Am Montag, 30. November 2015, 14:58:39 schrieb Matthew Toseland: > On 30/11/15 13:40, Arne Babenhauserheide wrote: > > Am Samstag, 28. November 2015, 14:52:23 schrieb Matthew Toseland: > >> But then Freenet was always just one piece of the puzzle > Okay, first, can we agree on this bit? "Freenet is one piece of the > puzzle". It doesn't provide a secure operating system to run it on, good > disk encryption, or an internet backbone!
If you go that deeply, yes.
> >> - a research project really.
> > I don’t think people contributed or donated for that. Also, and I
> > agree with earlier complaints about that, a research project does not
> > need an auto-updater, content-filters, support for websites, forums, a
> > full-fledged client-protocol, and so forth.
> That depends on the nature of your research. I think we have benefited
> considerably from having actual users testing the network. Even security
> testing it, if they do it in such a way that we can make use of it (e.g.
> Frost!).
>
> We signal this tentative status in the first-time wizard, in the logs,
> in the FAQ, and in the version number being less than 1.0. We do not
> provide any guarantees of security. If your life depends on Freenet's
> security, either you're a fool, or you're in a really dark place.
We’re saying “We SUCK” instead of saying for whom Freenet already works.
> I do not approve of the hand-wavy simulations without source code school
> of research. Lots of papers are not only not implemented but probably
> not implementable. Such as PISCES. :(
Research is that, unfinished, often only partially working, only
applicable for the explicitly stated goal.
> > Either we’re a research project, then we can strip out most of the
> > features in Freenet, tell our users that we don’t care about them and
> > let Freenet be replaced by the newest results of sensor network
> > research, or we’re a project which aims at providing the technical
> > foundation for freedom of the press, then we need to make Freenet easy
> > to use und robust, and we need to know and communicate for whom it can
> > already provide reasonable security.
> Is there a group of people for whom it can provide reasonable security?
If you want to write a blog on some specialized topic without
connecting it to your own identity, the security is pretty good.
If you want to communicate confidentially with your friends, you can
do so over darknet connections.
> What is your threat model? If it doesn't include at least one state, it
> should: They usually are out to get you if you're doing anything at all
> controversial, as we've seen fairly frequently even in western
> countries!
Let’s say you write slash fanfiction. The legal status of that is
unclear, and you might not want your colleagues to know about the
stories you write. Aragorn/Legolas anyone? If you do it on the regular
internet (or, even worse, via Facebook), it’s only a matter of time
until some profile pages connect your online-ID to your real ID. And
then that information is out there.
Assume that you like to write horror songs in the Star Trek
universe. 20 years ago you would have published that under a Pseudonym
in specialized journals, like Let’s Filk About.
> There are lots of reasons why it's hard to get darknet peers.
> 1. Freenet is uncensorable. Most people find this offensive.
We cannot fix that. We could reduce that, though, by only providing
indexes in the default bookmarks which are created by anonymous people
who don’t include offensive content.
> 2. Freenet needs an always-on always-connected device, especially on
> darknet. Most people don't have one, the costs are significant.
This is not true. 2-12 hours runtime are completely OK. We would have
this using mobile phones which run Freenet only while plugged into
power and already mostly charged and connected over WiFi.
> 3. Darknet is slow.
This is not true. 5-10 Darknet connections are enough to get good
performance.
> >> I have no idea what you mean by "node pinning".
> > I guess it could be either reconnecting through old opennet peers, or
> > reusing the same seednode. Both would make it harder to start new
> > attacks against opennet users (as in “it would make it slower”).
> Marginally. Old opennet peer connections don't often work because when
> you want to reconnect your old peer probably doesn't - even if it hasn't
> changed its IP address.
Why can’t we fix that?
> unless we can charge real money for joining opennet
I want to say this once and clear: Anything which makes it harder for
people to join is a really, really dumb idea, and charging money will
make it harder for legitimate users while making it easier for
attackers (who have a lot more money).
Take the one thing of which the attackers have much more than we do
(money to burn) and use that to restrict access to the easy-to-use
tier of Freenet. Take the one thing which is perfectly traceable — and
has to be tracable to limit organized crime — and use that to restrict
access to an anonymizing network? That’s dumb, strategically as well
as tactically.
Paying for opennet will lead to mostly reserving Freenet usage to
criminals, destroying any utility of Freenet for anyone I care about.
If we want to consider any pay-layer, it would be
pay-for-fast-darknet-peer. That does not need any centralization.
> And it would all be a huge amount of work - and without some real
> scarcity backing it it would achieve very little. What's cheap for real,
> lowest common denominator users but expensive for attackers? AFAICS
> nothing, not even IP addresses.
Darknet. That’s why we have it.
Could we stop the talk about paying for opennet once and for all — and
instead start fixing Darknet?
We still have no one-click darknet introduction bundles, and no
darknet FOAF. As long as I cannot send a friend a zip with a prepared
Freenet node which connects to me and can route over my darknet
friends, any work which only benefits opennet shows totally warped
priorities.
Best wishes,
Arne
--
Celebrate with ye beauty and gather yer friends for a Pirate Party!
→ http://1w6.org/english/flyerbook-rules#pirate-party ←
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Devl mailing list [email protected] https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
