Re: [freenet-support] Building a new censorship circumvention tool: what do we need to know?
Spam detection software, running on the system "freenetproject.org", has identified this incoming email as possible spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: ] You could use YaCy for that:http://www.yacy.net Ivan, Arne Thanks for your replies. I looked at YaCy. It's new to me. [...] Content analysis details: (5.6 points, 5.0 required) pts rule name description -- -- 2.0 FREENET_FROM_BACKUPMX Received from the backup-MX server 0.8 BAYES_50 BODY: Bayes spam probability is 40 to 60% [score: 0.5000] 2.0 FREENET_LOC_SHORT Contains short body and URI 0.8 RDNS_NONE Delivered to internal network by a host with no rDNS --- Begin Message --- ] You could use YaCy for that:http://www.yacy.net Ivan, Arne Thanks for your replies. I looked at YaCy. It's new to me. Best wishes, Robert --- End Message --- ___ Support mailing list Support@freenetproject.org http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:support-requ...@freenetproject.org?subject=unsubscribe
Re: [freenet-support] Building a new censorship circumvention tool: what do we need to know?
Arne Babenhauserheide (2017-02-21 18:44:48 +0100) wrote: > Do I remember correctly that the bundler replicates the site as is — > with all its dangers to privacy? (Freenet provides heavy whitelist > filtering to protect its users from uploaded content). Sorry, but I do not know the software that much, but thanks for the heads up, it'll be useful if we decide to work more on bundler. > >> > 3. Access to censored dynamic content (i.e. web apps) is > >> > possible. > >> > >> That’s a hard one. You’d need to remodel the web apps to use > >> Freenet as backend instead of the clearnet. > >> > >> I do not think that it is possible at all to provide anything which > >> uses Javascript and at the same time preserve the anonymity of your > >> users. > > > > Yeah, that's a hard one, that's why we may probably end up combining > > several tools. > > You could even go as far as simply re-developing popular tools on top > of Freenet as locally running tools. That might turn out to be easier > than trying to secure javascript. Yes probably, but we have limited resources and code reuse may save much effort. For some particular components providing a "more native" solution may still be feasible, and the projects you're working (and mainly babcom) on may be of special interest there.`:)` Thanks again for your advice! -- Ivan Vilata i Balaguer ___ Support mailing list Support@freenetproject.org http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:support-requ...@freenetproject.org?subject=unsubscribe
Re: [freenet-support] Building a new censorship circumvention tool: what do we need to know?
Ivan Vilata-i-Balaguer writes: > Robert John Morton (2017-02-20 08:19:36 -0300) wrote: > >> Dear CENO team: >> >> An extremely worth-while and timely project. I wish you well. >> >> I think that the deliberate exclusion of sites from popular search engine >> listings is one of the worst forms of censorship on the Web. Perhaps the >> only way to combat this is to create a search engine that has no commercial >> or political motives behind it: an "open source" search engine if you like. >> But it would have to be made popular and that's the difficult part. You could use YaCy for that: http://www.yacy.net Best wishes, Arne ___ Support mailing list Support@freenetproject.org http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:support-requ...@freenetproject.org?subject=unsubscribe
Re: [freenet-support] Building a new censorship circumvention tool: what do we need to know?
Hi Ivan, Ivan Vilata-i-Balaguer writes: > Hi Arne, thanks for the insights and the links. Please note that the > current CENO project is actually using Freenet as a signalling and > storage backend!`:)` It’s great to know that this is still the case! >> (I submitted a project plan for improving this to NLnet which shows what >> would have to be done for an uncensorable and attack resistant >> news-network. It got into the short-list but wasn’t selected for >> funding: http://www.draketo.de/english/freenet/news-of-the-day ) > > That looks like a very interesting system! CENO already includes some > RSS feeds from selected sites, I'm not sure how this would aling with > the particular requirement (we were focusing more in web sites), but > it's without doubt an innovative approach. Thanks for sharing it! I’d have liked to finish it faster, but that requires about 10k€ to finance the required WoT speedups (WoT interaction is what currently slows down the system the most). >> > 2. Censored content is made available within a reasonable time. >> >> Just ask someone to run >> >> copyweb -d ; freesitemgr add >> >> Or integrate that functionality into a program. You might want to use >> beautifulsoup to clean up the code for the Freenet content filter, i.e.: >> http://127.0.0.1:/freenet:USK@0iU87PXyodL2nm6kCpmYntsteViIbMwlJE~wlqIVvZ0,nenxGvjXDElX5RIZxMvwSnOtRzUKJYjoXEDgkhY6Ljw,AQACAAE/freenetproject-mirror/491/update.sh?type=text/plain > > CENO currently uses [bundler](https://github.com/equalitie/bundler), > which does a similar task. Thanks for the hints! Do I remember correctly that the bundler replicates the site as is — with all its dangers to privacy? (Freenet provides heavy whitelist filtering to protect its users from uploaded content). >> > 3. Access to censored dynamic content (i.e. web apps) is possible. >> >> That’s a hard one. You’d need to remodel the web apps to use Freenet as >> backend instead of the clearnet. >> >> I do not think that it is possible at all to provide anything which uses >> Javascript and at the same time preserve the anonymity of your users. > > Yeah, that's a hard one, that's why we may probably end up combining > several tools. You could even go as far as simply re-developing popular tools on top of Freenet as locally running tools. That might turn out to be easier than trying to secure javascript. > Wow, these a very useful links, thanks! We should communicate more often. >> […] PS: I’m only a few more hours away from being able to do proper >> Freenet releases, so we can finally deploy improvements to the >> freenet core again. > > Cool, good luck with that, and thanks again for the very informative > reply! Good luck to you, too! And Happy Hacking! - Arne ___ Support mailing list Support@freenetproject.org http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:support-requ...@freenetproject.org?subject=unsubscribe
Re: [freenet-support] Building a new censorship circumvention tool: what do we need to know?
Hi, thanks for your advice! Maybe I should have mentioned that the current version of the project does use Freenet for signalling and storage, so we already enjoy these features from Freenet. The harder part will surely be dynamic or user-dependent content, along maybe privacy-preserving statistics, so we may en up combining several tools. Regarding content availability, we were more focused in replicated content (as with Freenet), but we got a couple suggestions regarding mesh networking. That's a more ambitious solution, but we may give some thought to it. Thank you! Freenet (2017-02-21 07:46:00 +) wrote: > Ivan Vilata-i-Balaguer: > > > > 1. Content is available under censorship conditions, ideally even > > after connection to the Internet has been completely cut for a > > whole region. > > Try http://project-byzantium.org/ for inspiration. Maybe also > https://github.com/cjdelisle/cjdns. Freenet can use ShoeShop to move > fblobs via sneakernet. > > > 2. Censored content is made available within a reasonable time. > > FLIP (Freenet's IRC) has RTT of about 45 seconds. > > > 3. Access to censored dynamic content (i.e. web apps) is possible. > > Userscripts can give JavaScript, but any Turing complete code will be an > issue to secure. > > > 4. The system benefits from the user's participation, and is resistant > > to participants dropping off and to rogue nodes in the hands of the > > censor. > > Freenet does this. > > > 5. Users of the system are anonymous to someone observing their > > traffic, even if that someone is a participant in the system. > > Freenet mostly does this. Darknet protects against currently known attacks. > > > 6. Users' devices don't reveal the content that they or other users > > have accessed. > > Set up something like https://tails.boum.org/ > > > 7. The system is amenable to privacy-preserving analytics to check its > > impact. > > There are a couple projects that monitor the state of Freenet. -- Ivan Vilata i Balaguer ___ Support mailing list Support@freenetproject.org http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:support-requ...@freenetproject.org?subject=unsubscribe
Re: [freenet-support] Building a new censorship circumvention tool: what do we need to know?
Arne Babenhauserheide (2017-02-20 22:12:59 +0100) wrote: > Hi Ivan, Dear eQualit.ie Hackers, > > Aside from the web-apps part, Freenet can already provide everything > you asked for. Hi Arne, thanks for the insights and the links. Please note that the current CENO project is actually using Freenet as a signalling and storage backend!`:)` > Ivan Vilata-i-Balaguer writes: > > 1. Content is available under censorship conditions, ideally even > > after connection to the Internet has been completely cut for a > > whole region. > > If you still have IP-based connections to people inside the region, this > is the case, if you run a specialized darknet within that region (so > content only gets replicated within the regional net). > > There are already tools to make automatic Freenet connections. Talk to > Michael Grube (thesnark). > > For auto-spawning Freenet nodes when an application is started, see > https://github.com/ArneBab/lib-pyFreenet-staging/blob/py3/freenet3/spawn.py > > For communication with sub-5-minute latency from external programs, see > https://github.com/ArneBab/lib-pyFreenet-staging/blob/py3/babcom.py > > (I submitted a project plan for improving this to NLnet which shows what > would have to be done for an uncensorable and attack resistant > news-network. It got into the short-list but wasn’t selected for > funding: http://www.draketo.de/english/freenet/news-of-the-day ) That looks like a very interesting system! CENO already includes some RSS feeds from selected sites, I'm not sure how this would aling with the particular requirement (we were focusing more in web sites), but it's without doubt an innovative approach. Thanks for sharing it! > > 2. Censored content is made available within a reasonable time. > > Just ask someone to run > > copyweb -d ; freesitemgr add > > Or integrate that functionality into a program. You might want to use > beautifulsoup to clean up the code for the Freenet content filter, i.e.: > http://127.0.0.1:/freenet:USK@0iU87PXyodL2nm6kCpmYntsteViIbMwlJE~wlqIVvZ0,nenxGvjXDElX5RIZxMvwSnOtRzUKJYjoXEDgkhY6Ljw,AQACAAE/freenetproject-mirror/491/update.sh?type=text/plain CENO currently uses [bundler](https://github.com/equalitie/bundler), which does a similar task. Thanks for the hints! > > 3. Access to censored dynamic content (i.e. web apps) is possible. > > That’s a hard one. You’d need to remodel the web apps to use Freenet as > backend instead of the clearnet. > > I do not think that it is possible at all to provide anything which uses > Javascript and at the same time preserve the anonymity of your users. Yeah, that's a hard one, that's why we may probably end up combining several tools. > > 4. The system benefits from the user's participation, and is resistant > > to participants dropping off and to rogue nodes in the hands of the > > censor. > > Resilient yes, for absolute resistance, you need to replicate > everything, which limits the amount of data you can provide. > > > 5. Users of the system are anonymous to someone observing their > > traffic, even if that someone is a participant in the system. > > Jepp. A weak yes for automatic connections, a strong yes, if they > connect to people they know. > > > 6. Users' devices don't reveal the content that they or other users > > have accessed. > > Jepp (as long as you use a separate browser in incognito mode). > > > 7. The system is amenable to privacy-preserving analytics to check its > > impact. > > Jepp. > > i.e. http://asksteved.com/stats/2 — though it’s currently in sleep mode, > there’s a new site for that in Freenet: > http://127.0.0.1:/USK@2zwBwyJeZnkbqH0N7WZXp6BQqR1Ys85rkthOFvfXOts,HIouq2elJyNt9VIsFfYbYmtvinOEeeY3LAAKVUqiSXo,AQACAAE/YAFS/175/ Wow, these a very useful links, thanks! > […] PS: I’m only a few more hours away from being able to do proper > Freenet releases, so we can finally deploy improvements to the > freenet core again. Cool, good luck with that, and thanks again for the very informative reply! -- Ivan Vilata i Balaguer ___ Support mailing list Support@freenetproject.org http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:support-requ...@freenetproject.org?subject=unsubscribe
Re: [freenet-support] Building a new censorship circumvention tool: what do we need to know?
Robert John Morton (2017-02-20 08:19:36 -0300) wrote: > Dear CENO team: > > An extremely worth-while and timely project. I wish you well. > > I think that the deliberate exclusion of sites from popular search engine > listings is one of the worst forms of censorship on the Web. Perhaps the > only way to combat this is to create a search engine that has no commercial > or political motives behind it: an "open source" search engine if you like. > But it would have to be made popular and that's the difficult part. > > More determined censoring, I suppose, is where a particular government > blocks content at specific IP addresses from entering its jurisdiction. I > imagine that a set of obscured relays could manage this by making censored > content available via unblocked addresses. This could, however, end up as a > cat and mouse chase in which the content consumer would have to be able to > hop quickly to ever-changing unblocked IP addresses. > > Many difficult problems but well worth overcoming. Thanks for your reply, Robert. The search engine issue is one aspect I hadn't reflected upon, and it may indeed have very broad consequences given the way the web is used nowadays. Thanks again for your comments! -- Ivan Vilata i Balaguer ___ Support mailing list Support@freenetproject.org http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:support-requ...@freenetproject.org?subject=unsubscribe
Re: [freenet-support] Building a new censorship circumvention tool: what do we need to know?
Ivan Vilata-i-Balaguer: > > 1. Content is available under censorship conditions, ideally even > after connection to the Internet has been completely cut for a > whole region. Try http://project-byzantium.org/ for inspiration. Maybe also https://github.com/cjdelisle/cjdns. Freenet can use ShoeShop to move fblobs via sneakernet. > 2. Censored content is made available within a reasonable time. FLIP (Freenet's IRC) has RTT of about 45 seconds. > 3. Access to censored dynamic content (i.e. web apps) is possible. Userscripts can give JavaScript, but any Turing complete code will be an issue to secure. > 4. The system benefits from the user's participation, and is resistant > to participants dropping off and to rogue nodes in the hands of the > censor. Freenet does this. > 5. Users of the system are anonymous to someone observing their > traffic, even if that someone is a participant in the system. Freenet mostly does this. Darknet protects against currently known attacks. > 6. Users' devices don't reveal the content that they or other users > have accessed. Set up something like https://tails.boum.org/ > 7. The system is amenable to privacy-preserving analytics to check its > impact. There are a couple projects that monitor the state of Freenet. ___ Support mailing list Support@freenetproject.org http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:support-requ...@freenetproject.org?subject=unsubscribe
Re: [freenet-support] Building a new censorship circumvention tool: what do we need to know?
Arne Babenhauserheide writes: > Hi Ivan, Dear eQualit.ie Hackers, > > Aside from the web-apps part, Freenet can already provide everything you > asked for. > > Ivan Vilata-i-Balaguer writes: >> 1. Content is available under censorship conditions, ideally even >> after connection to the Internet has been completely cut for a >> whole region. > > If you still have IP-based connections to people inside the region, this > is the case, if you run a specialized darknet within that region (so > content only gets replicated within the regional net). > > There are already tools to make automatic Freenet connections. Talk to > Michael Grube (thesnark). > > For auto-spawning Freenet nodes when an application is started, see > https://github.com/ArneBab/lib-pyFreenet-staging/blob/py3/freenet3/spawn.py > > For communication with sub-5-minute latency from external programs, see > https://github.com/ArneBab/lib-pyFreenet-staging/blob/py3/babcom.py > > (I submitted a project plan for improving this to NLnet which shows what > would have to be done for an uncensorable and attack resistant > news-network. It got into the short-list but wasn’t selected for > funding: http://www.draketo.de/english/freenet/news-of-the-day ) > >> 2. Censored content is made available within a reasonable time. > > Just ask someone to run > PS: I’m only a few more hours away from being able to do proper Freenet > releases, so we can finally deploy improvements to the freenet core > again. PPS: See http://www.draketo.de/proj/freenet-release-management/ -- Unpolitisch sein heißt politisch sein ohne es zu merken signature.asc Description: PGP signature ___ Support mailing list Support@freenetproject.org http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:support-requ...@freenetproject.org?subject=unsubscribe
Re: [freenet-support] Building a new censorship circumvention tool: what do we need to know?
Hi Ivan, Dear eQualit.ie Hackers, Aside from the web-apps part, Freenet can already provide everything you asked for. Ivan Vilata-i-Balaguer writes: > 1. Content is available under censorship conditions, ideally even > after connection to the Internet has been completely cut for a > whole region. If you still have IP-based connections to people inside the region, this is the case, if you run a specialized darknet within that region (so content only gets replicated within the regional net). There are already tools to make automatic Freenet connections. Talk to Michael Grube (thesnark). For auto-spawning Freenet nodes when an application is started, see https://github.com/ArneBab/lib-pyFreenet-staging/blob/py3/freenet3/spawn.py For communication with sub-5-minute latency from external programs, see https://github.com/ArneBab/lib-pyFreenet-staging/blob/py3/babcom.py (I submitted a project plan for improving this to NLnet which shows what would have to be done for an uncensorable and attack resistant news-network. It got into the short-list but wasn’t selected for funding: http://www.draketo.de/english/freenet/news-of-the-day ) > 2. Censored content is made available within a reasonable time. Just ask someone to run copyweb -d ; freesitemgr add Or integrate that functionality into a program. You might want to use beautifulsoup to clean up the code for the Freenet content filter, i.e.: http://127.0.0.1:/freenet:USK@0iU87PXyodL2nm6kCpmYntsteViIbMwlJE~wlqIVvZ0,nenxGvjXDElX5RIZxMvwSnOtRzUKJYjoXEDgkhY6Ljw,AQACAAE/freenetproject-mirror/491/update.sh?type=text/plain > 3. Access to censored dynamic content (i.e. web apps) is possible. That’s a hard one. You’d need to remodel the web apps to use Freenet as backend instead of the clearnet. I do not think that it is possible at all to provide anything which uses Javascript and at the same time preserve the anonymity of your users. > 4. The system benefits from the user's participation, and is resistant > to participants dropping off and to rogue nodes in the hands of the > censor. Resilient yes, for absolute resistance, you need to replicate everything, which limits the amount of data you can provide. > 5. Users of the system are anonymous to someone observing their > traffic, even if that someone is a participant in the system. Jepp. A weak yes for automatic connections, a strong yes, if they connect to people they know. > 6. Users' devices don't reveal the content that they or other users > have accessed. Jepp (as long as you use a separate browser in incognito mode). > 7. The system is amenable to privacy-preserving analytics to check its > impact. Jepp. i.e. http://asksteved.com/stats/ — though it’s currently in sleep mode, there’s a new site for that in Freenet: http://127.0.0.1:/USK@2zwBwyJeZnkbqH0N7WZXp6BQqR1Ys85rkthOFvfXOts,HIouq2elJyNt9VIsFfYbYmtvinOEeeY3LAAKVUqiSXo,AQACAAE/YAFS/175/ > We know that we'll probably need a combination of several tools to > achieve these properties, so we're not looking for a silver bullet but > rather some advice and suggestions from you that may help us move in the > right direction. We will be dedicating at least 2 years solid > development to a chosen infrastructure design and hope to contribute to > existing models, as part of our (likely hybrid) appraoch to the > eventuating infrastructure. Nice! Best wishes, Arne PS: I’m only a few more hours away from being able to do proper Freenet releases, so we can finally deploy improvements to the freenet core again. -- Unpolitisch sein heißt politisch sein ohne es zu merken signature.asc Description: PGP signature ___ Support mailing list Support@freenetproject.org http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:support-requ...@freenetproject.org?subject=unsubscribe
Re: [freenet-support] Building a new censorship circumvention tool: what do we need to know?
Dear CENO team: An extremely worth-while and timely project. I wish you well. I think that the deliberate exclusion of sites from popular search engine listings is one of the worst forms of censorship on the Web. Perhaps the only way to combat this is to create a search engine that has no commercial or political motives behind it: an "open source" search engine if you like. But it would have to be made popular and that's the difficult part. More determined censoring, I suppose, is where a particular government blocks content at specific IP addresses from entering its jurisdiction. I imagine that a set of obscured relays could manage this by making censored content available via unblocked addresses. This could, however, end up as a cat and mouse chase in which the content consumer would have to be able to hop quickly to ever-changing unblocked IP addresses. Many difficult problems but well worth overcoming. Robert John Morton Belo Horizonte-MG, Brasil ___ Support mailing list Support@freenetproject.org http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:support-requ...@freenetproject.org?subject=unsubscribe