Your off on a tangent here - I know what Freenet is, and I more or less agree with the goals you state (though I think it's important to note hat before anything like that can be worked on we need to make the system actually works, ie, when a somebody requests a key, they actually find it, and in an acceptable amount of time and work for the network).
That was not the point I was trying to make. The clients currently operate on files on disk, which does leave them open to diskscans to uncover what you have inserted/requested. However, people started talking about "never write the plaintext to disk" which is the wrong idea - if you request or insert something to Freenet, the plaintext is no more or less incriminating then the ciphertext (this doesn't go for Node operators, which is why we have the ciphertext, but does go for users). I'll look into writing code so that they operate on memory instead which is marginally safer on a well configured system. This is still not paranoid enough for Travis (which is good for Travis, though I think he'll wonder what it was good for as the smell of testicle toast reaches his nose), but it is paranoid enough for most people. On Sun, Aug 20, 2000 at 10:39:01PM -0500, Signal 11 wrote: > > Everybody is missing something here: the plaintext is not private. You see > > that URL that is printed at the end, the part after the comma is the > > decryption key, that is what you send to the world. The key is right > > there, the NSA can request and read it like anybody else. And as far as > > telling from the disk whether you had the banned data, that can be done > > just as well from the cyphertext as from the plaintext. > > Freenet isn't, AFAIK, about secrecy. It's about creating a dynamic mirror, > a dynamic mirror that has no built-in way to censor it, to exterminate or > remove data from it. It is the antithesis of the censorship movement. It is > very much open, from the code to the idea, from the messages on the network > to the screens on the users' computers. Freenet is a technical solution > to an inherently sociopolitical problem - censorship. When it is complete, > I have no doubts it will meet its design goals. It still needs alot of > work, however, and I'm working my arse off to leverage my limited > programming knowledge.. but that's another story. > > By design, there won't be many secrets on a freenet node, or the network. > But, by the same token, I don't believe any of the developers here are so > naive to not be able to see that many groups will want to terminate this > project before it reaches critical mass. The modus operandi of such groups > is to pass laws, rules, and regulations making elements of Freenet, or > possibly the entire methodology Freenet is based on, illegal. Freenet must > combat this threat by building into it three basic elements: > > 1) Plausible deniability at the node-level > 2) Decentralized control - No single point of failure > 3) When complete, the ability to masquarade network traffic > > 1) Plausible deniability can mean one of two things. In the US, this will > likely mean that an individual running a Freenet node can prove that he > (or she) has no control over the content passing through such a node, > and can plausibly claim that they are unaware of the exact nature of > the content on their server. In more repressive countries, this may also > mean it will be necessary to create a plausible denial as to the > existance > of a particular dataset on your node. This can be accomplished by > creating > a datacache which is encrypted and the key is dynamically generated and > never written to disk - when the server is downed, the data is rendered > useless. > > 2) Nobody can "turn off" the Freenet network without turning off the > internet. Due to commercial interests on the internet, this would be > tandamount to economic suicide - no sane entity would level such a > sanction against the network... the political fallout would be > severe. Freenet will ensure its own survival on the network. Whether it > remains legal and/or accessible will depend largely on how quickly the > developers can move to a mature product and deploy it multi-nationally. > > 3) This relates to the first idea. If Freenet specifically is declared > illegal, it will be the duty of ISPs and network administrators to > terminate freenet nodes when found. However, in the US and many other > places, the legal concept of "due diligence" must be applied - by > raising the difficulty of detection of a freenet node enough so that > network administrators have an undue burden of removing said nodes, they > will be absolved of legal accountability. This is critical - if a network > administrator can be held responsible for use of freenet on their > network, > they will actively try to search and remove it. Ironically, the DMCA, a > piece of legislation drafted and signed into law to aid intellectual > property proponents, contains a critical weakness - ISPs are not liable > for the content passing through their system IF they respond within a > certain window and remove the offending content. If the content cannot > be conclusively proven to be on the network, no action can be reasonably > taken. Amendments will be made once this "oversight" is discovered, but > for the time being, they are f*cked. Nice, huh? IANAL, but I am good at > logic. > > These three ideas, coupled, means that Freenet works alot like a Borg cube - > it can continue to function even if large portions of the network is offline > or compromised, and it can function in hostile environments. Not only that, > but it packs a helluva lot of firepower. :) > > Oh yeah.. resistance *is* futile. > > ~ Signal 11 > > > _______________________________________________ > Freenet-dev mailing list > Freenet-dev at lists.sourceforge.net > http://lists.sourceforge.net/mailman/listinfo/freenet-dev > -- \oskar -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 238 bytes Desc: not available URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20000821/08077167/attachment.pgp>
