freenet 0.5 network in China. An opennet
node could be run to push content from darknets onto the public network, or vice
versa, although this is probably risky for a dissident to do.

> The "network of trust" concept seems to me to be deeply flawed, since
> spies have been able to infiltrate even the most guarded networks of
> "friends" (ie. the Mafia, the Manhattan project, etc).  Trusting "some guy
> I met on the internet" doesn't seem like something I'd really want to do.

Yeah, I could find freenet people on the 'net but not IRL, and as you say this
makes strong trust difficult. Obviously core project people are trustworthy but
if we all connect to them then AFAICS routing breaks (plus their nodes would
likely be DDoS'd ..)

> I guess another way to look at it is that the network seems to be going
> towards being more useful for people in countries like China and less
> useful for people in the US.  Plausable deniability is more useful in the
> US, whereas secrecy is more useful in China.  While I feel for people in
> China, I myself am in the US, and so therefore look at the project from my
> point of view (especially in the current political climate).

It is not beyond the bounds of possibility that freenet could be banned in
western countries too. The UK gov for example is reactionary, authoritarian and
power hungry - all it would take is one high-profile paedophille case or
suchlike to whip the tabloids up into a frenzy, and a wish list bill pre-written
by the security services could probably be rushed through parliament. We already
have state level internet censorship and monitoring. The US is much the same, in
spite of supposed constitutional free speech protections.

> I'm also a bit concerned about the constant restarts, it seems that the
> project is following the "fad security of the month" (although networks of
> trust were around with PGP like 10 years ago).

Well, as you see there will still be an opennet sort of like the current
freenet. The reasons given over the months for the other changes and in
particular the introduction of darknets all seem rational to me. It's a fact
that freenet 0.5 doesn't perform very well, is harvestable etc and these
problems need to be addressed somehow.

> Anyway, the reason I'm asking about this is because I currently have
> Paypal set up to donate $20/month to the project, but I'm not
> sure if I like the direction it's going.
> 
> Any better explanation of how this will work (mainly "how can I connect if
> I don't already know someone") would be greately appreciated.
> 
> Thanks.
> 
> --- John

Bob


___
Support mailing list
Support@freenetproject.org
http://news.gmane.org/gmane.network.freenet.support
Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support
Or mailto:[EMAIL PROTECTED]