Re: [freenet-dev] Github and code review
On Mon, Mar 23, 2015 at 5:54 AM, Florent Daigniere nextg...@freenetproject.org wrote: On Sun, 2015-03-22 at 14:11 -0500, Ian wrote: The way Github's code review tools are designed, you definitely want it to be per branch (which will have a 1-1 relationship with a pull request), not per commit. No disagreement here either. I'd argue that for us git and github are the wrong tools but I completely agree with your analysis of how we're mis-using them :) I'm not sure, I haven't had experience with any other code review tool, but they work very well for us at my day-job, the entire team (9 experienced software engineers) seems happy with them. You can't impose processes on people, they need to agree to them or it won't work. That being said, I don't know why any reasonable person wouldn't agree to what I've outlined. It's a tried and tested approach. OSS projects do; when maintainers don't like the code they just don't merge it (and that might leads to forks and that's perfectly fine). This is what's happening now and part of why we're in limbo. In the early years of the project Freenet had a fairly liberal attitude to contributions, trust but verify. I did my best to minimize red-tape for developers. This was beneficial because it meant there was a low barrier to entry for volunteers. If we didn't have this approach, I doubt many of the earliest contributors, people like Oskar Sandberg and Scott Miller, would have become involved (both started with very minor contributions). And as I mentioned previously, I just don't think we have the manpower for formalized gatekeepers (ie. we're not the Linux Kernel), so it's simply not an option to be that rigid. What's sad is that most of the problems are from the code *paid* devs are producing. Some might argue that it's because they're producing more than volunteers but I don't think so. I think we need to avoid personal criticisms of people (yes, I know that I attacked Toad earlier in this thread, but I was provoked - I should have taken the high road, I'd had a few beers at that point). I believe that their evaluation / incentives model needs to change for their behaviour to adapt. Maybe it's time to reconsider bounties (pay per feature/bugfix). I'm not sure about that. Monetary motivation works well for salespeople, I don't think it works well for engineers. It would also be a significant amount of work to administer, and I just don't think we have the manpower to do that. It could also result in a bias towards work on outwardly visible bells and whistles, and against internal stuff like refactoring. Ian. -- *Ian Clarke* / Co-Founder CTO *OneSpot, Inc* Email: i...@onespot.com Web: http://www.onespot.com Personal Blog: http://blog.locut.us/ LinkedIn: http://www.linkedin.com/in/iancjclarke Twitter: http://twitter.com/sanity ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
Re: [freenet-dev] Github and code review
On Sun, Mar 22, 2015 at 4:20 PM, Matthew Toseland mj...@cam.ac.uk wrote: But regardless, nothing in the process I've outlined would inhibit correcting problems like this. Ideally they'd be corrected at the code review stage, but if they make it past that then they can be corrected with a new branch, just like any other bugfix. No, they can't. Removing binaries (or worse, copyright-infringing files) requires rewriting the history. Why would removing a binary require rewriting the history, and why would anyone commit a copyright-infringing file? In my years of using Github I have never ever been in a situation that necessitated rewriting history. The possibility that someone might do something really dumb and easily avoidable should not dictate our code review policy. 2. Disruptive changes to APIs. This has also happened. Especially if the description is incomplete, there is a significant risk of refactoring breaking other code (e.g. plugins; this was part of the problem with Xor's changes), introducing new APIs that don't make sense etc. Both code review and a decent continuous integration system should address this. This is a good continuous integration service that is free for OSS projects: https://travis-ci.org/ You can see how I use it on this other OSS project of mine: http://quickml.org/ Not all problems can be detected by automated tools. Sometimes it is necessary to change classes that are used by plugins, and some of those plugins are unofficial, i.e. third party. Yes, just like any other software project. What would make us any different, and why would that necessitate deviating from the process I've proposed (which is pretty-much standard practice among well-run dev teams already)? I'm not sure I understand your point. That seems very unlikely to happen, we barely have budget for actual developers, let alone dedicated QA people. And really, who'd want that job anyway? Even setting aside budget and finding suitable people, coders should have primary responsibility for ensuring that their code is good. It's unhealthy to have a situation where coders think that ensuring their code is clean and robust is someone else's problem. That is precisely how every mature project works. Just because neither your business ventures nor your involvement in open source are mature doesn't mean there aren't projects out there - both open source (Linux, Wine) and businesses (Steve's employer, presumably Google, etc) - which care about code quality. Wow. Why would you say something so stupid in a forum where future employers could potentially see it? You forget that I've seen your code, it wouldn't come anywhere close to passing a code review by even the least experienced developer on my company's engineering team, so please don't presume to lecture me about code quality, or how mature software projects work. I really hope they teach you how to be less of an asshole during your computer science course, or you'll have a very hard time getting or keeping a job, either commercial or in academia. Your previous paragraph would be a firing offense at most companies. Professional engineering teams simply don't tolerate asshole behavior any more. Ian. -- Ian Clarke Founder, The Freenet Project Email: i...@freenetproject.org ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
Re: [freenet-dev] Github and code review
On Sat, Mar 21, 2015 at 7:42 PM, Matthew Toseland matt...@toselandcs.co.uk wrote: On 21/03/15 20:49, Ian Clarke wrote: That's part of it, but also that a branch should be created for each bugfix/feature, which ideally should be as small a unit of work as possible (that can be merged without breaking stuff). Absolutely. See e.g.: http://nvie.com/posts/a-successful-git-branching-model/ We try to stick to this ... or at least, that was the plan/consensus! Hmm, it doesn't sound like we do in practice, given that I believe there were pull requests with hundreds of commits which sounded like it was for much more than a single feature or bugfix. Anyway, the point isn't to complain about what happened in the past, just to agree on our process going forward. The problem is then we spend a lot of time undoing stuff. This can and does happen, and has happened, even relatively recently. It's part of the reason why most projects use a branch-and-merge model, rather than giving all the devs push rights. Ian. Why we might need to revert or reject changes: 0. Stupid stuff. E.g. committing jars to repositories. Committing jars to repositories is kind of careless, don't people have sensible .gitignore files? Can a .gitignore be committed to the repo? But regardless, nothing in the process I've outlined would inhibit correcting problems like this. Ideally they'd be corrected at the code review stage, but if they make it past that then they can be corrected with a new branch, just like any other bugfix. 2. Disruptive changes to APIs. This has also happened. Especially if the description is incomplete, there is a significant risk of refactoring breaking other code (e.g. plugins; this was part of the problem with Xor's changes), introducing new APIs that don't make sense etc. Both code review and a decent continuous integration system should address this. This is a good continuous integration service that is free for OSS projects: https://travis-ci.org/ You can see how I use it on this other OSS project of mine: http://quickml.org/ I agree that review capacity is potentially a bottleneck. There are different ways to solve this: - Have paid staff who review and merge stuff. That seems very unlikely to happen, we barely have budget for actual developers, let alone dedicated QA people. And really, who'd want that job anyway? Even setting aside budget and finding suitable people, coders should have primary responsibility for ensuring that their code is good. It's unhealthy to have a situation where coders think that ensuring their code is clean and robust is someone else's problem. - Don't accept pull requests if nobody can review them right now. This will absolutely cause a severe bottleneck, causing development to grind to a halt, and probably destroying morale in the process. Who wants to work their ass of on some code only for it to sit in a branch indefinitely? - Allow the reviewers to make reasonable demands for clear code. A pull request is a negotiation between the contributor and the maintainer. Of course, reviewers can point out unclean code, and a conscientious developer will want to commit good code so they'll fix it. If a coder is ignoring reasonable code review feedback then that might be grounds for removing commit access. Ian. ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
Re: [freenet-dev] Github and code review
On Sun, Mar 22, 2015 at 6:44 AM, Arne Babenhauserheide arne_...@web.de wrote: Am Samstag, 21. März 2015, 12:45:39 schrieb Ian Clarke: It sounds like people are trying to use commits for code review, whereas they should be using Github pull requests. For huge changes we are using commits as a second level hierarchy: When the diff is too big to understand on its own, then the commits have to form an easy to follow story which allows understanding the change step by step. I think you've misidentified the problem and therefore the solution. The problem is that diffs would ever be too big to understand on their own, therefore the solution is that the diff should never be too big to understand on it's own. A branch/pull-request should rarely represent more than a few days of work, and thus should rarely take more than a few minutes to review. As such they unpaid devs cannot just sit down for 6 hours and read through a huge diff to understand it in its entirety. They need the diff more structured. A 6 hour code review is insane, and should never be necessary. - For any isolatable feature or bugfix, create a new branch just for that feature or bug request (perhaps put the bug id # in the name of the branch). *Do not combine multiple features or bugfixes into a single branch.* If it can be merged independently, it should have it's own branch. We get into a problem with this, when the changes get too extensive without being ready for merging into a release. It should never be necessary for changes to be that extensive. In my day-job we're working on a far more complex codebase than Freenet, and yet a branch/pull-request almost *never* represents more than 4 days of work, and therefore code reviews rarely require more than 10-20 minutes. Your scheme provides fast development of individual features, but does not provide information spread within the group: Only one person has seen the current version of the code. I don't understand that, anyone that wants to is free to look at the code/pull-requests. Longterm this needs to a situation where no one can understand the whole code well enough to change it efficiently, which in turn leads to pseudo-ownership over certain sub-sections of the code. If we're producing code that isn't comprehensible without external explanation, then we're not producing good code. Well written code shouldn't require an explanation, it should be self-explanatory. This book lays out some excellent guidelines for this kind of code, every programmer should read it: http://amzn.com/0132350882 Ian. -- Ian Clarke Founder, The Freenet Project Email: i...@freenetproject.org ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
Re: [freenet-dev] Github and code review
Sure, but let's not get bogged down with complaining about the past, we all know it's been dysfunctional, let's focus on what we're going to do from now on. Ian. On Sun, Mar 22, 2015 at 2:06 AM, Florent Daigniere nextg...@freenetproject.org wrote: On Sun, 2015-03-22 at 07:36 +0100, Florent Daigniere wrote: On Sun, 2015-03-22 at 00:42 +, Matthew Toseland wrote: On 21/03/15 20:49, Ian Clarke wrote: On Sat, Mar 21, 2015 at 1:58 PM, Matthew Toseland matt...@toselandcs.co.uk wrote: Most of the above boils down to review the diff, not the history. That is probably sensible. That's part of it, but also that a branch should be created for each bugfix/feature, which ideally should be as small a unit of work as possible (that can be merged without breaking stuff). It only is if the diff is of reasonable size... which it is most of the time, *except* when it comes from paid devs. They code in their cave for months, drop a 100kloc diff doing way more than a single feature/bugfix onto the maintainer and expect it to be merged; I'm sure that refactoring is good but not when it's forked off for 6month... This is the problem we had recently with both toad's and xor's code. We're talking about dozens of features and bugfixes AND refactoring. What blocks development is that the refactoring isn't merged until their work is ready... and there's usually a good reason for it; they code first and think later (to be fair it's a common trait amongst devs working alone) which means that as long as they haven't tried it out they're not quite sure of what they want in terms of API... so it's only in a mergeable state when it works. Whether there's a single change per commit/branch/pull request doesn't matter as long as one of them is enforced. Until now the base unit was supposed to be one change per commit; I'm all for changing it to something else but that won't solve the problem unless it's enforced strictly. Florent Just to put some perspective on what I've written above: Here's toad's diff: https://github.com/freenet/fred/pull/287/files Here's xor's diff: https://github.com/freenet/fred/pull/319/files in both cases github gives up rendering it: Sorry, we could not display the changes to this file because there were too many other changes to display. and doesn't even display the commit count: This pull request is big! We're only showing the most recent 250 commits. As for the individual commits, there's plenty which are doing more than a bugfix/feature/single semantic change. Florent -- Ian Clarke Founder, The Freenet Project Email: i...@freenetproject.org ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
Re: [freenet-dev] Github and code review
On Sun, Mar 22, 2015 at 1:36 AM, Florent Daigniere nextg...@freenetproject.org wrote: On Sun, 2015-03-22 at 00:42 +, Matthew Toseland wrote: On 21/03/15 20:49, Ian Clarke wrote: On Sat, Mar 21, 2015 at 1:58 PM, Matthew Toseland matt...@toselandcs.co.uk wrote: Most of the above boils down to review the diff, not the history. That is probably sensible. That's part of it, but also that a branch should be created for each bugfix/feature, which ideally should be as small a unit of work as possible (that can be merged without breaking stuff). It only is if the diff is of reasonable size... which it is most of the time, *except* when it comes from paid devs. Then that needs to change. With a feature/bugfix-per-branch approach the diffs should be reviewable in just a few minutes. If they aren't, then the coder is probably stuffing multiple features/bugfixes into a single branch and that's contrary to the guidelines I've outlined. Whatever happened in the past, what matters is what we do going forward. They code in their cave for months, drop a 100kloc diff doing way more than a single feature/bugfix onto the maintainer and expect it to be merged; I'm sure that refactoring is good but not when it's forked off for 6month... This is the problem we had recently with both toad's and xor's code. We're talking about dozens of features and bugfixes AND refactoring. Then that needs to change going forward. Whether there's a single change per commit/branch/pull request doesn't matter as long as one of them is enforced. The way Github's code review tools are designed, you definitely want it to be per branch (which will have a 1-1 relationship with a pull request), not per commit. Until now the base unit was supposed to be one change per commit; I'm all for changing it to something else but that won't solve the problem unless it's enforced strictly. You can't impose processes on people, they need to agree to them or it won't work. That being said, I don't know why any reasonable person wouldn't agree to what I've outlined. It's a tried and tested approach. Ian. ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
[freenet-dev] Github and code review
Talking to a few people, I think our current approach to code review is problematic. For example, I've been told that some people are arguing that commits are too granular, and need to be combined to make code review easier. This is a mistake, there is nothing wrong with very granular commits, just as there is nothing wrong with more verbose code if it helps clarity. Pull requests should be used for code review, not individual commits. The number of individual commits should be irrelevant. It sounds like people are trying to use commits for code review, whereas they should be using Github pull requests. Here is a process that has worked well in my experience: - For any isolatable feature or bugfix, create a new branch just for that feature or bug request (perhaps put the bug id # in the name of the branch). *Do not combine multiple features or bugfixes into a single branch.* If it can be merged independently, it should have it's own branch. - Commits to this branch can be as granular as the programmer wants, generally the more frequent the commits the better - When the programmer is ready for feedback, they should create a pull request between this branch and the main branch - they could post the URL of the pull request to IRC to encourage feedback - It's fine for a programmer to request feedback before the feature is complete, but they should note this in the title of the pull request - eg. DO_NOT_MERGE - For code review, the most useful tab is Files changed - which shows all differences between the feature branch and the main branch (individual commits are irrelevant here) - comments can be added here - Once the feature is complete and the review feedback has been read and perhaps acted upon by the programmer working on the feature, it should be merged The person contributing the code is responsible for asking for and incorporating feedback, but they control the process, the process should not control them. So, for example, in some cases the programmer might decide that a code review is unnecessary. That will be their call. Better to trust human judgement over a rigid process. Thoughts? Ian. -- Ian Clarke Founder, The Freenet Project Email: i...@freenetproject.org ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
Re: [freenet-dev] Github and code review
On Sat, Mar 21, 2015 at 1:58 PM, Matthew Toseland matt...@toselandcs.co.uk wrote: Most of the above boils down to review the diff, not the history. That is probably sensible. That's part of it, but also that a branch should be created for each bugfix/feature, which ideally should be as small a unit of work as possible (that can be merged without breaking stuff). The last point is everyone can commit anything without review. That's the fundamental question here: Do we want to require that some responsible person (release manager, person with push rights) reviews and signs off on the code before it is pushed? I think the question is moot, since (so far as I'm aware) we don't have anyone that can commit to reviewing all code reliably and quickly, so such a requirement would only serve to create a severe bottleneck in our development process. All commits are public, all commits can be reviewed by anyone, but in the event that nobody is in a position to review something we can't allow development to grind to a halt. If people care about reviewing code then they can and should review code. Ian. There are 2 main reasons for this: 1. Security. How useful this is is debatable. 2. Disruptive changes to APIs. ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl -- *Ian Clarke* / Co-Founder CTO *OneSpot, Inc* Email: i...@onespot.com Web: http://www.onespot.com Personal Blog: http://blog.locut.us/ LinkedIn: http://www.linkedin.com/in/iancjclarke Twitter: http://twitter.com/sanity ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
Re: [freenet-dev] Github and code review
[resending with correct from: address] On Sat, Mar 21, 2015 at 1:58 PM, Matthew Toseland matt...@toselandcs.co.uk wrote: Most of the above boils down to review the diff, not the history. That is probably sensible. That's part of it, but also that a branch should be created for each bugfix/feature, which ideally should be as small a unit of work as possible (that can be merged without breaking stuff). The last point is everyone can commit anything without review. That's the fundamental question here: Do we want to require that some responsible person (release manager, person with push rights) reviews and signs off on the code before it is pushed? I think the question is moot, since (so far as I'm aware) we don't have anyone that can commit to reviewing all code reliably and quickly, so such a requirement would only serve to create a severe bottleneck in our development process. All commits are public, all commits can be reviewed by anyone, but in the event that nobody is in a position to review something we can't allow development to grind to a halt. If people care about reviewing code then they can and should review code. Ian. -- Ian Clarke Founder, The Freenet Project Email: i...@freenetproject.org ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
Re: [freenet-dev] C# Tray App (Probably) Feature-Complete
That's great Steve, if I wasn't on a Mac I'd help you test it :) On Thu, Jan 1, 2015 at 3:49 PM, Steve Dougherty st...@asksteved.com wrote: The C# Windows tray application is now more-or-less feature-complete. Feedback and suggestions would be appreciated! In the coming days I plan to document this more and do a more thorough writeup of its capabilities. Signed binary: https://downloads.freenetproject.org/FreenetTray-testing-3b30923.exe Source: https://github.com/freenet/wininstaller-innosetup/tree/csharp/FreenetTray To test it put it in the directory Freenet is installed in. It will add a tray icon which controls the node, similar to the existing tray application, but shinier. For instance, this one distinguishes between a clean shutdown and a crash, and has a more informative response to crashes. It supports launching Chrome, Firefox, Opera, and IE in privacy mode. It's around 800 LOC. (Not counting those the resources and Windows Forms designer generate.) Currently if Freenet takes more than 3 seconds between being started and FProxy listening on its port a balloon tip will pop up to show that Freenet is starting. 3 seconds might be a bit short, but my hope was to maintain a sense of interactivity. (On my machine FProxy takes ~1.6 seconds after starting to listen on its port.) On that note the refresh rate of the startup page should be increased - it seems like it's currently around 10 seconds, which is a long time to stare at it. - Steve ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl -- *Ian Clarke* / Co-Founder CTO *OneSpot, Inc* Email: i...@onespot.com Web: http://www.onespot.com Personal Blog: http://blog.locut.us/ LinkedIn: http://www.linkedin.com/in/iancjclarke Twitter: http://twitter.com/sanity ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
[freenet-dev] Someone available to speak in Germany (in German) on Feb 11th?
These guys would like give us an award, and have asked whether we have a German representative that could go to their congress in Hamburg on 11th Feb to give a German language introduction to Freenet? Could anyone do this? Ian. -- Ian Clarke Founder, The Freenet Project Email: i...@freenetproject.org ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
Re: [freenet-dev] Someone available to speak in Germany (in German) on Feb 11th?
Here is the email, I've already responded saying that we'll accept: Hi Ian, let me first give a short introduction of our/my background: I'd guess, you have never heard of our organisation SUMA-EV? We are primarily focussing on Germany, but we have a small part of our website in English too: http://suma-ev.de/en/index.html We are into search enginges since 1996, and we are focussing on privacy and data protection within the search. You'll find our main search engines at: http://metager.de http://metager.de/beta http://metager.net (English version) Besides that we are doing several things more: Since 2008 we grant awards to outstanding projects on the Internet. You might find more about that on our website http://suma-awards.de/en/ We want to award your Freenet projekt with the SUMA Award 2014/15. The award is donated with 2,500,-EUR. The award ceremony happens to be at our next congress at the University of Hamburg on the 11th of February 2015. First we have to clear how the awarding can happen; my questions are: 1) Are you willing to accept the SUMA award and the 2,500,-EUR? 2) Do you have a German representative who can join our congress in Hamburg on the 11th of February 2015 and give a German langugage introduction about Freenet? 3) Would it be possible to transfer the donation money by an account-only cheque ? I am looking forward to hear from you, best regards, Wolfgang On Tue, Dec 16, 2014 at 8:25 AM, Ian Clarke i...@freenetproject.org wrote: These guys would like give us an award, and have asked whether we have a German representative that could go to their congress in Hamburg on 11th Feb to give a German language introduction to Freenet? Could anyone do this? Ian. -- Ian Clarke Founder, The Freenet Project Email: i...@freenetproject.org -- Ian Clarke Founder, The Freenet Project Email: i...@freenetproject.org ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
Re: [freenet-dev] Someone available to speak in Germany (in German) on Feb 11th?
Cool, Xor also expressed an interest - perhaps you guys could discuss who might be better suited, or maybe even give a joint talk? Oskar Sandberg and I gave a few joint talks, and so long as you agree on who talks about what - it can work quite well. It does require preparation though. If whoever decides to do this wants help, you could work on it in a Google Docs slideshow and that way others could collaborate and offer feedback on-the-fly (it has pretty good features for making suggestions and comments these days). Ian. On Tue, Dec 16, 2014 at 8:51 AM, Arne Bab. arne_...@web.de wrote: I think I should be able to give a talk in February. -- unpolitisch sein heißt politisch sein, ohne es zu merken. - ArneBab Gesendet: Dienstag, 16. Dezember 2014 um 15:25 Uhr Von: Ian Clarke i...@freenetproject.org An: Discussion of development of development issues devl@freenetproject.org Betreff: [freenet-dev] Someone available to speak in Germany (in German) on Feb 11th? These guys would like give us an award, and have asked whether we have a German representative that could go to their congress in Hamburg on 11th Feb to give a German language introduction to Freenet? Could anyone do this? Ian. -- Ian Clarke Founder, The Freenet Project Email: i...@freenetproject.org ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl -- *Ian Clarke* / Co-Founder CTO *OneSpot, Inc* Email: i...@onespot.com Web: http://www.onespot.com Personal Blog: http://blog.locut.us/ LinkedIn: http://www.linkedin.com/in/iancjclarke Twitter: http://twitter.com/sanity ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
[freenet-dev] Anyone interested in a part-time gig to build on Freenet?
This was referred to me by a friend: https://equalit.ie/code-around-censorship/ Looks interesting. Ian. -- Ian Clarke Founder, The Freenet Project Email: i...@freenetproject.org ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
Re: [freenet-dev] What next?
On Sun, Nov 16, 2014 at 11:30 AM, Matthew Toseland mj...@cam.ac.uk wrote: On 16/11/14 16:36, Ian Clarke wrote: We're in an interesting situation. The world finally appears to really care about the things that Freenet has been about from the very beginning a decade and a half ago (most of the publicity back then viewed Freenet through the prism of Napster and copyright infringement). People finally care about anonymity, privacy, government monitoring, etc. We should be able to capitalize on this but it will take work. And in the meantime every wannabe clone project gets all the funding, and we don't, because we're old news. Yeah. I don't think it's because we're old news, although I think that's a perception challenge we need to address. I think it's because we really haven't been making much of an effort to market ourselves. In the past journalists came to us, and I was fairly good at communicating with them on the project's behalf, but we can't rely on organic press interest any more, we need to make an effort to reach out. For example, we should be perfect for a kickstarter project, we just need to do it, and do it to a high standard (good message, good quality video, etc). I need to do a bit of research before responding to the rest of your email, since I've been out-of-the-loop also (except for various administrative tasks). Ian. ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
Re: [freenet-dev] Pay-for-opennet proposal: latest iteration
This seems like an amazingly centralized thing to do in software, the primary advantage of which is supposed to be its decentralization. Ian. On Thu, Mar 27, 2014 at 10:24 PM, Matthew Toseland t...@amphibian.dyndns.org wrote: Proposal: Implement transient mode: - No routing. - No real anonymity (but may use tunnels later). - Can do requests and inserts. - Seednodes give transient node a Transient Announcement Token, and relay the announcement, give the node a bunch of random peers. - Such tokens are limited by time and IP address. - Transient nodes get lower priority than real peers. - Useful in some special cases e.g. webcafe, over Tor, etc, especially if we have tunneling. - Makes more sense than core opennet for people with really slow connections who aren't on darknet. New installs: - Start off in transient mode. - Can add darknet peers. - Can pay to become a Core Opennet Node. - We can avoid most of the wizard questions, and talking about uptime, until after the user starts looking at upgrading to core status. - Make sure the node is working before taking payment; avoid a lot of technical support aggravation! Payment: - *One time fee* for creating a Core Opennet Node. - Amount to be discussed. Lets say $5 (too low - credit card overhead / bitcoin inconvenience becomes dominant). - Some of it may go to FPI. - In the long run maybe other charities (would have to be a whitelist). - If BTC, some of it may be provably destroyed (or recycled to miners). - Payment mechanisms: -- BTC. (Verifiable by anyone on the block chain, so not necessarily centralised; can be somewhat anonymous) -- Paypal. (Centralised, trust in FPI) Tunnels and verification: (Largely from PISCES) - Every X period, we agree a peer list with our peers. - This is timestamped and signed, and given to our peers, and inserted to a known key. - Nodes construct tunnels telescopically, downloading the peers list at each stage, choosing a random peer from the list. - Sometimes the node chooses not to use the tunnel, in which case it requests the peer list for some of the nodes. - If the peers list for a given node at a given timestamp is different to that found, we have proof of dishonesty. -- We can then insert this (using a special collision-detection keytype), give the proof to the node's neighbours via the tunnel, and blacklist the node. - Modifications for opennet core nodes: -- We only route to a node once it is in our published peer list. -- We gather data that only our peers (not our tunnel partners) should know: IP address, location, bandwidth used in last timeslot for each peer, etc. -- We add a nonce and then hash this; the hash is included in the peers list for each node. -- We exchange the full data when we add a connection, thus checking it only with peers who need to know. -- We can enforce length limits on peer lists, so an attacker who wants to connect to 10,000 nodes will need to create 100+ nodes. Core Opennet Nodes: - To create a Core Opennet Node Certificate, we need to pay, see above. -- Bitcoin: Some of this is destroyed (or given back to the miners). Some may go to FPI. --- This is verifiable and transparent. -- Also possible to pay FPI directly via paypal etc. - Core Opennet Node Certificate includes -- Location. This is fixed, so we cannot exploit announcement. --- This makes MAST, announcement DoS and routing table injection much much harder. - Core Opennet Nodes have performance requirements: -- Uptime (reasonably high, 80%?). --- May be enforcible, at least partially. --- Could involve seednodes, nodes chosen by some verifiable random process, etc. -- Bandwidth (significantly higher than current nominal requirement, say 50KB/sec?). --- Possibly require padding / CBR even if no traffic. --- Could track bandwidth usage in peers list etc. --- This could be enforced, if we use signatures from peers etc. Of course our own fictional owned peers could lie, but this isn't necessarily a problem, as they can't use those links to talk to the network (most attacks limited by the number of connections you have into the network). -- Disk space. (Not enforcible, bad guys can have lots of disk space anyway) -- Actual performance. (To research; how to quantify?) -- Failing to meet enforcible requirements can cause a node to be dropped from the core opennet list. It can get back on however. Existing nodes get a Core Opennet Node Certificate for free on some particular day prior to this infrastructure going live. An attacker could get in at that point, but if he misses it, he'll have to pay. Some vague ideas about marketing: - You are now running Freenet! You can browse the content on Freenet, but your node is in 'transient mode'. This means you are not contributing to the network and have only minimal anonymity. You can: Become part of the core (open) network: Faster performance, more security. ($5). Become part of the dark
Re: [freenet-dev] Freenet and Tor
On Tue, Jan 7, 2014 at 6:56 PM, Matthew Toseland t...@amphibian.dyndns.orgwrote: Are users asking for this? Yes, people are asking for it. And I said it would be an optional feature. And Freenet does not compete with Tor. I never said it did, nor do I believe that it does. But Freenet is a distributed datastore. It *stores data*, in a decentralised, censorship proof way. Which Tor does not do. Also IMHO in the long run it could have greater anonymity. We are not competing with Tor. We cannot possibly compete with Tor, because we do things differently, we provide a different product, and if all the user cares about is anonymity then they are going to use Tor, period. Not if they are in China, where I believe Tor is quite effectively blocked :-/ Ian. -- Ian Clarke Blog: http://blog.locut.us/ ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
Re: [freenet-dev] Freenet and Tor
It's not really clear what you are proposing here, what is the context? Ian. On Tue, Jan 7, 2014 at 5:36 AM, Matthew Toseland t...@amphibian.dyndns.orgwrote: The leaked files on Tor suggest it is significantly stronger than at least I had assumed. It might be interesting to create a simple, but cryptographically verified, TCP-based protocol for communicating with gateways through tunnels, to protect the first hop. This would be a transient request/response protocol handling binary blobs; clients would route the first hop (at least on opennet) through these tunnels, verify returned content, and possibly label requests to keep them on separate tunnels. On darknet we will eventually protect the first hop via PISCES tunnels, however IMHO this is some way off and there are (probably) very few darknet users at present. We could then ask Tor for a directory server flag, although they might say no if Freenet is seen as filesharing and therefore obnoxious. DoS issues might result in some servers asking for payment, although creating a business model is often a good way to fund your attackers (especially if the gateways are anonymised); this is why a classic mixnet doesn't work for bitcoin, for example (don't trust anything without provable blinding). tgs3 and various people on Frost have been suggesting this for some time. IMHO Tor is preferable to I2P (assuming the NSA stuff isn't a false trail, which it might be), but it could work with either. Arguably we should use a normal transport, we're some way away from having TCP-based transport plugins though... and this could be a fairly simple protocol, we can transfer a single block (key) at a time as a single message. http://www.theguardian.com/world/interactive/2013/oct/04/tor-stinks-nsa-presentation-document ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl -- Ian Clarke Blog: http://blog.locut.us/ ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
Re: [freenet-dev] Freenet and Tor
On Tue, Jan 7, 2014 at 2:33 PM, Matthew Toseland t...@amphibian.dyndns.orgwrote: On 07/01/14 17:00, Ian Clarke wrote: It's not really clear what you are proposing here, what is the context? We should allow, optionally, tunneling the first hop over Tor or I2P. Hence: - We implement a simple binary protocol over TCP. You don't think that Freenet is already cumbersome enough for people to get set up with, without suggesting that they install an additional anonymity tool and running everything through that also? Are users asking for this? Ian. -- Ian Clarke Blog: http://blog.locut.us/ ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
Re: [freenet-dev] GSoC blog post?
Could you work on something in Etherpad or a publicly editable Google Doc, that way we can collaborate more easily. Ian. On Sun, Oct 13, 2013 at 7:47 PM, Steve Dougherty st...@asksteved.comwrote: On 10/11/2013 01:03 PM, leuchtkaefer wrote: Hi! I am still on this boat...although these days i have to be completely absent. Have lots of work :( I can write one or 2 paragraphs about my experience. Should I send it directly to Steve? If you're okay with sending something to the list, I think that'd be more useful to a larger number of people. I see you already sent something, [0] so is there more to say? BTW, I get in contact with other students from my living country and we will give a talk to promote GSoC probably next month. I am planning to present Freenet on that talk. Leuchtkaefer Thanks, Steve [0] https://emu.freenetproject.org/pipermail/devl/2013-September/037354.html ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl -- Ian Clarke Blog: http://blog.locut.us/ ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
Re: [freenet-dev] How the NSA attacks Tor
This doesn't have anything to do with the Silk Road takedown, if that is what you are referring to. The vulnerability there was between keyboard and chair. Ian. On Sat, Oct 5, 2013 at 1:26 PM, Robert Hailey rob...@freenetproject.orgwrote: Is MITM the right term? Not to be picky... but I thought they just pulled the server that was serving up those particular hidden services and dropped in a new server with the identify all users exploit [if they were not controlling that server in the first place :-) ]. -- Robert Hailey On 2013/10/04 (Oct), at 3:34 PM, Ian Clarke wrote: This is very interesting: http://www.theguardian.com/world/2013/oct/04/tor-attacks-nsa-users-online-anonymity Looks like it's not an attack on Tor itself, rather they identify Tor users (which Tor isn't designed to prevent AFAIK), and then do a MITM on the connection between Tor and the web to insert some code that exploits a vulnerability that (until recently) was distributed as part of the Tor bundle. Seem like, even though this Firefox vulnerability has been fixed, that they probably have a library of other ones to choose from. Ian. -- Ian Clarke Founder, The Freenet Project Email: i...@freenetproject.org ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl -- Ian Clarke Personal blog: http://blog.locut.us/ ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
[freenet-dev] How the NSA attacks Tor
This is very interesting: http://www.theguardian.com/world/2013/oct/04/tor-attacks-nsa-users-online-anonymity Looks like it's not an attack on Tor itself, rather they identify Tor users (which Tor isn't designed to prevent AFAIK), and then do a MITM on the connection between Tor and the web to insert some code that exploits a vulnerability that (until recently) was distributed as part of the Tor bundle. Seem like, even though this Firefox vulnerability has been fixed, that they probably have a library of other ones to choose from. Ian. -- Ian Clarke Founder, The Freenet Project Email: i...@freenetproject.org ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
[freenet-dev] Reportedly half of all Tor hidden services compromised by FBI
I cannot vouch for the accuracy of this information, but it appears plausible: http://www.twitlonger.com/show/n_1rlo0uu Here is a report in a reputable news source, however there is no specific mention of Tor: http://www.independent.ie/irish-news/courts/fbi-bids-to-extradite-largest-childporn-dealer-on-planet-29469402.html This could lead to a significant influx of users if it results in trust in Tor hidden services being significantly damaged. We should discuss our response to it. Ian. -- Ian Clarke Founder, The Freenet Project Email: ian at freenetproject.org
[freenet-dev] Summary of recent opennet discussions
On Mon, Jul 22, 2013 at 9:32 AM, Matthew Toseland wrote: > Since Eleriseth announced he was leaving and we should focus on > speed/usability, then opennet security, and only then darknet, I have been > looking into options for securing opennet, and discussing this with various > people. > I agree that speed/usability should be the top priority (although obviously not the only priority). Most of the proposals below are directly contrary to usability - we need to encourage people to contribute to the Freenet network, not punish them for it, nor make them jump through unnecessary hoops. We need to find solutions that won't make it even more difficult to contribute to the Freenet network. The main attacks here are: > - MAST: Listen for a predictable request/insert, triangulate roughly where > the originator is on the network based on the requests you receive, > announce to that location, repeat until you have the target. Cheap. Really, > really cheap. > To the extent that this is feasible, routing a request randomly on its initial hop, perhaps with a bias towards nodes that are further from your node's location, should make this considerably more difficult. > - Surveillance: Connect to every node, log all the inserts for a month > (freenet content doesn't last long if not requested). Connect it to > announced content. Surprisingly cheap, given our relatively low bandwidth > usage per peer etc, and it will become cheaper per node as the network > grows because bandwidth (and everything else) gets *really* cheap in large > volumes. This is a Sybil attack: The only way to beat it is by using some > sort of scarcity. > We could have nodes detect this kind of behavior since it would be somewhat weird - a bunch of inserts coming from the same node, etc. Essentially a heuristic "bad behavior" detector that cases nodes to be blocked. Ian. -- Ian Clarke Personal blog: http://blog.locut.us/
Re: [freenet-dev] UI update
Sorry for the slow response but this looks great. Love the elegant simplicity. Ian. On Fri, Jul 5, 2013 at 9:10 AM, Paulo Makdisse makdi...@gmail.com wrote: Hi all, Been away for some months (bad things happen all at the same time), but now I'm working again on the UI. I did not do much, but here is the current status so you can take a look on your free time and share your thoughts: http://freenet-redesign.herokuapp.com/ I don't plan to be verbose with updates here on devl, I'll just update that pages list with new material. (hope that this is not a problem) Feedback are very welcome. (_mak at #freenet). Thanks, Paulo ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl -- Ian Clarke Personal blog: http://blog.locut.us/ ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
Re: [freenet-dev] Freenet wish list
Hi Madhawa, Thank you, we always need new developers. The best place to start is probably our issue tracker here: https://bugs.freenetproject.org/ Many of them might be difficult for someone unfamiliar with the codebase, but if you can find one that you think you can manage, then it will help you to get familiar with the codebase. Matthew Toseland may also be able to direct you to an issue. Can you give us some information on your technical background? Ian. On Tue, Mar 19, 2013 at 1:15 AM, Madhawa Chandrasena dilmadh...@gmail.comwrote: Hi, I'm computer science and Engineering student and I would like to contribute in Freenet developments. Can any one direct me where can I find Freenet wish list and any thing useful for my purpose. Thanks in advance. -- *Dilshan Madhawa Chandrasena * *Undergraduate (BSc Engineering)* *Department of Computer Science and Engineering* *University of Moratuwa* *Sri Lanka.* ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl -- Ian Clarke Founder, The Freenet Project Email: i...@freenetproject.org ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
Re: [freenet-dev] Summer of Code 2013
Is anyone else finding that the wiki is slow to load, or isn't loading at all? Ian. On Mon, Mar 18, 2013 at 4:17 PM, Matthew Toseland t...@amphibian.dyndns.org wrote: I've applied for Summer of Code for 2013. Will let you know when/if the application has been accepted. Please edit the 2013 ideas page on the wiki: https://wiki.freenetproject.org/Google_Summer_of_Code/2013 ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl -- Ian Clarke Personal blog: http://blog.locut.us/ ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
Re: [freenet-dev] IllegalKeySizeExpeption
Yes, adding padding to RSA is on our todo list. Perhaps we will just use 128 bit AES. If either of you feel like submitting a patch to address these issues it would be appreciated. Ian. On Sun, Mar 10, 2013 at 4:58 AM, Florent Daigniere nextg...@freenetproject.org wrote: On Sat, Mar 09, 2013 at 08:19:26PM +, Matthew Toseland wrote: On Saturday 09 Mar 2013 15:43:11 Ian Clarke wrote: We've been running into an IllegalKeySizeExpeption with Tahrir, which requires that anyone outside the US download the Java Cryptography Extension - obviously this is unacceptable from a usability perspective. How does Freenet address this problem? I assume you are trying to use 256-bit AES? Options: 1. Just use 128-bit crypto. This is 30%-40% faster than 256-bit, and should still provide adequate security, according to nextgens. 2. Use 256-bit crypto via the Bouncycastle lightweight API. This is not subject to keylength restrictions. Obviously you'll need to ship the jar. http://www.bouncycastle.org/documentation.html 3. Provide your own crypto libraries. src/freenet/crypt/ciphers/Rijndael*.java Complications: First, be careful with the key size of the various components, the limiting factor is usually not the symmetric crypto, see e.g. http://www.keylength.com/en/3/ Second, use AES, i.e. 128-bit block size. 256-bit block size is used in Freenet at the moment and this complicates matters considerably; until Eleriseth's recent changes it was dramatically slower than using the standard 128-bit block size. Hi Ian, Let me translate: two choices: - Use 128bit crypto (no export restriction, faster and ok unless you assume that the attacker has access to a quantum computer way more powerful than anything publicly known) - Don't use JCA https://github.com/sanity/tahrir/blob/master/src/main/java/tahrir/io/crypto/TrSymKey.java https://github.com/sanity/tahrir/blob/master/src/main/java/tahrir/io/crypto/TrCrypto.java Glancing at Tahrir's crypto , you have much bigger problems than the key-size choice... 1) RSA/None/NoPadding is never okay. Padding is critical to RSA's security. You want OAEPSomething. ( http://rdist.root.org/2009/10/06/why-rsa-encryption-padding-is-critical/) 2) Unauthenticated encryption is a bad idea... You really shouldn't use AES/CBC without integrity verification ( http://meri-stuff.blogspot.com/2012/04/secure-encryption-in-java.html). If I were you I'd got for authenticated encryption AES/CTR/CCM or something like that. Really, if you want to keep it simple, use a higher level encryption library (Keyczar, cryptlib, NaCL, the bouncycastle's high-level stuff, apache shiro, ...). Regards, Florent ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl -- Ian Clarke Personal blog: http://blog.locut.us/ ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
[freenet-dev] IllegalKeySizeExpeption
We've been running into an IllegalKeySizeExpeption with Tahrir, which requires that anyone outside the US download the Java Cryptography Extension - obviously this is unacceptable from a usability perspective. How does Freenet address this problem? Ian. -- Ian Clarke Founder, The Freenet Project Email: i...@freenetproject.org ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
Re: [freenet-dev] Google Summer of Code 2013
When have I ever disappeared or failed to keep a commitment I made? I do what I commit to do, always have, always will. Ian. On Tue, Mar 5, 2013 at 4:53 AM, Matthew Toseland t...@amphibian.dyndns.orgwrote: On Monday 04 Mar 2013 22:33:21 Ian Clarke wrote: So I have one excellent student that wants to work on Tahrir this Summer, ideally as part of GSoC, I've already started to get him up to speed on the codebase and his progress is impressive. Here is the trickier part: I have another student that has been working on another open source project of mine called LastCalc, that is unrelated to Freenet. He has asked me whether he can work on it this summer as part of GsoC. I assumed that doing the LastCalc project with Freenet as a mentoring org would be a non-starter since they aren't related (except through me), however I consulted the GSoC mailing list about it they said that it is ok provided that Freenet is ok with it. So, does anyone have a strong objection to this? I can't think of any reason why anyone would given that I'm willing to mentor both projects. Matthew, I know that you thought mentoring two projects would be too much work, however I already have three students that I work with, two on Tahrir, one on LastCalc. I spend several hours a week with each of them, so actually no less work than would be required of me as a GSoC mentor, and it works well. If you disappear, or fail to keep up with the workload, we're ed. What's your contingency plan? -- Ian Clarke Founder, The Freenet Project Email: i...@freenetproject.org ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
Re: [freenet-dev] Google Summer of Code 2013
On Tue, Mar 5, 2013 at 12:52 PM, Matthew Toseland t...@amphibian.dyndns.org wrote: On Tuesday 05 Mar 2013 18:15:17 Ian Clarke wrote: When have I ever disappeared or failed to keep a commitment I made? I do what I commit to do, always have, always will. Other mentors have disappeared. I'm not other mentors. I really think you're being a bit ridiculous here. It is hard enough to find one mentor for any given student, are you now saying that we can't take on a student unless we have both a mentor and a backup mentor? I find it hard to believe that any other project has such a stringent requirement. As an organisation we need to be able to deal with a mentor disappearing - the organisation application form may even ask what our protocol for dealing with disappearing mentors is, it has done so in the past, although two years ago it was simplified considerably iirc. What is our mentoring policy for dealing with a civilization-ending asteroid? How about an alien invasion? Plague? A change in the fundamental laws of physics rendering computation impossible? Surely we can't take on any students without accounting for those possibilities? If none of your students can be mentored by anyone else, and you don't have time to mentor them, then we will potentially have failed to fill in the evaluation on time for THREE students. Which will probably mean we never get onto GSoC again; it would measurably annoy the people running the programme. For crying out loud. I am telling you that I will have time. I have always had time in the past. I have time RIGHT NOW when I am effectively mentoring 3 students outside the context of GSoC (I devote 1-4 hours per student per week). All that would have to have for this to happen is for you to disappear for a few days around the mid-term because of a business commitment you took on without checking the dates... A business commitment in Afghanistan? How likely is it that I would have a business commitment somewhere with no Internet access? Of course it's unlikely that Google will let you have 3 students anyway - last year the metric was 1 slot = 1 mentor with an allocated student IIRC. Or was that the previous year? Firstly it is 2 students, not 3. I have 3 students currently outside the context of GSoC, but only two of them are interested in GSoC. Secondly, I have described my intention on the GSoC mentors mailing list and NOBODY, not one person has raised these concerns, or told me that we were limited to 1-mentor-1-student. I apologise if this seems hostile It doesn't seem hostile, it seems ridiculous. , but we HAVE had problems with disappearing mentors in the past In 12 years you have never had a problem with ME disappearing in the past. I have a 100% success record with not disappearing, and with living up to every commitment I've ever made related to Freenet. , and you did ask for my opinion. Feel free to insist, in which case I will admin. But if you disappear I will not be able to evaluate your students, and I don't think anyone else will either. I won't disappear. Ian. -- Ian Clarke Founder, The Freenet Project Email: i...@freenetproject.org ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
Re: [freenet-dev] Google Summer of Code 2013
So I have one excellent student that wants to work on Tahrir this Summer, ideally as part of GSoC, I've already started to get him up to speed on the codebase and his progress is impressive. Here is the trickier part: I have another student that has been working on another open source project of mine called LastCalc, that is unrelated to Freenet. He has asked me whether he can work on it this summer as part of GsoC. I assumed that doing the LastCalc project with Freenet as a mentoring org would be a non-starter since they aren't related (except through me), however I consulted the GSoC mailing list about it they said that it is ok provided that Freenet is ok with it. So, does anyone have a strong objection to this? I can't think of any reason why anyone would given that I'm willing to mentor both projects. Matthew, I know that you thought mentoring two projects would be too much work, however I already have three students that I work with, two on Tahrir, one on LastCalc. I spend several hours a week with each of them, so actually no less work than would be required of me as a GSoC mentor, and it works well. Thoughts? Ian. -- Ian Clarke Founder, The Freenet Project Email: i...@freenetproject.org ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
Re: [freenet-dev] Google Summer of Code 2013
Would any of you be willing to volunteer to take care of the administrative side of Summer of Code? I don't think it is too onerous but someone should be in charge of ensuring that forms get filled out, etc. Matthew, could you summarize what this would involve? Ian. -- Ian Clarke Founder, The Freenet Project Email: i...@freenetproject.org ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
Re: [freenet-dev] Google Summer of Code 2013
On Sat, Mar 2, 2013 at 10:49 AM, Matthew Toseland t...@amphibian.dyndns.org wrote: On Saturday 02 Mar 2013 16:13:08 Ian Clarke wrote: Would any of you be willing to volunteer to take care of the administrative side of Summer of Code? I don't think it is too onerous but someone should be in charge of ensuring that forms get filled out, etc. Matthew, could you summarize what this would involve? Mostly bugging mentors, some form filling. It is *ESSENTIAL* that we have FULL CONTACT DETAILS for each mentor. We need them to fill in the forms. If a mentor disappears the org admin will have to fill the forms in. Doing an adequate job in such circumstances probably isn't possible, and would require such a large time commitment as to be unrealistic - even for me. But not filling them in at all means aggravating Google, which is also very bad... In the worst case this can involve a huge amount of work and a huge amount of stress. In the best case it's minimal. Are you willing to do this Matthew? I knew you were worried about some poorly timed exams…. Ian. -- Ian Clarke Founder, The Freenet Project Email: i...@freenetproject.org ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
[freenet-dev] donation
We just received an anonymous donation of $10,000! Ian. -- Ian Clarke Founder, The Freenet Project Email: i...@freenetproject.org ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
Re: [freenet-dev] donation
Now, approximately $14,000. Ian. On Sat, Feb 23, 2013 at 1:58 PM, xor x...@freenetproject.org wrote: On Saturday, February 23, 2013 01:12:05 PM Ian Clarke wrote: We just received an anonymous donation of $10,000! hooray! whats the current balance of our finances? ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl -- Ian Clarke Personal blog: http://blog.locut.us/ ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
Re: [freenet-dev] Maven revisited
It's not implemented on Rails. On Fri, Feb 1, 2013 at 11:12 PM, Travis Wellman tra...@traviswellman.comwrote: How is maven different than ruby gems? http://venturebeat.com/2013/01/30/rubygems-org-hacked-interrupting-heroku-services-and-putting-millions-of-sites-using-rails-at-risk/ -- Travis Wellman tra...@traviswellman.com http://traviswellman.com/ On Thu, 31 Jan 2013 10:36:09 -0600 Ian Clarke i...@freenetproject.org wrote: I recall that the reason for not using Maven is that it doesn't operate over a secure connection, and it leaves us open to the compromise of any of Freenet's dependencies Maven repositories. This is despite the fact that no such compromise as ever occurred on any project that I'm aware of, and since we don't do code audits of Freenet's current dependencies, our current approach doesn't immunize us against it anyway. ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl -- Ian Clarke Personal blog: http://blog.locut.us/ ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
[freenet-dev] Maven revisited
I was thinking about the fact that we still build Freenet using the tools that were available to us a decade ago, while the Java world has moved on to more sophisticated dependency management tools like Maven. I recall that the reason for not using Maven is that it doesn't operate over a secure connection, and it leaves us open to the compromise of any of Freenet's dependencies Maven repositories. This is despite the fact that no such compromise as ever occurred on any project that I'm aware of, and since we don't do code audits of Freenet's current dependencies, our current approach doesn't immunize us against it anyway. However, one approach that might alleviate this concern is that we run our own Maven repository which will host any dependencies we need, and then configure Maven not to pull from the central Maven repos. There is the other issue that Maven can be a PITA to use, however there are similar alternatives: http://www.streamhead.com/maven-alternatives/ Thoughts? Ian. -- Ian Clarke Founder, The Freenet Project Email: i...@freenetproject.org ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
Re: [freenet-dev] Maven revisited
On Thu, Jan 31, 2013 at 12:59 PM, Matthew Toseland t...@amphibian.dyndns.org wrote: On Thursday 31 Jan 2013 17:50:32 Michael Grube wrote: On Thu, Jan 31, 2013 at 11:36 AM, Ian Clarke i...@freenetproject.org wrote: This is despite the fact that no such compromise as ever occurred on any project that I'm aware of, and since we don't do code audits of Freenet's current dependencies, our current approach doesn't immunize us against it anyway. Have you actually tried to find out? If by try you mean a quick Googlehttps://www.google.com/webhp?sourceid=chrome-instantion=1ie=UTF-8#hl=entbo=dsclient=psy-abq=maven%20repository%20compromiseoq=gs_l=pbx=1fp=eba5ecb19bdd79c3ion=1bav=on.2,or.r_gc.r_pw.r_cp.r_qf.bvm=bv.41642243,d.b2Ibiw=1371bih=983search, then yes. If we run our own repository: - We need to maintain it. This is more unnecessary work. Not a lot, probably less than dealing with the freenet-ext.jar mess. - We need to host it. This is more CPU usage on the small, cheap, rather limited VM that runs the website etc. It won't use significant CPU or bandwidth, only developers will access it, and Maven caches dependencies locally. But most importantly, we need it to be reasonably easy to *develop Freenet anonymously*. This is not a theoretical aspiration. There are anonymous developers today, and some of them are extremely productive at times. They can use a Tor proxy. Exactly what problem are you trying to solve here? It's really not that hard to build Freenet. Granted it should be easier; the immediate problem is you need not only freenet-ext.jar (which the build scripts will fetch for you if you set one line in a config file; the first time you run ant it will tell you this), but also the bouncycastle jar, which isn't auto-fetched. I'm trying to bring us into 2013, Maven is virtually a standard Java tool these days. freenet-ext.jar has to be built, has to be kept up-to-date. It's basically an ugly home-grown dependency management solution. Originally there were no alternatives, but now there are, and there are easy solutions to the problems that you've outlined with it. Ian. -- Ian Clarke Personal blog: http://blog.locut.us/ ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
Re: [freenet-dev] Maven revisited
On Thu, Jan 31, 2013 at 3:34 PM, Matthew Toseland t...@amphibian.dyndns.org wrote: But most importantly, we need it to be reasonably easy to *develop Freenet anonymously*. This is not a theoretical aspiration. There are anonymous developers today, and some of them are extremely productive at times. They can use a Tor proxy. IMHO we should not force that on them. Tor has a different threat model, and is much easier to block. Whereas developing over Freenet, without using Tor at all, is quite possible right now, or would be if we maintained an official on-freenet git/hg repo (using tools that already exist). To be fair, existing anonymous devs do pull from the main repo via Tor, but IMHO we should not require them to do so. Now that I think about it, it may be possible to host a Maven repository in Freenet… AFAIK it's just straight-up HTTP GETs. I'm trying to bring us into 2013, Maven is virtually a standard Java tool these days. freenet-ext.jar has to be built, has to be kept up-to-date. It's basically an ugly home-grown dependency management solution. Originally there were no alternatives, but now there are, and there are easy solutions to the problems that you've outlined with it. No, Maven does not help with freenet-ext.jar at all. The end-user does not use Maven. Using Maven's assembly plugin - it's trivially easy to compile your code, together with all dependencies, into a single .jar. Ian. -- Ian Clarke Personal blog: http://blog.locut.us/ ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
Re: [freenet-dev] Revocation messages: request review of english text
The term blown is jargon, I don't think we should use it. All messages should give the user guidance as to what course of action to take, and what the implications of the various messages are. Ian. On Thu, Jan 31, 2013 at 3:44 PM, Matthew Toseland t...@amphibian.dyndns.org wrote: Some strings that users hopefully will never see. But if they do see them, they need to be clear. Any comments welcome. RevocationKeyFoundUserAlert.text=The Freenet auto-update system appears to have been compromized! A trusted member of the Freenet team has uploaded a special signed message to Freenet to say that the keys for the auto-updater have been stolen, leaked, or somebody has them who shouldn't. We have turned off auto-update to prevent malware from being installed on your computer. Please check the website ( https://freenetproject.org/ ) for updates (if you can do so safely), but be careful as that may not be secure either. The thief might even have the keys for the message below, so please don't blindly follow instructions given without confirmation. Sorry we messed up! RevocationKeyFoundUserAlert.textDetail=The message is: ${message} RevocationKeyFoundUserAlert.textDisabled=The auto-updater has been disabled. This might be because of a local problem, such as running out of disk space, or the auto-updating system may have been compromized. RevocationKeyFoundUserAlert.textDisabledDetail=The reason is: ${message}. RevocationKeyFoundUserAlert.title=URGENT: The Freenet auto-update system has been compromised! RevocationKeyFoundUserAlert.titleDisabled=The auto-updater may have been compromised! We have turned it off for now, please click for more details. PeersSayKeyBlownAlert.fetching=Your node is attempting to download the revocation certificate to find out more details. PeersSayKeyBlownAlert.failedFetch=Your node has been unable to download the revocation certificate. Possible causes include an attack on your node to try to get you to update despite the key being blown, or your nodes lying about the key being blown. Please contact the developers or other Freenet users to sort out this mess. PeersSayKeyBlownAlert.connectedSayBlownLabel=These connected nodes say that the key has been blown (we are trying to download the revocation cert from them): PeersSayKeyBlownAlert.disconnectedSayBlownLabel=These nodes told us that the key has been blown, but then disconnected, so we could not fetch the revocation certificate: PeersSayKeyBlownAlert.failedTransferSayBlownLabel=These nodes told us that the key has been blown, but then failed to transfer the revocation certificate: PeersSayKeyBlownAlert.titleWithCount=Auto-update key blown according to ${count} peer(s)! PeersSayKeyBlownAlert.short=According to some of your peers it is not safe to auto-update. Auto-update has been disabled until we know if they are not making it up. RevocationChecker.revocationFetchFailedMaybeInternalError=The auto-update system has failed due to an unexpected error: ${detail}. This might be because the auto-update key has been compromized (e.g. the keys have been stolen), so we have turned off auto-update as it may not be safe. However it might also be due to a local problem such as running out of disk space. If this is true, please fix the problem and restart Freenet. If this message does not go away, please check the website ( https://freenetproject.org/ ) and seek help. It might be useful to try fetching the key manually, but bear in mind it might have been inserted by the person who stole the keys: ${key} RevocationChecker.revocationFetchFailedFatally=The auto-update system has been compromized! The private key may have been stolen, so auto-update has been turned off permanently. The file that should explain what has happened cannot be fetched due to an unexpected error: ${detail}. Please try fetching the key manually (the key might have been inserted incorrectly e.g. be too big; for safety's sake we have to turn off auto-update straight away rather than wait for the whole key): ${key} ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl -- Ian Clarke Personal blog: http://blog.locut.us/ ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
Re: [freenet-dev] X-Vine summary was Re: Pisces and X-Vine: Tunnels and better routing on darknet?
On Fri, Jan 25, 2013 at 3:08 PM, Matthew Toseland t...@amphibian.dyndns.org wrote: - X-Vine guarantees that it will find the data if it exists, whereas Freenet only probabilistically finds the data. Any system that allows anyone to insert data must have a way to automatically delete data. Freenet uses a localized LRU - how does X-Vine deal with this? Ian. -- Ian Clarke Personal blog: http://blog.locut.us/ ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
[freenet-dev] Statement on Java exploit
The Java brand has taken a bit of a hit with this latest exploit: http://www.zdnet.com/homeland-security-warns-to-disable-java-amid-zero-day-flaw-709713/ Many people don't realize that the problem is limited to Java applets, which almost nobody uses anymore. Should we make a statement on our website? I'll write an initial draft which we can collaborate on here http://piratepad.net/8qC2Frxzok Ian. -- Ian Clarke Founder, The Freenet Project Email: i...@freenetproject.org ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
Re: [freenet-dev] Github issues
I believe you can request that Github move repositories from a user to an organization. Ian. On Tue, Jan 8, 2013 at 7:29 AM, Matthew Toseland t...@amphibian.dyndns.orgwrote: Since we created the github account, with the repo's on, they have added Organisations. Hence our github repo's are all owned by a single user, freenet, which I also use directly. IIRC there used to be some means for others to control freenet's repo's, but I can't find any such setting now; one account is one account. Which means the bus factor is rather alarming: If I'm disabled, we don't have admin access to the github settings. So we probably should move our repositories onto the freenetproject organisation. The catch is, github does not support creating redirects. So this means *every developer will need to change their remotes*, or re-pull/re-checkout the repository. This is somewhat disruptive. Should we go ahead anyway? Should we wait? Should we forget about it, and deal with crises if they happen in the future? ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl -- Ian Clarke Founder, The Freenet Project Email: i...@freenetproject.org ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
Re: [freenet-dev] Fwd: DNS block
Yeah, he is now claiming it's to prevent copyright infringement, and that I need to contact OpenDNS to get removed from the anonymizers list. But Freenet *is* an anonymizer, so I'm not sure how that argument is supposed to go. Could you ask your journalist friend to contact me before writing anything? My conversation with them is ongoing so I want to make sure he has the latest information. Ian. On Fri, Dec 28, 2012 at 8:30 AM, Arne Babenhauserheide arne_...@web.dewrote: Am Donnerstag, 27. Dezember 2012, 16:52:18 schrieb Ian Clarke: Had this conversation with a provider of wifi-hotspots in Austin. I had initially sent an email complaining that http://freenetproject.org/ was blocked in a coffee shop I frequent. Thank you for forwarding! I passed the URL to this message to Glyn Moody, journalist at techdirt. I hope he gets it :) Best wishes, Arne -- Ein Würfel System - einfach saubere Regeln: - http://1w6.org ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl -- Ian Clarke Founder, The Freenet Project Email: i...@freenetproject.org ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
Re: [freenet-dev] Fwd: DNS block
FYI - they have whitelisted FreenetProject.org - so it's all good. Please let your journalist friend know. Ian. On Fri, Dec 28, 2012 at 9:34 AM, Arne Babenhauserheide arne_...@web.dewrote: I pointed him to your new message. Hi might still overlook the message (it’s on identi.ca and twitter, not via email), but let’s hope he sees it. Best wishes, Arne Am Freitag, 28. Dezember 2012, 08:50:51 schrieb Ian Clarke: Yeah, he is now claiming it's to prevent copyright infringement, and that I need to contact OpenDNS to get removed from the anonymizers list. But Freenet *is* an anonymizer, so I'm not sure how that argument is supposed to go. Could you ask your journalist friend to contact me before writing anything? My conversation with them is ongoing so I want to make sure he has the latest information. Ian. On Fri, Dec 28, 2012 at 8:30 AM, Arne Babenhauserheide arne_...@web.dewrote: Am Donnerstag, 27. Dezember 2012, 16:52:18 schrieb Ian Clarke: Had this conversation with a provider of wifi-hotspots in Austin. I had initially sent an email complaining that http://freenetproject.org/was blocked in a coffee shop I frequent. Thank you for forwarding! I passed the URL to this message to Glyn Moody, journalist at techdirt. I hope he gets it :) Best wishes, Arne -- Ein Würfel System - einfach saubere Regeln: - http://1w6.org ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl -- Konstruktive Kritik: - http://draketo.de/licht/krude-ideen/konstruktive-kritik -- Ian Clarke Founder, The Freenet Project Email: i...@freenetproject.org ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
[freenet-dev] Fwd: DNS block
Had this conversation with a provider of wifi-hotspots in Austin. I had initially sent an email complaining that http://freenetproject.org/ was blocked in a coffee shop I frequent. Ian. Forwarded conversation Subject: DNS block From: *techsupport* techsupp...@deepcoolclear.com Date: Thu, Dec 27, 2012 at 3:57 PM To: i...@freenetproject.org Hi Ian your web site is blocked by millions of sites in the USA and other places outside of the countries you mentioned, by a service called OpenDns that we subscribe to. I think the greater message is that you should be in touch with them directly, to have your site removed from the list of Proxy/Anonymizer which are blocked because we have an obligation to avoid porn and related content from these networks to the best of our ability. Since a Proxy bypasses the DNS service, you can see why this is so. The only good news today, is that you are now aware of how many places are blocking your web page. Best Regards DeepCoolClear -- From: *Ian Clarke* i...@freenetproject.org Date: Thu, Dec 27, 2012 at 4:33 PM To: techsupport techsupp...@deepcoolclear.com Don't worry, I'm well aware that billions of people in China are prevented from visiting our web page due to their authoritarian government. I'm just disappointed that it's also occurring in the US. OpenDns is correct to classify our website is an anonymizer, that's what it is. I suspect that most of your customer's customers value their online anonymity, it's unfortunate that you are denying that to them. I note that your customers include a few companies where I have contacts in their senior management. In particular, the CEO of Whole Foods is a noted libertarian. I'll discuss it with them. Ian. -- Ian Clarke Founder, The Freenet Project Email: i...@freenetproject.org -- Ian Clarke Founder, The Freenet Project Email: i...@freenetproject.org ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
[freenet-dev] Fwd: Freenet applying for Access Tech Innovation Prize?
This looks like an ideal opportunity for us, but I'm crazy busy over the next week or so and am unlikely to be able to apply. Would anyone like to volunteer to take this on? I can provide them with any necessary information. Ian. -- Forwarded message -- From: Michael Carbone <---> Date: Tue, Aug 21, 2012 at 3:18 PM Subject: Freenet applying for Access Tech Innovation Prize? To: ... Dear Ian, Not sure if you or the Freenet team are aware of the Access Innovation Awards, $100,000 in prizes across five categories granted to individuals, organizations or networks who have the best actionable ideas of how to use information technology to promote and enable human rights or deliver a social good outcome. The deadline for applications is August 31st, more details are at https://www.accessnow.org/prize. We would love to receive an application from the Freenet team, or if you have any other current or potential future projects that fit within the topics. Of the five categories, I think the Blackout Resilience and Golden Jellybean categories are the most applicable to Freenet, but in any case they are: *Blackout Resilience*: $20,000 will go to the best actionable idea to help build an open-sourced, blackout resilient technology for use by activists and human rights workers in conditions where there is a need for alternate communications infrastructure to the one put in place and/or controlled by the authorities. For example, where there has been a communication network shutdown. *Making Crypto Easy*: $20,000 will go to the best actionable idea to properly integrate encryption into an existing product/system, educate users as to how to use encryption and/or build a community who use encryption by default. *The Bounty*: A $20,000 bounty will be granted for the best patch for a disclosed or as yet undisclosed vulnerability in a program/platform or software used by human rights defenders and activists. *Golden Jellybean*: This is an unthemed category. $20,000 will go to the best actionable idea of how communication technologies can be used to promote and enable human rights. This could include funding a researcher for $20,000; the development of a training guide for activists; a new censorship circumvention program; or an initiative to detect surveillance equipment on the network. *Access Facebook Award*: $20,000 will go to the best actionable idea of how to use the Facebook platform to deliver a human rights, human development or social good outcome. We're looking for initiatives across the spectrum - from enhancing freedom of speech and expression to improving the economic well-being of a disadvantaged group. As a reminder, applications will be evaluated based on the impact, likelihood, innovation, and sustainability of the project or idea. For more information about the awards, the criteria, or the submission process, please visit the prize website: https://www.accessnow.org/prize. ** All the best, Michael Access is a global movement premised on the belief that political participation and the realization of human rights in the 21st century is increasingly dependent on access to the internet and other forms of technology. Visit us at accessnow.org <https://www.accessnow.org/>. -- Michael Carbone Access -- Ian Clarke Founder, The Freenet Project Email: ian at freenetproject.org -- next part -- An HTML attachment was scrubbed... URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20120821/317a75a8/attachment.html>
[freenet-dev] Fwd: Freenet applying for Access Tech Innovation Prize?
This looks like an ideal opportunity for us, but I'm crazy busy over the next week or so and am unlikely to be able to apply. Would anyone like to volunteer to take this on? I can provide them with any necessary information. Ian. -- Forwarded message -- From: Michael Carbone --- Date: Tue, Aug 21, 2012 at 3:18 PM Subject: Freenet applying for Access Tech Innovation Prize? To: ... Dear Ian, Not sure if you or the Freenet team are aware of the Access Innovation Awards, $100,000 in prizes across five categories granted to individuals, organizations or networks who have the best actionable ideas of how to use information technology to promote and enable human rights or deliver a social good outcome. The deadline for applications is August 31st, more details are at https://www.accessnow.org/prize. We would love to receive an application from the Freenet team, or if you have any other current or potential future projects that fit within the topics. Of the five categories, I think the Blackout Resilience and Golden Jellybean categories are the most applicable to Freenet, but in any case they are: *Blackout Resilience*: $20,000 will go to the best actionable idea to help build an open-sourced, blackout resilient technology for use by activists and human rights workers in conditions where there is a need for alternate communications infrastructure to the one put in place and/or controlled by the authorities. For example, where there has been a communication network shutdown. *Making Crypto Easy*: $20,000 will go to the best actionable idea to properly integrate encryption into an existing product/system, educate users as to how to use encryption and/or build a community who use encryption by default. *The Bounty*: A $20,000 bounty will be granted for the best patch for a disclosed or as yet undisclosed vulnerability in a program/platform or software used by human rights defenders and activists. *Golden Jellybean*: This is an unthemed category. $20,000 will go to the best actionable idea of how communication technologies can be used to promote and enable human rights. This could include funding a researcher for $20,000; the development of a training guide for activists; a new censorship circumvention program; or an initiative to detect surveillance equipment on the network. *Access Facebook Award*: $20,000 will go to the best actionable idea of how to use the Facebook platform to deliver a human rights, human development or social good outcome. We're looking for initiatives across the spectrum - from enhancing freedom of speech and expression to improving the economic well-being of a disadvantaged group. As a reminder, applications will be evaluated based on the impact, likelihood, innovation, and sustainability of the project or idea. For more information about the awards, the criteria, or the submission process, please visit the prize website: https://www.accessnow.org/prize. ** All the best, Michael Access is a global movement premised on the belief that political participation and the realization of human rights in the 21st century is increasingly dependent on access to the internet and other forms of technology. Visit us at accessnow.org https://www.accessnow.org/. -- Michael Carbone Access -- Ian Clarke Founder, The Freenet Project Email: i...@freenetproject.org ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
[freenet-dev] Freenet security setup redesign v2
On Sun, Aug 12, 2012 at 5:56 PM, Me wrote: > This is Irfan again and as I promised, I am emailing the Freenet > developers the second version of the redesign for the Freenet Security > setup before the weekend is over. > > As requested, I removed the arrows as they seemed pointless and therefore, > also removed that when-arrow-is-down state. So now the description of the > setting appears when the toggle switch is turned on. > > I also made some minor detail changes, which may be largely unnoticeable, > just fyi. > > Here is the default-state of second version of the redesign: > http://cl.ly/image/1G263P1X2Y0B > > and here is the when-toggle-switch-is-on state: > http://cl.ly/image/413F3K3Q3l16 > > One issue I am having with the toggle-switch-is-on state design is the > location of the done button. I can't decide if it is a better UX > (User-Experience) to have the done-button after the settings, where it is > now, or after all of the security options (underneath the word 'Custom'). > If you have any comments or thoughts on that, please let me and the list > know so we can decide on that button's location. > > > Lastly, if you have any comments or thoughts on this version of the > redesign please make your voice heard. As always, feedback is appreciated > and welcome. > I like the overall look but I'm just not sure about the toggle switches, I think they create unnecessary potential for confusion. You just don't see them used in web pages very often. Couldn't we just have something that looks like a radio button, since this will be a familiar UI element where the user must select one option from a list? Ian. -- Ian Clarke Personal blog: http://blog.locut.us/ -- next part -- An HTML attachment was scrubbed... URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20120812/95bb941f/attachment.html>
Re: [freenet-dev] Freenet security setup redesign v2
On Sun, Aug 12, 2012 at 5:56 PM, Me the...@gmail.com wrote: This is Irfan again and as I promised, I am emailing the Freenet developers the second version of the redesign for the Freenet Security setup before the weekend is over. As requested, I removed the arrows as they seemed pointless and therefore, also removed that when-arrow-is-down state. So now the description of the setting appears when the toggle switch is turned on. I also made some minor detail changes, which may be largely unnoticeable, just fyi. Here is the default-state of second version of the redesign: http://cl.ly/image/1G263P1X2Y0B and here is the when-toggle-switch-is-on state: http://cl.ly/image/413F3K3Q3l16 One issue I am having with the toggle-switch-is-on state design is the location of the done button. I can't decide if it is a better UX (User-Experience) to have the done-button after the settings, where it is now, or after all of the security options (underneath the word 'Custom'). If you have any comments or thoughts on that, please let me and the list know so we can decide on that button's location. Lastly, if you have any comments or thoughts on this version of the redesign please make your voice heard. As always, feedback is appreciated and welcome. I like the overall look but I'm just not sure about the toggle switches, I think they create unnecessary potential for confusion. You just don't see them used in web pages very often. Couldn't we just have something that looks like a radio button, since this will be a familiar UI element where the user must select one option from a list? Ian. -- Ian Clarke Personal blog: http://blog.locut.us/ ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
[freenet-dev] Download button for new site
I appreciate the effort, however I don't think these are an improvement over the current download buttons on the current site. Was there something wrong with the current buttons that prompted you to try to replace them? Ian. On Sun, Aug 5, 2012 at 6:26 AM, Luke R. wrote: > So we were discussing in IRC a few days ago that a new button is needed > for the new Freenet site. I had originally thought of a rabbit hole with an > arrow pointing down it, but opted for the traditional box for the sake of > international awareness that a box with an arrow usually means download. > Although if you think I should do that or modify these images in some way > just let me know. > > Here's two test images I am proposing - > http://img651.imageshack.us/img651/7980/path4551.png <-- Colorful Box > (used for NewYears?) > http://img69.imageshack.us/img69/6945/path4552.png <-- Regular Box > > As all files are in SVG they are nice and scalable and with multiple > layers. Courtesy of InkScape! :D > Thoughts? > > ___ > Devl mailing list > Devl at freenetproject.org > https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl > -- Ian Clarke Personal blog: http://blog.locut.us/ -- next part -- An HTML attachment was scrubbed... URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20120805/a3568cb4/attachment.html>
[freenet-dev] Freenet security setup design
These look good, although of course it will be critically important that we get the text right, since it's essential that people understand what risks they are taking. I think it's ok to just support reasonably recent versions of Internet Explorer, even Google doesn't support IE7. I personally think it is fine to require JavaScript be enabled, but I know that others disagree. Ian. On Sat, Aug 4, 2012 at 10:21 AM, irfan mir wrote: > Hello, I am Irfan? a friend of Steve Dougherty and he had asked me to > further > > design his idea for Freenet's security setup. One can view his idea here: > > https://emu.freenetproject.org/pipermail/devl/2012-July/036466.html > > > > In this email I will reiterate Steve's idea and add screenshots of my > design of > > this security setup idea. > > > > > As seen here, this is what the setup will look like in the beginning: > > http://cl.ly/image/1U0I1s1z3P18 > > As you can see, there is a main container with the title "Security Setup" > which contains a list with security options. Each option has, to the left > of > the text, a toggle-switch to turn it on, and a rightward pointing arrow. > On click of the right-ward pointing arrow, a description of that option > will appear, but more on that later. > > > > This is what the setup will look like when an arrow is clicked: > > http://cl.ly/image/2d1x3r3V0a27 > > As you can see, when an arrow next to an option is clicked, it > turns downward as a pane, that contains a description, slides down > from underneath the option's label. Clicking the arrow again causes > the description to slide up and the arrow to turn rightward again > (as seen in the first screenshot). > > > > Here is what the setup will look like when a toggle switch is clicked. > > http://cl.ly/image/111i2b0X3b3M > > Now, the html behind the toggle-switches will be radio-buttons. This > way only one toggle-switch can be turned on / one security option can > be turned on at a time. > When a toggle-switch is clicked / radio-button is selected, if not already > expanded the description of that security option slides down and > the arrow turns downward. This is good because is allows the > interface to demonstrate the functionality of the arrows when clicked > in addition to a mouseover providing hints. > Secondly, the other security options fade-out of the way. They can > and will return when the toggle-switch is clicked again or turned off. > Thirdly, another pane slides out from underneath the options. This > contains the necessary settings for that option and a submit-button > at the bottom. Each setting has an input to the right of the setting's > label / name. To the left of the label / name is an arrow which provides > an explanation / a description for that setting like the arrows of each > security option did when clicked. > The done button would complete the setup. > > Javascript and jQuery are already going to be implemented to style the > radio-buttons (toggle-switches) on clicked, as there isn't a well > supported way to do this in css, and preform the sliding and fading > effects. > We can also use JS and HTML5 to do useful things like keeping > the form valid but turning valid values green and in-valid one's red. > Its actually a better UX (User-Experience) to keep valid values the > way they are and turning in-valid ones red. > > > > > > Although challenging, this seems like something I would be willing to > develop as well. However, before I begin doing so, I would like to know > the answer to 2 questions. > > Would the freenet-devs prefer there to be support for when scripts / > javascript is disabled or turned off? > An idea to handling this is directing the user to the current setup if > so. > > And secondly, to what IE would the freenet-devs want this to be > supported? > Meaning should something as low as IE6 support it > or is 9 and above fine. In my opinion, it would be easiest and > best if we build the setup to be supported in IE9 and above and > other modern-browsers (Chrome, Safari, Firefox, and Opera). > And then later-on make additions for support in IE8 and below > when possible. > > > > > Thoughts? > > I appreciate and welcome any and all feedback. > > Thanks in Advance & Best Regards, > Irfan. > ___ > Devl mailing list > Devl at freenetproject.org > https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl > -- Ian Clarke Personal blog: http://blog.locut.us/ -- next part -- An HTML attachment was scrubbed... URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20120805/7cc0e65b/attachment.html>
Re: [freenet-dev] Freenet security setup design
These look good, although of course it will be critically important that we get the text right, since it's essential that people understand what risks they are taking. I think it's ok to just support reasonably recent versions of Internet Explorer, even Google doesn't support IE7. I personally think it is fine to require JavaScript be enabled, but I know that others disagree. Ian. On Sat, Aug 4, 2012 at 10:21 AM, irfan mir the...@gmail.com wrote: Hello, I am Irfan— a friend of Steve Dougherty and he had asked me to further design his idea for Freenet's security setup. One can view his idea here: https://emu.freenetproject.org/pipermail/devl/2012-July/036466.html In this email I will reiterate Steve's idea and add screenshots of my design of this security setup idea. As seen here, this is what the setup will look like in the beginning: http://cl.ly/image/1U0I1s1z3P18 As you can see, there is a main container with the title Security Setup which contains a list with security options. Each option has, to the left of the text, a toggle-switch to turn it on, and a rightward pointing arrow. On click of the right-ward pointing arrow, a description of that option will appear, but more on that later. This is what the setup will look like when an arrow is clicked: http://cl.ly/image/2d1x3r3V0a27 As you can see, when an arrow next to an option is clicked, it turns downward as a pane, that contains a description, slides down from underneath the option's label. Clicking the arrow again causes the description to slide up and the arrow to turn rightward again (as seen in the first screenshot). Here is what the setup will look like when a toggle switch is clicked. http://cl.ly/image/111i2b0X3b3M Now, the html behind the toggle-switches will be radio-buttons. This way only one toggle-switch can be turned on / one security option can be turned on at a time. When a toggle-switch is clicked / radio-button is selected, if not already expanded the description of that security option slides down and the arrow turns downward. This is good because is allows the interface to demonstrate the functionality of the arrows when clicked in addition to a mouseover providing hints. Secondly, the other security options fade-out of the way. They can and will return when the toggle-switch is clicked again or turned off. Thirdly, another pane slides out from underneath the options. This contains the necessary settings for that option and a submit-button at the bottom. Each setting has an input to the right of the setting's label / name. To the left of the label / name is an arrow which provides an explanation / a description for that setting like the arrows of each security option did when clicked. The done button would complete the setup. Javascript and jQuery are already going to be implemented to style the radio-buttons (toggle-switches) on clicked, as there isn't a well supported way to do this in css, and preform the sliding and fading effects. We can also use JS and HTML5 to do useful things like keeping the form valid but turning valid values green and in-valid one's red. Its actually a better UX (User-Experience) to keep valid values the way they are and turning in-valid ones red. Although challenging, this seems like something I would be willing to develop as well. However, before I begin doing so, I would like to know the answer to 2 questions. Would the freenet-devs prefer there to be support for when scripts / javascript is disabled or turned off? An idea to handling this is directing the user to the current setup if so. And secondly, to what IE would the freenet-devs want this to be supported? Meaning should something as low as IE6 support it or is 9 and above fine. In my opinion, it would be easiest and best if we build the setup to be supported in IE9 and above and other modern-browsers (Chrome, Safari, Firefox, and Opera). And then later-on make additions for support in IE8 and below when possible. Thoughts? I appreciate and welcome any and all feedback. Thanks in Advance Best Regards, Irfan. ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl -- Ian Clarke Personal blog: http://blog.locut.us/ ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
[freenet-dev] Offer to help with Windows installer
On Sat, Jun 23, 2012 at 8:18 AM, Matthew Toseland wrote: > On Friday 22 Jun 2012 13:09:16 Zlatin Balevsky wrote: > > Hi Jeff, what is your preferred installer tool? It would be great to > > 1. automatically install a recent jre 2. use pack200 compression for > > the jars. If you plan on using NSIS I can share some script snippets > > that kind of do this. > > Do we really want to change the language the installer is written in every > time we have a new maintainer? That depends on what benefits the new tool might have (familiarity being an important benefit). Ian. -- Ian Clarke Personal blog: http://blog.locut.us/ -- next part -- An HTML attachment was scrubbed... URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20120625/b7d9ffba/attachment.html>
Re: [freenet-dev] Offer to help with Windows installer
On Sat, Jun 23, 2012 at 8:18 AM, Matthew Toseland t...@amphibian.dyndns.org wrote: On Friday 22 Jun 2012 13:09:16 Zlatin Balevsky wrote: Hi Jeff, what is your preferred installer tool? It would be great to 1. automatically install a recent jre 2. use pack200 compression for the jars. If you plan on using NSIS I can share some script snippets that kind of do this. Do we really want to change the language the installer is written in every time we have a new maintainer? That depends on what benefits the new tool might have (familiarity being an important benefit). Ian. -- Ian Clarke Personal blog: http://blog.locut.us/ ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
[freenet-dev] Some Updates on Winterface
That looks very promising, I look forward to seeing your continued progress - it should look great with 960 grid system. Ian. On Tue, Jun 19, 2012 at 5:21 AM, Pouyan Zaxar wrote: > There you go Ian: > > http://quaintous.com/winterface/winterface-dashboard.png > > I haven't yet got into the graphics and colouring. But the structure is > gonna be something like this. I use 960 grid system (http://960.gs) for > the layout. > > Best > pausb > > > On Mon, 2012-06-18 at 09:09 -0500, Ian Clarke wrote: > > This is very exciting, any chance of some screenshots? > > > > Ian. > > > > On Jun 18, 2012 6:55 AM, "Pouyan Zaxar" wrote: > > Hi everyone: > > > > up to now, I have managed to code the very first page of > > Freenet's new > > interface. The functionality is still buggy though! Please > > take a look > > at the code (dev branch) available under > > > > https://github.com/pausb/Winterface.git > > > > and feel free to comment on anything related to the interface > > which > > might pop into your mind! > > > > At the time I am converting existing Toadlets one-by-one into > > Wicket > > components and pages. So if there has been anything bothering > > you, or > > anything you always wanted to have, jut let me know or add it > > directly > > to > > > > https://wiki.freenetproject.org/User:Pausb/Winterface > > > > Best > > Pausb > > > > ___ > > Devl mailing list > > Devl at freenetproject.org > > https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl > > ___ > > Devl mailing list > > Devl at freenetproject.org > > https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl > > > ___ > Devl mailing list > Devl at freenetproject.org > https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl > -- Ian Clarke Personal blog: http://blog.locut.us/ -- next part -- An HTML attachment was scrubbed... URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20120619/e295e1f7/attachment.html>
Re: [freenet-dev] Some Updates on Winterface
That looks very promising, I look forward to seeing your continued progress - it should look great with 960 grid system. Ian. On Tue, Jun 19, 2012 at 5:21 AM, Pouyan Zaxar pa...@quaintous.com wrote: There you go Ian: http://quaintous.com/winterface/winterface-dashboard.png I haven't yet got into the graphics and colouring. But the structure is gonna be something like this. I use 960 grid system (http://960.gs) for the layout. Best pausb On Mon, 2012-06-18 at 09:09 -0500, Ian Clarke wrote: This is very exciting, any chance of some screenshots? Ian. On Jun 18, 2012 6:55 AM, Pouyan Zaxar pa...@quaintous.com wrote: Hi everyone: up to now, I have managed to code the very first page of Freenet's new interface. The functionality is still buggy though! Please take a look at the code (dev branch) available under https://github.com/pausb/Winterface.git and feel free to comment on anything related to the interface which might pop into your mind! At the time I am converting existing Toadlets one-by-one into Wicket components and pages. So if there has been anything bothering you, or anything you always wanted to have, jut let me know or add it directly to https://wiki.freenetproject.org/User:Pausb/Winterface Best Pausb ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl -- Ian Clarke Personal blog: http://blog.locut.us/ ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
[freenet-dev] Some Updates on Winterface
This is very exciting, any chance of some screenshots? Ian. On Jun 18, 2012 6:55 AM, "Pouyan Zaxar" wrote: > Hi everyone: > > up to now, I have managed to code the very first page of Freenet's new > interface. The functionality is still buggy though! Please take a look > at the code (dev branch) available under > > https://github.com/pausb/Winterface.git > > and feel free to comment on anything related to the interface which > might pop into your mind! > > At the time I am converting existing Toadlets one-by-one into Wicket > components and pages. So if there has been anything bothering you, or > anything you always wanted to have, jut let me know or add it directly > to > > https://wiki.freenetproject.org/User:Pausb/Winterface > > Best > Pausb > > ___ > Devl mailing list > Devl at freenetproject.org > https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl > -- next part -- An HTML attachment was scrubbed... URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20120618/eae31065/attachment.html>
[freenet-dev] A better FAQ
Well, It's a service - not software. It does raise a good question though, whether we can extract the questions & answers should we decide to stop using it. I'll ask. Ian. On Sun, May 20, 2012 at 9:08 AM, Luke R. wrote: > It does look like a reaonably nice FAQ system, but it's ashame it's not > open-source/GPL. > > > --- On *Fri, 5/18/12, Ian Clarke * wrote: > > > From: Ian Clarke > Subject: [freenet-dev] A better FAQ > To: "Discussion of development of development issues" < > devl at freenetproject.org> > Date: Friday, May 18, 2012, 12:31 PM > > > A friend of mine has created this service: http://helpjuice.com/ > > It's basically a very smart FAQ that is capable of learning. Our current > FAQ, I think, is somewhat lackluster and intimidating. My friend has > offered to let us use HelpJuice for free - thoughts? We should be able to > integrate it into our site reasonably seamlessly. > > Ian. > > -- > Ian Clarke > Founder, The Freenet Project > Email: ian at freenetproject.org<http://mc/compose?to=ian at > freenetproject.org> > > -Inline Attachment Follows- > > ___ > Devl mailing list > Devl at freenetproject.org <http://mc/compose?to=Devl at freenetproject.org> > https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl > > > _______ > Devl mailing list > Devl at freenetproject.org > https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl > -- Ian Clarke Personal blog: http://blog.locut.us/ -- next part -- An HTML attachment was scrubbed... URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20120520/b226bd14/attachment.html>
[freenet-dev] A better FAQ
A friend of mine has created this service: http://helpjuice.com/ It's basically a very smart FAQ that is capable of learning. Our current FAQ, I think, is somewhat lackluster and intimidating. My friend has offered to let us use HelpJuice for free - thoughts? We should be able to integrate it into our site reasonably seamlessly. Ian. -- Ian Clarke Founder, The Freenet Project Email: ian at freenetproject.org -- next part -- An HTML attachment was scrubbed... URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20120518/7d4697dc/attachment.html>
[freenet-dev] A better FAQ
A friend of mine has created this service: http://helpjuice.com/ It's basically a very smart FAQ that is capable of learning. Our current FAQ, I think, is somewhat lackluster and intimidating. My friend has offered to let us use HelpJuice for free - thoughts? We should be able to integrate it into our site reasonably seamlessly. Ian. -- Ian Clarke Founder, The Freenet Project Email: i...@freenetproject.org ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
[freenet-dev] Lantern
On Sun, May 13, 2012 at 12:22 PM, Steve Dougherty wrote:On 05/13/2012 12:29 AM, Ian Clarke wrote: > > Lantern is a great example of how good a Java desktop app *can* > > look, to try it: > > > > $ git clone git://github.com/getlantern/lantern.git $ cd lantern $ > > ./run.bash > > > > Imagine if Freenet looked that good... > > It sure is pretty, but it prompts for my Google account credentials so > it can import my contacts and does not appear to allow skipping that > step. No thanks. The functionality isn't what I'm trying to draw people's attention to, it's the modern attractive appearance - proof that Java apps *can* look good. Ian. -- next part -- An HTML attachment was scrubbed... URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20120513/49f8e2bf/attachment.html>
[freenet-dev] Lantern
Lantern is a great example of how good a Java desktop app *can* look, to try it: $ git clone git://github.com/getlantern/lantern.git $ cd lantern $ ./run.bash Imagine if Freenet looked that good... Ian. -- Ian Clarke Founder, The Freenet Project Email: ian at freenetproject.org -- next part -- An HTML attachment was scrubbed... URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20120512/ca4dc40d/attachment.html>
Re: [freenet-dev] Lantern
On Sun, May 13, 2012 at 12:22 PM, Steve Dougherty st...@asksteved.comwrote:On 05/13/2012 12:29 AM, Ian Clarke wrote: Lantern is a great example of how good a Java desktop app *can* look, to try it: $ git clone git://github.com/getlantern/lantern.git $ cd lantern $ ./run.bash Imagine if Freenet looked that good... It sure is pretty, but it prompts for my Google account credentials so it can import my contacts and does not appear to allow skipping that step. No thanks. The functionality isn't what I'm trying to draw people's attention to, it's the modern attractive appearance - proof that Java apps *can* look good. Ian. ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
[freenet-dev] Lantern
Lantern is a great example of how good a Java desktop app *can* look, to try it: $ git clone git://github.com/getlantern/lantern.git $ cd lantern $ ./run.bash Imagine if Freenet looked that good... Ian. -- Ian Clarke Founder, The Freenet Project Email: i...@freenetproject.org ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
[freenet-dev] Statistics Project Update #2
Very interesting - keep up the good work! Ian. On Sat, May 5, 2012 at 12:43 AM, Steve Dougherty wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > I've completed an initial run of simulation work on probes. The code is > available, [1] as well as the simulation results from which the plots > were generated. [2] The point of immediate interest though is the plots > themselves, [3] which show the predicted network coverage of different > probe routing techniques on networks with ideal degree distribution > (more on this later) and that following the degree distribution of > Freenet as measured. [4] Link lengths and locations do not factor into > this simulation because probes take only degree into account and are not > seeking any given destination; their goal is only to average out to > distribute endpoints uniformly throughout the network. > > The ideal network distribution has each node add a fixed number of > remote connections without regard for the number of connections it or > the nodes it's connecting to have. I don't know whether this or having > each node have the same number of total connections is the ideal. The > results of the simulation did not appear to greatly change with > network size, as shown by the consistent behavior between the 12,000 > and 45,000 node versions of the MH-corrected degree-conforming > simulation. [5] > > As expected, the plots suggest that using Metropolis-Hastings correction > will be an immense improvement in endpoint uniformity over the current > uniform random routing, but specifically suggest that an HTL of around > 20 hops is close enough to a baseline uniform endpoint probability to be > a good starting point. I've noticed that these CDFs aren't a very good > format for demonstrating closeness of distributions, given overlapping > lines, but I don't understand the Kolmogorov?Smirnov test yet, so I'm > planning to just use these results as a guideline and begin implementing > the new probes next week. > > The gnuplot scripts to generate the degree and link length distribution > plots are part of pyProbe, [6] and GNU parallel [7] is used in test.sh > to run simulations in parallel. In the simulator source there are > scripts from an earlier effort to plot coverage as percentages, but that > was even less clear than the CDFs. > > Comments and suggestions are very welcome! > > Thanks, > operhiem1 > > [1] https://github.com/Thynix/routing-simulator/tree/dev > [2] http://asksteved.com/plot-source.tar.xz > [3] http://imgur.com/a/Z8SBS#2 > [4] http://i.imgur.com/ehfBP.png > [5] http://i.imgur.com/rtRIB.png > [6] https://github.com/Thynix/pyProbe > [7] http://www.gnu.org/software/parallel/ > -BEGIN PGP SIGNATURE- > Version: GnuPG v1.4.11 (GNU/Linux) > > iQIcBAEBAgAGBQJPpL3dAAoJECLJP19KqmFuNn0QAMsA4nzk6AfPf8pIqrmoEW8U > 2jcc7L3KnUkCIgvh9FyhJkZ9Fm42zCoqgxXmyavM9T18ZO52eYaNMaSfkA5FWltk > iBElymF7ZCGd3ERX9XPirbXGDeMbpNsFbVHFoJbqKzb94MrnSUivLsVQz0Nl1KOJ > g1yfYdA4RK3ywYIvwS7nWkIIrxhuik/Jzjaq5cuqY2L6i3DgiM9gjYweyJLpzt6r > k/mRNOuKTI0MSdqMWclBFXOEOzTg/vZKZSvvslpZRwt0Opp+nK9VKBMVzvqiqUpr > G9EEke4vPqU8OdWffxqu3nF5ZXlr4aB3mWw6B7zimE+7C3Wvk3oQHxxv/p/PqD96 > GQ/sUbkFERSv/SnMDCuz8BVoPNihTyohvRJmeW92P2KpFCJ7Ynsx1uC6XLKDQVIO > Qxds7EUKkdEQaEbNYRKMkzx9qzOszRZlcvLElX2Fgw15KvTMKmMDb/7t1DpbBysY > tl7JnkYW6crq3nvBpWu3JFmSOYERhEzzKxkRsE76DVzkBz35AYOb1ZTLx06mEgP4 > F8HFs31Ra8LNlVCoN5jEHW3WhUIVkVtx8zauXGOtjJuY4ePhEXS9TvXOKAbvxMiA > d/Nu78MORKBdq1repSMIcCLUl1Ya0AT0BEugvJ4KyKPScl0JL0GPOiFBG8Dr01GZ > pQtYR4VDpcLlPzPkq1xj > =apcO > -END PGP SIGNATURE- > ___ > Devl mailing list > Devl at freenetproject.org > https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl > -- Ian Clarke Personal blog: http://blog.locut.us/ -- next part -- An HTML attachment was scrubbed... URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20120510/e9aa10f6/attachment.html>
[freenet-dev] Freemail 0.1.1 and 0.2 released
Looks like great work Martin, congratulations on the release! Ian. On Tue, May 1, 2012 at 1:11 PM, Martin Nyhus wrote: > After being in development for nearly a year Freemail 0.2 has been > released. > The two main features in 0.2 is the new identity management which uses the > Web > of Trust plugin, and a webmail client. This work was mostly done as part of > Google Summer of Code 2011. Due to the identity management changes this > version is incompatible with the earlier releases, but to ease the > migration > the two versions can be used at the same time without any issues. > > Version 0.1.1 fixes a number of bugs including one potential security issue > that could enable an attacker with access to the Freenet log files to fetch > emails from Freenet after they should have been inaccessible. > > Both versions will be available through Freenet after the next update, and > from > CHK at xXc1H2eh-1OtCoE4Z0-G4 > ~5SfOFpTWa6YWOP~D4PyuA,dKRuAVWFlHd8ZNvFsIJj1Hzzuyoc7EfoVIXYgz-rfsg,AAIC--8/Freemail-0.1.1.jar > CHK at S0AnW > ~5CXyh3pLkzJHbRm5xj8kf26GyLcT3Zuf1UAsU,pt-TGV39s1ucWNTkZKMdo1dQyaxzaUsSjXlYtBAqfvc,AAIC--8/Freemail-0.2.jar > > I am very interested in feedback about the reliability of Freemail, any > bugs I > have missed and performance problems. This can be reported through the > mailing > list, the bug tracker and on Freenet. > > > Detailed changelog for 0.1.1 (also included in 0.2): > o Security fixes: >- Log message fetch and insert keys at debug instead of normal/error. > If a > collision occurred the new slot would be logged at error, which > would break the forward secrecy of the slot system until the log was > deleted. This would enable an attacker with access to the log files to > retrieve messages from Freenet. > > o Bugfixes: >- Folders deleted using a mail client are now deleted properly >- Fixes a crash that could occur if a mail client connected while > Freemail > was shutting down >- The startup message now shows the correct licence (GPL) >- Fixes a bug where certain email addresses would cause received > messages to > be empty >- Fixes a race condition which could lead to Freemail hanging >- Don't delete CC headers from a message before sending >- Always print a log message when Freemail isn't connected to the node >- IMAP: Remove extra space that was printed in a fetch response without > a range >- IMAP: Fix error message when the end of a range was invalid >- IMAP: Handle strange sequence number ranges >- IMAP: Remove \* from permanent flags since they were not stored >- IMAP: Fix append with two or more flags >- IMAP: Reply with error if the append length couldn't be parsed >- Fix various locking issues >- Don't log the recently failed fetch result as an error > > o Improvements: >- Improve the explanations on the create account page >- Only resend the RTS once per two days instead of once per message in > the > outbox per two days, reducing resource usage for unacked messages >- Send messages in the order they will be received, improving > performance > when sending a large amount of messages >- Alternate between sending and receiving, stopping sending/receiving a > large > number of messages from blocking other operations > > o Build improvements: >- Compile for Java 1.6 >- Include git describe output in version >- Enable warnings when building >- Make Ant and Eclipse output files to the same location (build/) > > o Code changes: >- Add unit tests for various classes (mostly IMAP) >- Improve errors returned/thrown by HighLevelFCPClient >- Add type parameters to all code >- Add missing @Override annotations >- Throw AssertionError in some cases that should be impossible >- Use constants for config file keys >- Respond to interrupts in the FCP code > > ___ > Devl mailing list > Devl at freenetproject.org > https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl > -- Ian Clarke Founder, The Freenet Project Email: ian at freenetproject.org -- next part -- An HTML attachment was scrubbed... URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20120501/7c915466/attachment.html>
Re: [freenet-dev] Freemail 0.1.1 and 0.2 released
Looks like great work Martin, congratulations on the release! Ian. On Tue, May 1, 2012 at 1:11 PM, Martin Nyhus martin.ny...@gmx.com wrote: After being in development for nearly a year Freemail 0.2 has been released. The two main features in 0.2 is the new identity management which uses the Web of Trust plugin, and a webmail client. This work was mostly done as part of Google Summer of Code 2011. Due to the identity management changes this version is incompatible with the earlier releases, but to ease the migration the two versions can be used at the same time without any issues. Version 0.1.1 fixes a number of bugs including one potential security issue that could enable an attacker with access to the Freenet log files to fetch emails from Freenet after they should have been inaccessible. Both versions will be available through Freenet after the next update, and from CHK@xXc1H2eh-1OtCoE4Z0-G4 ~5SfOFpTWa6YWOP~D4PyuA,dKRuAVWFlHd8ZNvFsIJj1Hzzuyoc7EfoVIXYgz-rfsg,AAIC--8/Freemail-0.1.1.jar CHK@S0AnW ~5CXyh3pLkzJHbRm5xj8kf26GyLcT3Zuf1UAsU,pt-TGV39s1ucWNTkZKMdo1dQyaxzaUsSjXlYtBAqfvc,AAIC--8/Freemail-0.2.jar I am very interested in feedback about the reliability of Freemail, any bugs I have missed and performance problems. This can be reported through the mailing list, the bug tracker and on Freenet. Detailed changelog for 0.1.1 (also included in 0.2): o Security fixes: - Log message fetch and insert keys at debug instead of normal/error. If a collision occurred the new slot would be logged at error, which would break the forward secrecy of the slot system until the log was deleted. This would enable an attacker with access to the log files to retrieve messages from Freenet. o Bugfixes: - Folders deleted using a mail client are now deleted properly - Fixes a crash that could occur if a mail client connected while Freemail was shutting down - The startup message now shows the correct licence (GPL) - Fixes a bug where certain email addresses would cause received messages to be empty - Fixes a race condition which could lead to Freemail hanging - Don't delete CC headers from a message before sending - Always print a log message when Freemail isn't connected to the node - IMAP: Remove extra space that was printed in a fetch response without a range - IMAP: Fix error message when the end of a range was invalid - IMAP: Handle strange sequence number ranges - IMAP: Remove \* from permanent flags since they were not stored - IMAP: Fix append with two or more flags - IMAP: Reply with error if the append length couldn't be parsed - Fix various locking issues - Don't log the recently failed fetch result as an error o Improvements: - Improve the explanations on the create account page - Only resend the RTS once per two days instead of once per message in the outbox per two days, reducing resource usage for unacked messages - Send messages in the order they will be received, improving performance when sending a large amount of messages - Alternate between sending and receiving, stopping sending/receiving a large number of messages from blocking other operations o Build improvements: - Compile for Java 1.6 - Include git describe output in version - Enable warnings when building - Make Ant and Eclipse output files to the same location (build/) o Code changes: - Add unit tests for various classes (mostly IMAP) - Improve errors returned/thrown by HighLevelFCPClient - Add type parameters to all code - Add missing @Override annotations - Throw AssertionError in some cases that should be impossible - Use constants for config file keys - Respond to interrupts in the FCP code ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl -- Ian Clarke Founder, The Freenet Project Email: i...@freenetproject.org ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
[freenet-dev] webui and accessibility
On Tue, Apr 17, 2012 at 3:21 AM, Nicolas Hernandez < nicolas.hernandez at aleph-networks.com> wrote: > i don't know ... if we can forget Velocity i am happy :-). I don't know if > for Freenet devs, Velocity is still a Pre-requisies. > I don't think Velocity was ever a prerequisite. The only prerequisites are that: - We get a UI that looks good and is easy to use - The code for the UI is easy to maintain and extend - The UI can do everything that the current UI can do I am willing to trust the people that are willing to do the work to pick good tools, within reasonable limits. Ian. -- Ian Clarke Founder, The Freenet Project Email: ian at freenetproject.org -- next part -- An HTML attachment was scrubbed... URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20120418/dfc61fbc/attachment.html>
Re: [freenet-dev] webui and accessibility
On Tue, Apr 17, 2012 at 3:21 AM, Nicolas Hernandez nicolas.hernan...@aleph-networks.com wrote: i don't know ... if we can forget Velocity i am happy :-). I don't know if for Freenet devs, Velocity is still a Pre-requisies. I don't think Velocity was ever a prerequisite. The only prerequisites are that: - We get a UI that looks good and is easy to use - The code for the UI is easy to maintain and extend - The UI can do everything that the current UI can do I am willing to trust the people that are willing to do the work to pick good tools, within reasonable limits. Ian. -- Ian Clarke Founder, The Freenet Project Email: i...@freenetproject.org ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
[freenet-dev] webui and accessibility
On Thu, Apr 12, 2012 at 6:01 AM, Pouyan Zachar wrote: > Wicket + Velocity is a excellent solution > > Doesn't Wicket include its own templating engine, which is just an extension of XHTML? Ian. -- Ian Clarke Founder, The Freenet Project Email: ian at freenetproject.org -- next part -- An HTML attachment was scrubbed... URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20120413/c0876081/attachment.html>
Re: [freenet-dev] webui and accessibility
On Thu, Apr 12, 2012 at 6:01 AM, Pouyan Zachar pouyans...@gmail.com wrote: Wicket + Velocity is a excellent solution Doesn't Wicket include its own templating engine, which is just an extension of XHTML? Ian. -- Ian Clarke Founder, The Freenet Project Email: i...@freenetproject.org ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
[freenet-dev] fproxy-ng first draft and a short roadmap
On Thu, Mar 29, 2012 at 12:11 PM, Florent Daigniere < nextgens at freenetproject.org> wrote: > Well, you're the one who defends that designers need to be able to touch > the > HTML... remember? > > http://article.gmane.org/gmane.network.freenet.devel/26552 > > Any solution involving GWT is no better than the current fproxy to that > regard: > designers would have to touch the java code to change the HTML structure. > Perhaps, but not to change the general appearance - GWT more-or-less dictates the structure anyway because you build the UI at a higher level of abstraction. Ian. -- Ian Clarke Founder, The Freenet Project Email: ian at freenetproject.org -- next part -- An HTML attachment was scrubbed... URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20120329/aaa874f7/attachment.html>
Re: [freenet-dev] fproxy-ng first draft and a short roadmap
On Thu, Mar 29, 2012 at 12:11 PM, Florent Daigniere nextg...@freenetproject.org wrote: Well, you're the one who defends that designers need to be able to touch the HTML... remember? http://article.gmane.org/gmane.network.freenet.devel/26552 Any solution involving GWT is no better than the current fproxy to that regard: designers would have to touch the java code to change the HTML structure. Perhaps, but not to change the general appearance - GWT more-or-less dictates the structure anyway because you build the UI at a higher level of abstraction. Ian. -- Ian Clarke Founder, The Freenet Project Email: i...@freenetproject.org ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
[freenet-dev] fproxy-ng first draft and a short roadmap
On Wed, Mar 28, 2012 at 5:35 AM, Florent Daigniere < nextgens at freenetproject.org> wrote: > > 3. "kick-ass design" is not a goal > > I've never said it is either. What I was doing is reminding Ian (sanity) > what > his points and arguments have been over the years. > How kind of you, my memory is getting a little rusty in my old age. > He's the one who has been pushing for a rewrite of fproxy and as far as I > understood, his train of thought so far has been the following: > - the design of the current interface sucks > => we need to do something about it as it repels users > - good coders are bad designers... > - good designers are not coders... > No, but the overlapping set of good coders that are also good designers is * extremely* small - I can count those I've met on one hand (actually my wife is one of them - but she thinks you're all too grouchy for her to work on Freenet's UI :-( ). > => we need a templating engine both can use and work with > - designers don't know nor use any templating engines > I never said that, I've worked with many designers that have worked with templating engines. > => we need plain HTML so that designers can keep on using their favourite > Adobe tool > As I mentioned in my last email, I think it's been almost a decade since I worked with a designer that wasn't comfortable working with HTML and CSS directly. Ian. -- Ian Clarke Founder, The Freenet Project Email: ian at freenetproject.org -- next part -- An HTML attachment was scrubbed... URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20120328/9a27e57a/attachment.html>
[freenet-dev] fproxy-ng first draft and a short roadmap
On Tue, Mar 27, 2012 at 2:20 PM, Florent Daigniere < nextgens at freenetproject.org> wrote: > They might be pragmatic but they miss the point. We want to change the > templating > engine so that 'web-designers' can use their favourite wysiwyg editor to > help us come up with a kick-ass design. Code-maintainability and other > software-engineering concerns are only secondary here... > I don't know how many web designers you've worked with, but I've worked with a few good ones and they all work directly in css and html - none of them to my knowledge use a wysiwyg editor. The days of proficiency with DreamWeaver being a sufficient qualification to call yourself a web designer are long gone. > GWT doesn't allow that... The only wysiwyg editors I know about are within > IDEs (Eclipse and Netbeans)... That's not the tool of choice of designers. > You're still writing JAVA code as opposed to plain HTML. As far as I know, > from the list of suggested frameworks, only Wicket fulfills this > requirement. > > see: > https://wicket.apache.org/learn/examples/helloworld.html GWT is more proscriptive, which may be a good thing (why invent an entirely new HTML widget-set from scratch?), but a designer can still modify its appearance through css. Ian. -- Ian Clarke Personal blog: http://blog.locut.us/ -- next part -- An HTML attachment was scrubbed... URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20120328/23f7be64/attachment.html>
Re: [freenet-dev] fproxy-ng first draft and a short roadmap
On Tue, Mar 27, 2012 at 2:20 PM, Florent Daigniere nextg...@freenetproject.org wrote: They might be pragmatic but they miss the point. We want to change the templating engine so that 'web-designers' can use their favourite wysiwyg editor to help us come up with a kick-ass design. Code-maintainability and other software-engineering concerns are only secondary here... I don't know how many web designers you've worked with, but I've worked with a few good ones and they all work directly in css and html - none of them to my knowledge use a wysiwyg editor. The days of proficiency with DreamWeaver being a sufficient qualification to call yourself a web designer are long gone. GWT doesn't allow that... The only wysiwyg editors I know about are within IDEs (Eclipse and Netbeans)... That's not the tool of choice of designers. You're still writing JAVA code as opposed to plain HTML. As far as I know, from the list of suggested frameworks, only Wicket fulfills this requirement. see: https://wicket.apache.org/learn/examples/helloworld.html GWT is more proscriptive, which may be a good thing (why invent an entirely new HTML widget-set from scratch?), but a designer can still modify its appearance through css. Ian. -- Ian Clarke Personal blog: http://blog.locut.us/ ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
Re: [freenet-dev] fproxy-ng first draft and a short roadmap
On Wed, Mar 28, 2012 at 5:35 AM, Florent Daigniere nextg...@freenetproject.org wrote: 3. kick-ass design is not a goal I've never said it is either. What I was doing is reminding Ian (sanity) what his points and arguments have been over the years. How kind of you, my memory is getting a little rusty in my old age. He's the one who has been pushing for a rewrite of fproxy and as far as I understood, his train of thought so far has been the following: - the design of the current interface sucks = we need to do something about it as it repels users - good coders are bad designers... - good designers are not coders... No, but the overlapping set of good coders that are also good designers is * extremely* small - I can count those I've met on one hand (actually my wife is one of them - but she thinks you're all too grouchy for her to work on Freenet's UI :-( ). = we need a templating engine both can use and work with - designers don't know nor use any templating engines I never said that, I've worked with many designers that have worked with templating engines. = we need plain HTML so that designers can keep on using their favourite Adobe tool As I mentioned in my last email, I think it's been almost a decade since I worked with a designer that wasn't comfortable working with HTML and CSS directly. Ian. -- Ian Clarke Founder, The Freenet Project Email: i...@freenetproject.org ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
[freenet-dev] Refactoring Freenet and Library was Re: Gun.IO and Freenet
On Thu, Mar 22, 2012 at 7:00 AM, Matthew Toseland wrote: > Making stuff static is tempting but means we can't do > multi-nodes-in-one-VM tests Have we ever actually done that? It seems like we're always making decisions to accomodate rare (and sometimes fictional) edge-cases. Ian. -- Ian Clarke Personal blog: http://blog.locut.us/ -- next part -- An HTML attachment was scrubbed... URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20120323/968304fb/attachment.html>
[freenet-dev] Coding standards
I know, and? On Mar 21, 2012 4:21 PM, "Marco Schulze" wrote: > Not everyone uses Eclipse. > > On 21-03-2012 13:45, Ian Clarke wrote: > > Or to commit the relevant Eclipse project to enforce these standards as a > "save action". > > Ian. > > On Tue, Mar 20, 2012 at 6:07 AM, Nicolas Hernandez < > nicolas.hernandez at aleph-networks.com> wrote: > >> Could it be possible to have a checktsyle file ? >> >> - Nicolas Hernandez >> a-n - aleph-networks >> *associ?* >> http://www.aleph-networks.com >> >> >> >> >> On Tue, Mar 20, 2012 at 11:47 AM, Matthew Toseland < >> toad at amphibian.dyndns.org> wrote: >> >>> On Monday 19 Mar 2012 23:12:15 Steve Dougherty wrote: >>> > I'm all for it. The coding standard is rather clear on indenting with >>> > tabs, so I guess all that would be required is a run with a >>> > re-indenting/code style conformance tool. That's something for a >>> > janitor tree, and would ideally be timed between releases and when all >>> > known pull requests have been merged or rejected to minimize >>> > whitespace-related disruption to existing work. >>> >>> Gigantic third party patches should come with some means to verify them. >>> >>> For example, converting all the spaces to tabs in a single commit is >>> fine because then you can just do diff -uw. >>> >>> However, automated bulk indenting doesn't always makes things easier to >>> read - e.g. devs may not like the style it produces. >>> > >>> > On 03/19/2012 06:13 PM, Marco Schulze wrote: >>> > > May I add a vote to standardise indentation? This mess of spaces >>> > > with tabs really bugs me. >>> >>> ___ >>> Devl mailing list >>> Devl at freenetproject.org >>> https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl >>> >> >> >> ___ >> Devl mailing list >> Devl at freenetproject.org >> https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl >> > > > > -- > Ian Clarke > Personal blog: http://blog.locut.us/ > > > ___ > Devl mailing listDevl at > freenetproject.orghttps://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl > > > ___ > Devl mailing list > Devl at freenetproject.org > https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl > -- next part -- An HTML attachment was scrubbed... URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20120321/bc0bdfab/attachment.html>
[freenet-dev] (no subject)
On Sun, Mar 18, 2012 at 8:09 PM, Daxter wrote: > On Mar 18, 2012, at 8:04 PM, Leah Hicks wrote: > > I have done my research, although I have to admit wordpress is not > perfect. If it is *really* that big of an issue then we will simply not > use it. And yes I'm aware of the current implementation however it uses > javascript which will not run if users have javascript disabled. If someone > can find a workaround for that I'm golden. > > The problem with any CMS is that if/when Freenet gets a lot of publicity > (e.g. something was leaked via Freenet) then it will undoubtedly be under > attack. Allowing dynamic content at all is asking for trouble. I think it's > best to keep the main site static, generated beforehand with a templating > engine--my favorite being HAML (http://haml-lang.com). > I think ruling out any dynamic content for security reasons is excessive, there are plenty of secure dynamic websites. That being said, Wordpress does have a history of vulnerabilities, my person blog has been hacked twice due to vulnerabilities in Wordpress, although not in the last 2 years. I've heard from various people that Wordpress' source code is a total mess, and they have a caviler attitude towards security holes (basically their attitude is that if you don't upgrade the minute we release a new version it's your own fault if you get hacked). Getting hacked would be far more damaging for us than most projects given that people download and install software from our site. So I agree with the reluctance about using Wordpress, but it's going to far to rule out any dynamic content. This isn't 1996. Ian. -- Ian Clarke Founder, The Freenet Project Email: ian at freenetproject.org -- next part -- An HTML attachment was scrubbed... URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20120321/ab85ab6a/attachment.html>
[freenet-dev] Logging in Fred
Is there a good reason to roll our own logging framework? What about http://www.slf4j.org/ or one of the many other alternatives? Ian. On Sun, Mar 18, 2012 at 6:40 PM, Marco Schulze wrote: > One thing has been bothering me: those 'if (logMINOR) Logger.minor(...', > and the mess that logging is inside fred. I've written a very simple > replacement for Logger + associated classes with the following changes: > > - Log level (renamed to severity) filtering is done by Logging.log(); > - Specific writer classes are replaced by a simple OutputStream, which > defaults to System.err. Formatting is also unified; > - Severity cases are broadened (FATAL, ERROR, WARNING, INFO, DEBUG and > TRACE), MINOR is mapped to DEBUG, and NORMAL is mapped to INFO; > - No logging method accepts an Object parameter - hashCode() is not > exactly useful. > > Additionally, log rotation will be moved outside (possibly inside Node). > > Currently, the log format is '\t'. > __**_ > Devl mailing list > Devl at freenetproject.org > https://emu.freenetproject.**org/cgi-bin/mailman/listinfo/**devl<https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl> > -- Ian Clarke Personal blog: http://blog.locut.us/ -- next part -- An HTML attachment was scrubbed... URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20120321/7d3d7673/attachment.html>
[freenet-dev] Coding standards
Or to commit the relevant Eclipse project to enforce these standards as a "save action". Ian. On Tue, Mar 20, 2012 at 6:07 AM, Nicolas Hernandez < nicolas.hernandez at aleph-networks.com> wrote: > Could it be possible to have a checktsyle file ? > > - Nicolas Hernandez > a-n - aleph-networks > *associ?* > http://www.aleph-networks.com > > > > > On Tue, Mar 20, 2012 at 11:47 AM, Matthew Toseland < > toad at amphibian.dyndns.org> wrote: > >> On Monday 19 Mar 2012 23:12:15 Steve Dougherty wrote: >> > I'm all for it. The coding standard is rather clear on indenting with >> > tabs, so I guess all that would be required is a run with a >> > re-indenting/code style conformance tool. That's something for a >> > janitor tree, and would ideally be timed between releases and when all >> > known pull requests have been merged or rejected to minimize >> > whitespace-related disruption to existing work. >> >> Gigantic third party patches should come with some means to verify them. >> >> For example, converting all the spaces to tabs in a single commit is fine >> because then you can just do diff -uw. >> >> However, automated bulk indenting doesn't always makes things easier to >> read - e.g. devs may not like the style it produces. >> > >> > On 03/19/2012 06:13 PM, Marco Schulze wrote: >> > > May I add a vote to standardise indentation? This mess of spaces >> > > with tabs really bugs me. >> >> ___ >> Devl mailing list >> Devl at freenetproject.org >> https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl >> > > > ___ > Devl mailing list > Devl at freenetproject.org > https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl > -- Ian Clarke Personal blog: http://blog.locut.us/ -- next part -- An HTML attachment was scrubbed... URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20120321/9032120d/attachment.html>
Re: [freenet-dev] Coding standards
Or to commit the relevant Eclipse project to enforce these standards as a save action. Ian. On Tue, Mar 20, 2012 at 6:07 AM, Nicolas Hernandez nicolas.hernan...@aleph-networks.com wrote: Could it be possible to have a checktsyle file ? - Nicolas Hernandez a-n - aleph-networks *associé* http://www.aleph-networks.com On Tue, Mar 20, 2012 at 11:47 AM, Matthew Toseland t...@amphibian.dyndns.org wrote: On Monday 19 Mar 2012 23:12:15 Steve Dougherty wrote: I'm all for it. The coding standard is rather clear on indenting with tabs, so I guess all that would be required is a run with a re-indenting/code style conformance tool. That's something for a janitor tree, and would ideally be timed between releases and when all known pull requests have been merged or rejected to minimize whitespace-related disruption to existing work. Gigantic third party patches should come with some means to verify them. For example, converting all the spaces to tabs in a single commit is fine because then you can just do diff -uw. However, automated bulk indenting doesn't always makes things easier to read - e.g. devs may not like the style it produces. On 03/19/2012 06:13 PM, Marco Schulze wrote: May I add a vote to standardise indentation? This mess of spaces with tabs really bugs me. ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl -- Ian Clarke Personal blog: http://blog.locut.us/ ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
Re: [freenet-dev] Logging in Fred
Is there a good reason to roll our own logging framework? What about http://www.slf4j.org/ or one of the many other alternatives? Ian. On Sun, Mar 18, 2012 at 6:40 PM, Marco Schulze marco.c.schu...@gmail.comwrote: One thing has been bothering me: those 'if (logMINOR) Logger.minor(...', and the mess that logging is inside fred. I've written a very simple replacement for Logger + associated classes with the following changes: - Log level (renamed to severity) filtering is done by Logging.log(); - Specific writer classes are replaced by a simple OutputStream, which defaults to System.err. Formatting is also unified; - Severity cases are broadened (FATAL, ERROR, WARNING, INFO, DEBUG and TRACE), MINOR is mapped to DEBUG, and NORMAL is mapped to INFO; - No logging method accepts an Object parameter - hashCode() is not exactly useful. Additionally, log rotation will be moved outside (possibly inside Node). Currently, the log format is 'severity\tmessage'. __**_ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.**org/cgi-bin/mailman/listinfo/**devlhttps://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl -- Ian Clarke Personal blog: http://blog.locut.us/ ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
Re: [freenet-dev] (no subject)
On Sun, Mar 18, 2012 at 8:09 PM, Daxter xovat...@gmail.com wrote: On Mar 18, 2012, at 8:04 PM, Leah Hicks wrote: I have done my research, although I have to admit wordpress is not perfect. If it is *really* that big of an issue then we will simply not use it. And yes I'm aware of the current implementation however it uses javascript which will not run if users have javascript disabled. If someone can find a workaround for that I'm golden. The problem with any CMS is that if/when Freenet gets a lot of publicity (e.g. something was leaked via Freenet) then it will undoubtedly be under attack. Allowing dynamic content at all is asking for trouble. I think it's best to keep the main site static, generated beforehand with a templating engine--my favorite being HAML (http://haml-lang.com). I think ruling out any dynamic content for security reasons is excessive, there are plenty of secure dynamic websites. That being said, Wordpress does have a history of vulnerabilities, my person blog has been hacked twice due to vulnerabilities in Wordpress, although not in the last 2 years. I've heard from various people that Wordpress' source code is a total mess, and they have a caviler attitude towards security holes (basically their attitude is that if you don't upgrade the minute we release a new version it's your own fault if you get hacked). Getting hacked would be far more damaging for us than most projects given that people download and install software from our site. So I agree with the reluctance about using Wordpress, but it's going to far to rule out any dynamic content. This isn't 1996. Ian. -- Ian Clarke Founder, The Freenet Project Email: i...@freenetproject.org ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
Re: [freenet-dev] Coding standards
I know, and? On Mar 21, 2012 4:21 PM, Marco Schulze marco.c.schu...@gmail.com wrote: Not everyone uses Eclipse. On 21-03-2012 13:45, Ian Clarke wrote: Or to commit the relevant Eclipse project to enforce these standards as a save action. Ian. On Tue, Mar 20, 2012 at 6:07 AM, Nicolas Hernandez nicolas.hernan...@aleph-networks.com wrote: Could it be possible to have a checktsyle file ? - Nicolas Hernandez a-n - aleph-networks *associé* http://www.aleph-networks.com On Tue, Mar 20, 2012 at 11:47 AM, Matthew Toseland t...@amphibian.dyndns.org wrote: On Monday 19 Mar 2012 23:12:15 Steve Dougherty wrote: I'm all for it. The coding standard is rather clear on indenting with tabs, so I guess all that would be required is a run with a re-indenting/code style conformance tool. That's something for a janitor tree, and would ideally be timed between releases and when all known pull requests have been merged or rejected to minimize whitespace-related disruption to existing work. Gigantic third party patches should come with some means to verify them. For example, converting all the spaces to tabs in a single commit is fine because then you can just do diff -uw. However, automated bulk indenting doesn't always makes things easier to read - e.g. devs may not like the style it produces. On 03/19/2012 06:13 PM, Marco Schulze wrote: May I add a vote to standardise indentation? This mess of spaces with tabs really bugs me. ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl -- Ian Clarke Personal blog: http://blog.locut.us/ ___ Devl mailing listDevl@freenetproject.orghttps://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
[freenet-dev] Freenet has been accepted in Google Summer of Code 2012!
On the positive side, if you do help us with the website it will mean that when you are old enough we'll be much more likely to pick you as a student :-) Ian. On Sun, Mar 18, 2012 at 12:26 PM, Leah Hicks wrote: > Have to scratch that, I'm not quite old enough yet to apply. :( > > > On Sun, Mar 18, 2012 at 12:19 PM, Leah Hicks wrote: > >> I really want to apply for this as a student but the only skills I have >> are in web design. In a separate email I've offered to redo the site, but >> maybe I should have that wait until SoC begins to do that? I noticed it as >> one of the proposals on the wiki. > > > > > -- > -- *Leah Hicks* > * > * > http://kori-designs.com > *http://kanjidaisuki.com* > > > ___ > Devl mailing list > Devl at freenetproject.org > https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl > -- Ian Clarke Personal blog: http://blog.locut.us/ -- next part -- An HTML attachment was scrubbed... URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20120318/f91416e0/attachment.html>
[freenet-dev] Freenet has been accepted in Google Summer of Code 2012!
Ok, I figured it out and added a link - students can't sign up until March 26th so we should hold-off on a publicity push until then. Ian. On Sun, Mar 18, 2012 at 10:08 AM, Ian Clarke wrote: > On Sat, Mar 17, 2012 at 7:14 PM, Florent Daigniere < > nextgens at freenetproject.org> wrote: > >> Mentors and students can apply at >> https://www.google-melange.com/gsoc/org/google/gsoc2012/freenet > > > How do they do this? I see nothing obvious on that page explaining. > Also, if this page is indeed the mechanism through which people should > apply, then we should link to it from the SoC wiki page. > > Ian. > > -- > Ian Clarke > Founder, The Freenet Project > Email: ian at freenetproject.org > > -- Ian Clarke Founder, The Freenet Project Email: ian at freenetproject.org -- next part -- An HTML attachment was scrubbed... URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20120318/200888d3/attachment.html>
[freenet-dev] Freenet has been accepted in Google Summer of Code 2012!
On Sat, Mar 17, 2012 at 7:14 PM, Florent Daigniere < nextgens at freenetproject.org> wrote: > Mentors and students can apply at > https://www.google-melange.com/gsoc/org/google/gsoc2012/freenet How do they do this? I see nothing obvious on that page explaining. Also, if this page is indeed the mechanism through which people should apply, then we should link to it from the SoC wiki page. Ian. -- Ian Clarke Founder, The Freenet Project Email: ian at freenetproject.org -- next part -- An HTML attachment was scrubbed... URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20120318/0b8f2482/attachment.html>
[freenet-dev] (no subject)
On Sat, Mar 17, 2012 at 9:29 PM, Leah Hicks wrote: > My primary suggestions are: > > - Update the site to HTML5 and CSS3 > Yes, but it should degrade gracefully so that it works in IE7, even if it doesn't look as good. > - Change the top menu to be less cramped, possible move certain items to a > sidebar > Sounds reasonable. > - Make new buttons for Download / Donate > Sure. > - General restyling of the site to look cleaner and easier to read. > Yup. So from this it seems that you want to modify the existing site rather than start from scratch with something fresh? > Any suggestions or feedback would be greatly appreciated, and again sorry > for the last message! ^^ > Not a problem - we're glad to have you on board :-) Ian. -- Ian Clarke Founder, The Freenet Project Email: ian at freenetproject.org -- next part -- An HTML attachment was scrubbed... URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20120318/5f3287db/attachment.html>
[freenet-dev] Website Redesign?
doh, sorry - in my enthusiasm I didn't notice that there was a follow-up thread. I'll go read it now :-) Ian. On Sun, Mar 18, 2012 at 9:37 AM, Ian Clarke wrote: > Leah, > > That sounds great, our last redesign was indeed several years ago, and I > agree that the site is probably overdue for a facelift. > > One thing though, I think we will need to support Internet Explorer 7, > which I believe doesn't support some of the newer web standards you > mention. It's ok if the site doesn't look quite as good in IE7, but it > should at least work. (The good news is that the upcoming IE10 does > support these things, so hopefully we won't have to worry about it for too > much longer). > > In your email you didn't actually list any of the specific things you'd > change, perhaps you hit "send" prematurely by mistake? > > Also, you didn't mention but I assume you're willing to do this work on a > voluntary basis? Of course, if you do the redesign we're willing to add a > credit and a link to you to the bottom of our site (which will be very good > for your "Google guice" given that our site has a pagerank of 6 ;). > > Assuming all is well, I guess the first step would be for you to do a > mock-up so that we can all see how you envisage the site looking? > > Thanks, and welcome aboard! > > Ian. > > On Sat, Mar 17, 2012 at 9:23 PM, Leah Hicks wrote: > >> Hello, >> >> I'm a freelance web designer and I'm interested in redesigning Freenet's >> home page. It looks kind of out dated compared to most modern sites, not to >> mention it's using the rather out dated HTML 4 Transitional doctype. >> Although not exactly supported yet by some browsers, I assume that most of >> your userbase uses Chrome, Firefox, or Opera, which have support for all >> the new HTML 5 tags and CSS3 selectors. Mainly I just want to tidy the site >> up. >> >> Here's my portfolio: http://kori-designs.com >> >> My primary suggestions are: >> >> >> -- >> -- *Leah Hicks* >> * >> * >> http://kori-designs.com >> *http://kanjidaisuki.com* >> >> >> ___ >> Devl mailing list >> Devl at freenetproject.org >> http://freenetproject.org/cgi-bin/mailman/listinfo/devl >> > > > > -- > Ian Clarke > Personal blog: http://blog.locut.us/ > -- Ian Clarke Personal blog: http://blog.locut.us/ -- next part -- An HTML attachment was scrubbed... URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20120318/66b4b4d6/attachment.html>
[freenet-dev] Website Redesign?
Leah, That sounds great, our last redesign was indeed several years ago, and I agree that the site is probably overdue for a facelift. One thing though, I think we will need to support Internet Explorer 7, which I believe doesn't support some of the newer web standards you mention. It's ok if the site doesn't look quite as good in IE7, but it should at least work. (The good news is that the upcoming IE10 does support these things, so hopefully we won't have to worry about it for too much longer). In your email you didn't actually list any of the specific things you'd change, perhaps you hit "send" prematurely by mistake? Also, you didn't mention but I assume you're willing to do this work on a voluntary basis? Of course, if you do the redesign we're willing to add a credit and a link to you to the bottom of our site (which will be very good for your "Google guice" given that our site has a pagerank of 6 ;). Assuming all is well, I guess the first step would be for you to do a mock-up so that we can all see how you envisage the site looking? Thanks, and welcome aboard! Ian. On Sat, Mar 17, 2012 at 9:23 PM, Leah Hicks wrote: > Hello, > > I'm a freelance web designer and I'm interested in redesigning Freenet's > home page. It looks kind of out dated compared to most modern sites, not to > mention it's using the rather out dated HTML 4 Transitional doctype. > Although not exactly supported yet by some browsers, I assume that most of > your userbase uses Chrome, Firefox, or Opera, which have support for all > the new HTML 5 tags and CSS3 selectors. Mainly I just want to tidy the site > up. > > Here's my portfolio: http://kori-designs.com > > My primary suggestions are: > > > -- > -- *Leah Hicks* > * > * > http://kori-designs.com > *http://kanjidaisuki.com* > > > ___ > Devl mailing list > Devl at freenetproject.org > http://freenetproject.org/cgi-bin/mailman/listinfo/devl > -- Ian Clarke Personal blog: http://blog.locut.us/ -- next part -- An HTML attachment was scrubbed... URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20120318/50bd1732/attachment.html>
Re: [freenet-dev] Website Redesign?
Leah, That sounds great, our last redesign was indeed several years ago, and I agree that the site is probably overdue for a facelift. One thing though, I think we will need to support Internet Explorer 7, which I believe doesn't support some of the newer web standards you mention. It's ok if the site doesn't look quite as good in IE7, but it should at least work. (The good news is that the upcoming IE10 does support these things, so hopefully we won't have to worry about it for too much longer). In your email you didn't actually list any of the specific things you'd change, perhaps you hit send prematurely by mistake? Also, you didn't mention but I assume you're willing to do this work on a voluntary basis? Of course, if you do the redesign we're willing to add a credit and a link to you to the bottom of our site (which will be very good for your Google guice given that our site has a pagerank of 6 ;). Assuming all is well, I guess the first step would be for you to do a mock-up so that we can all see how you envisage the site looking? Thanks, and welcome aboard! Ian. On Sat, Mar 17, 2012 at 9:23 PM, Leah Hicks korii.r...@gmail.com wrote: Hello, I'm a freelance web designer and I'm interested in redesigning Freenet's home page. It looks kind of out dated compared to most modern sites, not to mention it's using the rather out dated HTML 4 Transitional doctype. Although not exactly supported yet by some browsers, I assume that most of your userbase uses Chrome, Firefox, or Opera, which have support for all the new HTML 5 tags and CSS3 selectors. Mainly I just want to tidy the site up. Here's my portfolio: http://kori-designs.com My primary suggestions are: -- -- *Leah Hicks* * * http://kori-designs.com *http://kanjidaisuki.com* ___ Devl mailing list Devl@freenetproject.org http://freenetproject.org/cgi-bin/mailman/listinfo/devl -- Ian Clarke Personal blog: http://blog.locut.us/ ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
Re: [freenet-dev] Website Redesign?
doh, sorry - in my enthusiasm I didn't notice that there was a follow-up thread. I'll go read it now :-) Ian. On Sun, Mar 18, 2012 at 9:37 AM, Ian Clarke i...@locut.us wrote: Leah, That sounds great, our last redesign was indeed several years ago, and I agree that the site is probably overdue for a facelift. One thing though, I think we will need to support Internet Explorer 7, which I believe doesn't support some of the newer web standards you mention. It's ok if the site doesn't look quite as good in IE7, but it should at least work. (The good news is that the upcoming IE10 does support these things, so hopefully we won't have to worry about it for too much longer). In your email you didn't actually list any of the specific things you'd change, perhaps you hit send prematurely by mistake? Also, you didn't mention but I assume you're willing to do this work on a voluntary basis? Of course, if you do the redesign we're willing to add a credit and a link to you to the bottom of our site (which will be very good for your Google guice given that our site has a pagerank of 6 ;). Assuming all is well, I guess the first step would be for you to do a mock-up so that we can all see how you envisage the site looking? Thanks, and welcome aboard! Ian. On Sat, Mar 17, 2012 at 9:23 PM, Leah Hicks korii.r...@gmail.com wrote: Hello, I'm a freelance web designer and I'm interested in redesigning Freenet's home page. It looks kind of out dated compared to most modern sites, not to mention it's using the rather out dated HTML 4 Transitional doctype. Although not exactly supported yet by some browsers, I assume that most of your userbase uses Chrome, Firefox, or Opera, which have support for all the new HTML 5 tags and CSS3 selectors. Mainly I just want to tidy the site up. Here's my portfolio: http://kori-designs.com My primary suggestions are: -- -- *Leah Hicks* * * http://kori-designs.com *http://kanjidaisuki.com* ___ Devl mailing list Devl@freenetproject.org http://freenetproject.org/cgi-bin/mailman/listinfo/devl -- Ian Clarke Personal blog: http://blog.locut.us/ -- Ian Clarke Personal blog: http://blog.locut.us/ ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
Re: [freenet-dev] (no subject)
On Sat, Mar 17, 2012 at 9:29 PM, Leah Hicks korii.r...@gmail.com wrote: My primary suggestions are: - Update the site to HTML5 and CSS3 Yes, but it should degrade gracefully so that it works in IE7, even if it doesn't look as good. - Change the top menu to be less cramped, possible move certain items to a sidebar Sounds reasonable. - Make new buttons for Download / Donate Sure. - General restyling of the site to look cleaner and easier to read. Yup. So from this it seems that you want to modify the existing site rather than start from scratch with something fresh? Any suggestions or feedback would be greatly appreciated, and again sorry for the last message! ^^ Not a problem - we're glad to have you on board :-) Ian. -- Ian Clarke Founder, The Freenet Project Email: i...@freenetproject.org ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
Re: [freenet-dev] Freenet has been accepted in Google Summer of Code 2012!
Ok, I figured it out and added a link - students can't sign up until March 26th so we should hold-off on a publicity push until then. Ian. On Sun, Mar 18, 2012 at 10:08 AM, Ian Clarke i...@freenetproject.org wrote: On Sat, Mar 17, 2012 at 7:14 PM, Florent Daigniere nextg...@freenetproject.org wrote: Mentors and students can apply at https://www.google-melange.com/gsoc/org/google/gsoc2012/freenet How do they do this? I see nothing obvious on that page explaining. Also, if this page is indeed the mechanism through which people should apply, then we should link to it from the SoC wiki page. Ian. -- Ian Clarke Founder, The Freenet Project Email: i...@freenetproject.org -- Ian Clarke Founder, The Freenet Project Email: i...@freenetproject.org ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
[freenet-dev] website spanish translation rev 1
Great work! Have we merged this yet? Ian. On Mon, Mar 12, 2012 at 11:23 AM, Flavio Heredia wrote: > good morning list. > > a revision of website spanish translation is ready and a pull request done. > > many typos corrected and a better translation improved. > > for a preview please see http://merlinux.com.ar/freenetproject/ > > also in freenet. > > enjoy and kind regards. > merlin > > On Mon, Mar 5, 2012 at 10:10 AM, Flavio Heredia > wrote: > > On Sun, Mar 4, 2012 at 1:30 PM, Steve Dougherty > wrote: > >> Looks great! I'm in the process of deploying it. > >> > >> Is "Convesar" in "Compartir, Convesar, Navegar. Anonimamente. En la Red > >> Libre" a typo for "Conversar?" > >> > >> Thanks, > >> operhiem1 > >> > >> On Mon, Feb 20, 2012 at 6:57 PM, Flavio Heredia > wrote: > >>> > > > > yes, it is... i'm working in a review and many of this and other > > errors will be corrected. > > thanks a lot for feedback...! > > merlin > ___ > Devl mailing list > Devl at freenetproject.org > http://freenetproject.org/cgi-bin/mailman/listinfo/devl > -- Ian Clarke Personal blog: http://blog.locut.us/ -- next part -- An HTML attachment was scrubbed... URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20120314/21f4d6f1/attachment.html>
[freenet-dev] Should we switch the websites to httpS only?
On Fri, Mar 9, 2012 at 3:37 PM, Evan Daniel wrote: > I'm in favor of https only. The only real arguments against it are > probably server cpu load. I assume that given our traffic levels, > that's not likely to be an issue? Actually it might. While we normally hover around 2,500 visits per day, which the server should be able to handle quite easily, we do occasionally get linked from high-traffic websites which puts a lot more strain on the server. It's important that the server doesn't go down on these occasions as they are an important way to acquire new users, donors, and developers. Ian. -- Ian Clarke Founder, The Freenet Project Email: ian at freenetproject.org -- next part -- An HTML attachment was scrubbed... URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20120314/a5bcdf27/attachment.html>