Send Devl mailing list submissions to
devl at freenetproject.org
To subscribe or unsubscribe via the World Wide Web, visit
http://www.uprizer.com/mailman/listinfo/devl
or, via email, send a message with subject or body 'help' to
devl-request at freenetproject.org
You can reach the person managing the list at
devl-admin at freenetproject.org
When replying, please edit your Subject line so it is more specific
than "Re: Contents of Devl digest..."
Today's Topics:
1. Re: Espra - what's that? (Mark J. Roberts)
2. Re: Espra - what's that? (Peter Todd)
3. Re: Espra - what's that? (Mark J. Roberts)
4. Re: Espra - what's that? (Mathew Ryden)
5. Re: Espra - what's that? (Steven Hazel)
6. Re: Espra - what's that? (Mark J. Roberts)
7. Re: Espra - what's that? (Mark J. Roberts)
8. Re: Espra - what's that? (Steven Hazel)
9. Re: Espra - what's that? (Steven Hazel)
10. Re: progress on 0.4 data store rewrite (Tavin Cole)
11. Re: Espra - what's that? (Scott G. Miller)
12. Re: Killing Freenet (Re: [freenet-devl] Aardvark) (Tavin Cole)
13. Re: Re: Simulations... (Tavin Cole)
14. Re: Killing Freenet (Re: [freenet-devl] Aardvark) (Brandon)
15. Re: Killing Freenet (Re: [freenet-devl] Aardvark) (Tavin Cole)
--__--__--
Message: 1
Date: Tue, 6 Feb 2001 17:07:26 -0500 (EST)
From: "Mark J. Roberts" <[email protected]>
To: <devl at freenetproject.org>
Subject: Re: [freenet-devl] Espra - what's that?
Reply-To: devl at freenetproject.org
On 6 Feb 2001, Steven Hazel wrote:
> Oops. Here, I've fixed the debugging code.
Okay. The DH params get through and the key is calculated fine. So the
problem happens later on.
--
Mark Roberts
mjr at statesmean.com
--__--__--
Message: 2
From: Peter Todd <[email protected]>
To: devl at freenetproject.org
Subject: Re: [freenet-devl] Espra - what's that?
Date: Tue, 6 Feb 2001 18:21:34 -0500
Reply-To: devl at freenetproject.org
On Mon, 05 Feb 2001, you wrote:
> some people wanted it, so here's a screenshot of espra...
>
> http://espra.net/screenshots/espra01
>
> comments / thoughts much appreciated. thanks
Sure enough I say something is probably dead and I manage to resurect
it from the dead. Don't you just *hate* it when that happens? :)
--
retep at penguinpowered.com http://retep.tripod.com
--__--__--
Message: 3
Date: Tue, 6 Feb 2001 17:29:11 -0500 (EST)
From: "Mark J. Roberts" <[email protected]>
To: <devl at freenetproject.org>
Subject: Re: [freenet-devl] Espra - what's that?
Reply-To: devl at freenetproject.org
On Tue, 6 Feb 2001, Mark J. Roberts wrote:
> On 6 Feb 2001, Steven Hazel wrote:
>
> > Oops. Here, I've fixed the debugging code.
>
> Okay. The DH params get through and the key is calculated fine. So the
> problem happens later on.
It's failing in util.c:generate_random when status (=4) != len (=16).
Oooh, I shouldn't define FN_RANDOM_FILE... nope, then I get a -15 error.
The file is /dev/random so why can't it fucking read it--it's world
readable. If I use /dev/urandom instead I get a -15 error. It's failing at
protocol.c:380 which makes me suspect my rijndael code is fucked, but I
thought I fixed that already...
--
Mark Roberts
mjr at statesmean.com
--__--__--
Message: 4
From: "Mathew Ryden" <[email protected]>
To: <devl at freenetproject.org>
Subject: Re: [freenet-devl] Espra - what's that?
Date: Tue, 6 Feb 2001 17:40:52 -0600
Reply-To: devl at freenetproject.org
----- Original Message -----
From: "Ian Clarke" <[email protected]>
To: <devl at freenetproject.org>
Sent: Tuesday, February 06, 2001 4:56 PM
Subject: Re: [freenet-devl] Espra - what's that?
> On Tue, Feb 06, 2001 at 04:18:04AM -0000, tav wrote:
> > some people wanted it, so here's a screenshot of espra...
> >
> > http://espra.net/screenshots/espra01
> >
> > comments / thoughts much appreciated. thanks
>
> Looks great! How does it communicate with Freenet?
At the moment, it uses a 0.3.7 fproxy. Date-based redirects and all that.
Files are stored as CHKs. Catalogs are XML. Also, in case anyonew wants to
get a good laugh, this is something I drew up for the GUI guy to work with:
http://espnow.com/espians/wildmage/espragui1
For the record, we will be having native freenet communications fairly soon.
I'm still trying to figure out a good event model for them becuase I don't
want to have to watch over the transactions, bt need to be able to kill them
becuase our versoning scheme requests more files than it really needs to,
but we are trying to optomize for speed.
> Ian.
-Mathew (espra developer)
--__--__--
Message: 5
To: devl at freenetproject.org
Subject: Re: [freenet-devl] Espra - what's that?
From: Steven Hazel <[email protected]>
Date: 06 Feb 2001 18:35:24 -0600
Reply-To: devl at freenetproject.org
"Mark J. Roberts" <mjr at statesmean.com> writes:
> It's failing in util.c:generate_random when status (=4) != len (=16).
> Oooh, I shouldn't define FN_RANDOM_FILE... nope, then I get a -15 error.
> The file is /dev/random so why can't it fucking read it--it's world
> readable. If I use /dev/urandom instead I get a -15 error.
/dev/urandom isn't as good as /dev/random, but it should be okay. I'm
not sure why your /dev/random isn't working, though -- unless I'm
confused, a read() on it should always eventually return the requested
number of bytes. This works fine on my Linux 2.2.14 and 2.2.18
systems -- what OS and version are you using?
Anyway, it's /dev/urandom seems to be working properly.
> It's failing at protocol.c:380 which makes me suspect my rijndael
> code is fucked, but I thought I fixed that already...
That looks to be the case -- are you sure you compiled with
-DBINARY_KEY_MATERIAL?
-S
--__--__--
Message: 6
Date: Tue, 6 Feb 2001 18:50:30 -0500 (EST)
From: "Mark J. Roberts" <[email protected]>
To: <devl at freenetproject.org>
Subject: Re: [freenet-devl] Espra - what's that?
Reply-To: devl at freenetproject.org
On 6 Feb 2001, Steven Hazel wrote:
> /dev/urandom isn't as good as /dev/random, but it should be okay. I'm
> not sure why your /dev/random isn't working, though -- unless I'm
> confused, a read() on it should always eventually return the requested
> number of bytes. This works fine on my Linux 2.2.14 and 2.2.18
> systems -- what OS and version are you using?
Linux 2.4.0, glibc 2.2.1, gcc 2.9.7.
> Anyway, it's /dev/urandom seems to be working properly.
It's very strange. `cat /dev/random | uuencode -` works fine, albeit
slowly (I think that's the difference between /dev/random and
/dev/urandom--/dev/random slowly collects entropy from the system?).
> > It's failing at protocol.c:380 which makes me suspect my rijndael
> > code is fucked, but I thought I fixed that already...
>
> That looks to be the case -- are you sure you compiled with
> -DBINARY_KEY_MATERIAL?
Yay! That fixed it. Now I get to start figuring out how to USE the
library...
--
Mark Roberts
mjr at statesmean.com
--__--__--
Message: 7
Date: Tue, 6 Feb 2001 19:06:42 -0500 (EST)
From: "Mark J. Roberts" <[email protected]>
To: <devl at freenetproject.org>
Subject: Re: [freenet-devl] Espra - what's that?
Reply-To: devl at freenetproject.org
On Tue, 6 Feb 2001, Mark J. Roberts wrote:
> > That looks to be the case -- are you sure you compiled with
> > -DBINARY_KEY_MATERIAL?
>
> Yay! That fixed it. Now I get to start figuring out how to USE the
> library...
Very nice, by the way. Thanks for the library. It'll be useful.
Any chance of getting it in CVS? Please put it in, it makes keeping up to
date much easier for everyone.
--
Mark Roberts
mjr at statesmean.com
--__--__--
Message: 8
To: devl at freenetproject.org
Subject: Re: [freenet-devl] Espra - what's that?
From: Steven Hazel <[email protected]>
Date: 06 Feb 2001 19:58:31 -0600
Reply-To: devl at freenetproject.org
"Mark J. Roberts" <mjr at statesmean.com> writes:
> It's very strange. `cat /dev/random | uuencode -` works fine, albeit
> slowly (I think that's the difference between /dev/random and
> /dev/urandom--/dev/random slowly collects entropy from the system?).
/dev/random returns only as many bytes as are available in the PRNG's
entropy pool (and supposedly blocks when more entropy is needed...) --
/dev/urandom returns the number of bytes you asked for, even if the
entropy pool is exhausted.
In any case, I'm changing the code to account for incomplete read()s
of /dev/random, so you should be able to switch back after the
imminent bugfix release.
-S
--__--__--
Message: 9
To: devl at freenetproject.org
Subject: Re: [freenet-devl] Espra - what's that?
From: Steven Hazel <[email protected]>
Date: 06 Feb 2001 20:02:51 -0600
Reply-To: devl at freenetproject.org
"Mark J. Roberts" <mjr at statesmean.com> writes:
> Very nice, by the way. Thanks for the library. It'll be useful.
I'm glad to hear it.
> Any chance of getting it in CVS? Please put it in, it makes keeping
> up to date much easier for everyone.
The newest release will always be available at
http://thalassocracy.org/libfreenet/, and I'll be releasing as
frequently as you should update your copy. I'll post about it here,
too. At this point I think CVS would just complicate my maintenance
tasks.
-S
--__--__--
Message: 10
Date: Tue, 6 Feb 2001 22:52:44 -0500
From: Tavin Cole <[email protected]>
To: devl at freenetproject.org
Subject: Re: [freenet-devl] progress on 0.4 data store rewrite
Reply-To: devl at freenetproject.org
On Tue, Feb 06, 2001 at 01:28:35PM -0800, Ian Clarke wrote:
> On Tue, Feb 06, 2001 at 01:02:02PM -0500, Tavin Cole wrote:
> > To anyone who is interested, I have committed the first stage of my
> > datastore rewrite for 0.4 to experimental cvs. The files are in
> > Freenet/node/store so cvs update -d please.
> > Critiques would be appreciated.. I have done some pretty weird things,
> > but not without justification. I humbly await being torn to shreds by
> > the pack of wild dogs who read this list.. ;^)
>
> I plan to take a close look, but before that, I think we should think
> about a test-harness which would provide us with reasonable security as
> to how well this (and future improved versions) were working.
Well, don't just pick on me now ;p
We could use a good test suite for all aspects of Fred.. I believe others
have made noise about this before.. I'll try to think on it.
Maybe we should create a new cvs module of Java code which will be heavily
dependent on Freenet.*, but can be used to compile baby Freds for simulating
certain aspects of Fred's behavior, where some of the conditions would be
faked. For example, you fake a client requesting lots of different keys
and fake a realistic picture of the network, where some requests succeed
and others fail, and watch what happens to the store.
This would be different from Serapis b/c it would be a Fred simulator rather
than a network simulator.
--
/* Tavin Cole
* Composer of e-mail messages.
*/
--__--__--
Message: 11
Date: Tue, 6 Feb 2001 23:12:39 -0500
To: devl at freenetproject.org
Subject: Re: [freenet-devl] Espra - what's that?
From: "Scott G. Miller" <[email protected]>
Reply-To: devl at freenetproject.org
--EeQfGwPcQSOJBaQU
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Tue, Feb 06, 2001 at 06:50:30PM -0500, Mark J. Roberts wrote:
> On 6 Feb 2001, Steven Hazel wrote:
>=20
> > /dev/urandom isn't as good as /dev/random, but it should be okay. I'm
> > not sure why your /dev/random isn't working, though -- unless I'm
> > confused, a read() on it should always eventually return the requested
> > number of bytes. This works fine on my Linux 2.2.14 and 2.2.18
> > systems -- what OS and version are you using?
>=20
> Linux 2.4.0, glibc 2.2.1, gcc 2.9.7.
>=20
> > Anyway, it's /dev/urandom seems to be working properly.
>=20
> It's very strange. `cat /dev/random | uuencode -` works fine, albeit
> slowly (I think that's the difference between /dev/random and
> /dev/urandom--/dev/random slowly collects entropy from the system?).
/dev/random is guaranteed entropy. It only returns bytes when they are
backed up by the entropy estimate. /dev/urandom is a pseudorandom number
generated seeded with entropy, but degrades to pseudorandom numbers when
no entropy is available.
--EeQfGwPcQSOJBaQU
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE6gMs3r9IW4v3mHtQRAlU+AJ9aeSbSdncux0HKXBzI4Wbp3HpOmwCeMAM3
S9XdD15hLyw++pu07lxbrgA=
=mfMD
-----END PGP SIGNATURE-----
--EeQfGwPcQSOJBaQU--
--__--__--
Message: 12
Date: Tue, 6 Feb 2001 23:32:29 -0500
From: Tavin Cole <[email protected]>
To: devl at freenetproject.org
Subject: Re: Killing Freenet (Re: [freenet-devl] Aardvark)
Reply-To: devl at freenetproject.org
On Sun, Feb 04, 2001 at 09:59:12PM -0500, Mark J. Roberts wrote:
> On Sun, 4 Feb 2001, Tavin Cole wrote:
>
> > I only know of one with a flood control mechanism (mine).
>
> What is it?
Sooner or later I'll get around to preparing a formal document,
but the basic concept is that you post a file on Freenet describing
your mailbox. You specify some publicly writeable subspace (could
be a specially formed KSK, or an SSK you give out the key to, or
some new keytype perhaps). You also specify some (enumerable)
document name under that subspace which you are going to check
for email. So far, we have something like:
SSK at asdf/thread1/20010206/1
SSK at asdf/thread1/20010206/2
SSK at asdf/thread1/20010206/3
Now for flood control, you could use a node-side hashcash
system, which I believe has already been discussed .. basically
a new keytype (HSK) where instead of checking a signature the
nodes check for hashcash in the storables.
Here's the thinkcash-based flood control:
You don't actually tell anybody "thread1" -- instead you encode
"thread1" in a way that only a human can read. For example, use
a picture with some crazy 3-d text and lighting effects that a
person could easily read "thread1" from. For console users,
use the ascii art library (it's actually very impressive, debian
users `apt-get bb` you'll be amazed). For the blind, use a
distorted audio snippet.
All of these can be computer generated. I would imagine using
random combinations of letters and numbers for the thread names,
8 or more characters in length. It would be accessible to anyone
who could read a Latinate character set and wasn't both deaf and
blind.
You'd also impose a hard upper limit on the enumeration for each day,
and periodically rotate out old threads with new ones, in order to
increase flood resistance.
The reason flooding is a problem is because an attacker knows in
advance what keys you are going to request, and he can trick you
into requesting spam. The reason this works is because it prevents
the attacker from knowing what keys you are going to request, without
investing significant non-automatable effort.
So... it's an imperfect system but I know of nothing better.
--
/* tavin cole
* composer of e-mail messages
*/
--__--__--
Message: 13
Date: Tue, 6 Feb 2001 23:40:56 -0500
From: Tavin Cole <[email protected]>
To: devl at freenetproject.org
Subject: Re: [freenet-devl] Re: Simulations...
Reply-To: devl at freenetproject.org
On Sun, Feb 04, 2001 at 11:10:27AM +0000, Theodore Hong wrote:
> Sebastian Spaeth <Sebastian at SSpaeth.de> wrote:
> > Ian Clarke wrote:
> > > Simulations suggest it is not a problem with the current architecture
> > > (although simulations are rarely 100% accurate).
> >
> > I have to admit that I am quite suspicious about the ability of
> > Simulations since I took a course covering exactly that topic at
> > University. They do have their use, but conducting and designing
> > simulations where we have that many unknown variables that can/will
> > influence Freenet reliability will lead to *very* inaccurate results.
> >
> > Unknown variables (e.g. the statistical distributions) that cannot be
> > found out or used correctly in simulations, but will influence
> > routing/reliability, might be:
> >
> > - up/downtime of Freenet nodes which will depend on the future user base
> > (modem, cable, Windows/Linux,...)
> > - connection speed of Freenet nodes depends on user base as well
> > - size of disk space dedicated to Freenet nodes (will people spend 10MB
> > or 1GB to Freenet)
> > - user behavior (will people split up big files into 1000 file chunks or
> > insert them as big files (might be determinated by popular client
> > bahavior)
> > - percentage of transient vs. nontransient nodes
> >
> > How are these factors considered in the current simulations, if at all?
>
> oh, absolutely. I have not accounted for these factors at all in my
> numbers. The problem is that we do not have any model for user
> characteristics, which is what all of your factors are. (Maybe we need a
> user survey to try to collect some data?)
We could add some stuff to Fred to give the user the *option* of dumping this
kind of information to a formatted file, and give them the *option* of sending
it to us somehow (even by inserting it into Freenet)...
--
/* tavin cole
* composer of e-mail messages
*/
--__--__--
Message: 14
Date: Tue, 6 Feb 2001 22:44:07 -0600 (CST)
From: Brandon <[email protected]>
To: devl at freenetproject.org
Subject: Re: Killing Freenet (Re: [freenet-devl] Aardvark)
Reply-To: devl at freenetproject.org
> Here's the thinkcash-based flood control:
> You don't actually tell anybody "thread1" -- instead you encode
> "thread1" in a way that only a human can read. For example, use
> a picture with some crazy 3-d text and lighting effects that a
> person could easily read "thread1" from.
That doesn't require a new keytype then. You should don't give out your
mailbox except in the hard-to-parse form.
Such a method of address propogation could easily be used with the current
EOF f-mail system.
--__--__--
Message: 15
Date: Tue, 6 Feb 2001 23:45:42 -0500
From: Tavin Cole <[email protected]>
To: devl at freenetproject.org
Subject: Re: Killing Freenet (Re: [freenet-devl] Aardvark)
Reply-To: devl at freenetproject.org
On Tue, Feb 06, 2001 at 10:44:07PM -0600, Brandon wrote:
>
> > Here's the thinkcash-based flood control:
> > You don't actually tell anybody "thread1" -- instead you encode
> > "thread1" in a way that only a human can read. For example, use
> > a picture with some crazy 3-d text and lighting effects that a
> > person could easily read "thread1" from.
>
> That doesn't require a new keytype then. You should don't give out your
> mailbox except in the hard-to-parse form.
>
> Such a method of address propogation could easily be used with the current
> EOF f-mail system.
No, it doesn't *require* a new keytype, but IMHO KSKs and SSKs are both
inappropriate. I like the idea of using an HSK even w/ thinkcash.
In any case I think we need a standardized concept of a public-writeable
subspace. Making it an SSK and handing out the private key, or making
it a KSK at somelonghexnumberA7A3A3E3474FA743FE73/docname are both quite
kludgey IMHO.
--
/* tavin cole
* composer of e-mail messages
*/
--__--__--
_______________________________________________
Devl mailing list
Devl at freenetproject.org
http://www.uprizer.com/mailman/listinfo/devl
End of Devl Digest
