A number of somewhat-connected observations from someone who had been following Freenet since early 0.3 days:
1. Paying for becoming a "VIP" Freenet node is not out of the question (people buy invites to elite torrent trackers for sizable amount of money), but the benefits must be *very* obvious. 2. However, any reasonable amount you can ask from users can easily be matched by a dedicated attacker. If I'm correct and an attacker will need to roughly match the network size for a successful attack, then matching a network of 100K nodes, each of which had paid, say, $5 to join, would require $500K - heck, even I, being a (relatively) poor scientist, would probably be able to raise that money in a couple of months (by, i.e., selling off all my property, getting to my eyeballs in debt, etc) if I'd be really motivated (i.e., to find a pervert who raped my daughter and posted video of that on Freenet, or something). Even if nodes would be paying $50 to join (which I don't think is a realistic amount), an attacker would still need to come up with just $5M, which isn't that much for a middle-sized private company, and is chump change for any government agency. 2a. Yes, that means that, in my opinion, we can't look to money for scarcity, it should be obtained from somewhere else. To find it, I think that threat model should be defined better. Fighting a bored millionaire (or a vigilante, or a mad corporate head looking for a whistleblower) is one thing; fighting a government agency is another. For example, it would be difficult for a vigilante with money to come up with 100K valid national ids; it would be completely trivial for a government agency. 3. I also think that Freenet project has been getting it wrong for the past couple of years. "Somewhat" secure opennet must come before *any* attempt at building darknets, however "romantic" those seem to be on paper. The reason is, IMHO, two-fold: a) most people *won't* trust their RL friends for most of the activities that Freenet would *actually* be useful for. I may trust my friends enough to let them know that I download warez (or porn, whatever); but if I'm a government whistleblower (or a pedophile, or marijuana grower) I *definitely* would like my friends to know about that last, not first. b) we can't expect a well-connected darknet to form right from the beginning; most likely, its growth will be organic, starting from small non-connected cells - in this case, a well-working opennet will provide the initial "glue" to connect those together. In any case, I think it's not a good idea to work on darknet before opennet works as well as can be (reasonably) expected - more on that right below. 4. I think that performance issues *absolutely* should be handled before anything else, even before security. I understand that many - even most - will disagree with me, but if I found *one* thing from practice, it is that people widely prefer less secure, but working, systems to more secure, but non-working, ones. Right now, Freenet exhibits a level of performance which can only be called "abysmal". I can download torrents at 4 MB/s, reliably, one after another, from different trackers in different countries; considering that in Freenet mine (and everyone's else) traffic should pass through several nodes (say, 20 of them, worst case), I'd say Freenet should provide around 200 KB/s of sustained download performance (with the rest of my pipe being donated to other nodes, thus hiding my traffic). In reality, in my tests, on a lightly-loaded and well-integrated node I'm lucky to see speeds above 10 KB/s, with "typical" downloads making 2-3 KB/s on average, start to finish. My node with 90 peers only consumes around 200-250 KB/s (out of 1 MB/s allocated); my higher bandwidth allocation is effectively *wasted* by the inefficient network. If another major rewrite of Freenet is ahead (which, I'd argue, is long overdue), I'd be happy to provide more input (i.e., I think that filesharing and social communication is *much* more important than keyword search and site publishing), but I feel this email is already too bloated :-(. With best regards, Victor Denisov.
