>For a while now, we have been working on the distribution servlet, which >is basically designed to allow people to give copies of Freenet, together >with seednodes, to their friends
erm - why? doesn't there exist some webinstallers? just bundle a webinstaller (or even a webinstaller-installer) with your seednodes and mail them away to the new user. hu will then receive this mail with some installing instructions/installer files and can build up hus (sounds stupid :p) node. the needed jar files can be d/led fom /snapshots/, or, if you think this may be potentially tainted somehow, d/led by a minimal-fred provided by the installer from the freenet under a CHK or SSK-site, which will contain all releases of fred, inserted by the developers. either way you will have a weak spot: the program that installs fred. either it will report you to someone or download a modified fred and install that one on your system. or you can not guarantee that your /snapshot/ files are valid, if you point the new user to the url to let him download the files all by himself. one possible way is to mirror the released snapshots and version within freenet, so noone can touch them, but to be able to rerach them, you already have to be able to access freenet, this speaks for a mini-fred, which will download the files for you. but the miniinstaler can be tainted, too, leaving you with a loop of possible weak points. i personally have no clue how you can make *sure* a user gets untainted files if the user does not have already freenet access. maybe it would be wise to start a new site within freenet, which will mirror the developers' cvs tree and snapshots *done by a trusted person (=devl)*, so one can be sure, the /snapshots/ files are not the only location to get one of the newer builds (it is possible to modify streams from a webserver, so you can be sure, it is possible to modify the response to your "get some file from snapshots" in that way, that you will receive a modified fred which can harm your anonymity) so at least you can make *sure* the user will stay "clean" if you start inserting the snapshots within freenet and use a SSK'ed site to gather them, too ---~~--- geeh - i think i have to read my mails more often so i've got to add something to General Discussion, nearly all of my topics have been adressed so far by others ;) _______________________________________________ support mailing list [EMAIL PROTECTED] http://hawk.freenetproject.org/cgi-bin/mailman/listinfo/support
