You're jumping the gun, first I'm just trying to agree on the high level categories. These items will be useful in stage #2
-- sent from my phone, please excuse brevity and typos On May 5, 2016 21:04, <[email protected]> wrote: > Thanks! > I'll start with my proposals. I'll put ideas about your proposals in a > separate reply, it's easier to discuss different people's proposals in a > thread of their own. > > > SPEED: > > Improving Web of Trust (WoT) performance. > > This would complete the first iteration of the most critical algorithmic > performance fixes, which was the subject of my previous 2 years of work. It > would thus ensure that this work is not left in an unfinished state. > > 3 of 4 of the fixes of the first iteration have been completed: > - Finished: Event-notifications (see build0014 Changelog) > - Finished: Trust list queueing (see build0016 Changelog) > - Finished: Core algorithm fixes (see my bachelor's thesis / build0018) > - Remaining: Reduce O(N²) USK subscriptions to O(N): > https://bugs.freenetproject.org/view.php?id=3816 > > The future second iteration would deal with less severe changes. > I'd call this iteration "first" because finishing it would allow us to > finally start encouraging users to actually use the applications built on > WoT. > > Many of the most interesting already existing client applications depend on > WoT: > - Social networking (Sone) > - Blogging (FlogHelper) > - Forums (Freetalk) > - Mail (Freemail) > - Distributed version control (various tools for Git / Mercurial over > Freenet) > > We currently don't deploy any of those as part of the default > configuration. > While this is partly due to certain lack of polishing in those apps > themselves, the primary reason is that WoT would be too much of a resource > hog > to deploy by default. > > (Beyond 6 months of work, fixing WoT would also be a preparation for > developing the client app which has received the highest amount of 700 > votes > on uservoice: Filesharing. > This could be implemented based on the forums.) > > > USE FRIENDLINESS > > Darknet enhancements. > > These are smaller pieces of work, so I will suggest a few: > > - Single use node references with authentication token: Currently, to > create a > darknet connection, *both* users have to add the node reference of each > other. > Tokenized node references would allow one person to use your reference to > add > himself as your peer *without* you having to add his node reference > manually. > I think this is a major usability improvement, as the general workflow of > other stuff such as phones / WhatsApp is that you do NOT have to both add a > "reference" of each other. People just aren't used to this. > > - Darknet invitation bundles: Feature for adding a single use node > reference > to an installer executable. People could hand out the installer executable > to > their friends to allow them to connect by darknet instantly. > Thanks to ArneBab for this idea! > > - Short node references: Currently, node references fill almost half a > page of > paper. This doesn't fit into a Facebook chat window for example. > As most users are likely to not only use darknet but also opennet, we could > upload node references to Freenet itself as a random KSK, with for example > 128 > bit entropy to be ~ 25 letters. > This would also make sense to combine with the aforementioned single use > node > references. > > - Friend-of-a-friend connection suggestions ("FOAF"). Like the Facebook > friend > finder, Freenet could be improved to tell you about darknet peers of your > peers. You could then chose to add them as your peers. Part of this > codebase > already exists. > > - Friend requests, like in Facebook: With primitive FOAF, both peers would > still have to add each other. With friend requests, peers of your peers > could > just request to connect to you. > Together with the aforementioned FOAF connections, this could have a very > similar UI to how adding friends on Facebook works. This should thus be a > huge > usability improvement. > > - Darknet chat improvements: Freenet allows you to send messages to your > darknet peers. The UI of that is very primitive. It should be improved to > be > similar to e.g. the Facebook chat. There is also a very high probability of > losing messages: Messages are not queued to disk, so restarting before a > message is sent results in its loss. This should be fixed. > > We've discussed how to implement these ideas, so I'm aware of how it would > work and feel capable of doing this. > > (As the above were all Freenet ideas, here's why there is no WoT idea: > It recently received a full revamp of it's web interface, and also a full > l10n > revamp. So I don't think any usability work is necessary there at the > moment.) > > > SECURITY > > Multiple ideas again: > > - All fred plugins: AFAIK *none* of our official plugins deletes its > database > when the user removes it. They also do not obey the "PANIC" button of > Freenet > which should delete all client data. > I'm further not aware of any of the plugins encrypting its database if fred > itself is configured to encrypt the user data. > These issues cause private data to stay on disk when the user actually > believes it was deleted. Thus we should fix that. > > - fred: The Darknet enhancements in the usability section are major giant > security improvement as well: Opennet is generally believed to be > impossible > to make even only basically secure. It's really just more of a convenience- > feature for users whose main goal is connectivity, not security. Thus, for > security purposes, we should want to encourage darknet use a lot. > > - WoT: The WoT work is also security-related: Many people use FMS since the > WoT-based forums are not finished. FMS is an unreviewed C++ application > developed by an anonymous contributor. Unreviewed, C++, and anonymous > developer are all security risks. The WoT forums would be Java, and the > code > which has been written so far was reviewed by Matthew. > Also, since FMS is difficult to use, a lot of people still use Frost even > though we've been telling them that it can be DoS-ed by design for like 10 > years. WoT's central goal is to prevent DoS/censorship, and hence preparing > for easy-to-use WoT-based forums is a fix for that. Usability benefit > included. > > All of these ideas are things which I feel capable to implement. > > > TECHNICAL DEBT > > - fred: Both the unit test coverage and documentation of fred are believed > to > be poor. Further, there are many giant functions which should be split up. > As a general way of getting myself a bit more into fred development, I > would > be happy if some time was allocated for me to improve upon this. Writing > docs > and tests is a good way to learn about a codebase! And splitting up > functions > can be done while running into them during doc'ing/testing. > Additionally, since Matthew is not yet sure whether he will ever continue > to > work for us, it would be good to do this while he still seems to enjoy > contributing as a volunteer. While this is the case, we can still ask him > about things which aren't clear from the code. (Matthew, if you would feel > annoyed by that, feel free to tell us!!) > > - WoT: The WoT unit test coverage is rather good IMHO. So it would be > possible > to complete it to 100% test coverage. This would be a preparation of > replacing > db4o with a different database. This may become necessary as the company > behind it has abandoned the project. Having full unit tests before doing a > very complex task such as replacing the database will ease that a lot. > > This would again be stuff I feel capable off. > > > OUTREACH > > - Fundraising: When we ran out of funds this time, this admittedly also was > because I didn't take care of fundraising while we still had money. During > the > ~ 6 months of not having funds, it became apparent that there are not many > volunteers who are interested in fundraising. I also noticed that it is > quite > a bit of work to deal with it. Further, it's rather stressful. Thus it > should > be done over an extended timespan *before* money runs out, instead of > being in > a large hurry because we already are bankrupt. Doing stressful things only > every few weeks is less stressful overall. > Thus, it would be nice if contacting donors could become eligible to be > done > during working hours. I'd be willing to start doing that. > Especially notice that this would help us get Matthew back: He said with > the > current level of funding, he's not available for Freenet. > He'll do something else for 1 year, and then do his master's thesis, so we > have some time to acquire funds for him. > As he has worked for Freenet for over 10 years, securing his knowledge is > of > utmost importance :) > > > -- > hopstolive (keyword for Ians spam filter) > _______________________________________________ > Devl mailing list > [email protected] > https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl > _______________________________________________ Devl mailing list [email protected] https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
