Plugins build system upgrade

[DC*]

Hi all,

We're working on upgrading the build system on all official plugins.
This effort will enable us to have better plugin integration into
different system and is an important upgrade to clean up various
dependencies that proved to be problematic (such as freenet-ext).

Here you can see the status (it's being updated frequently):

 
https://cryptpad.piratenpartei.de/code/#/2/code/view/oRpAH-DUWdWRz-ASzVKlvGbUwuNWcrNLr5hbI2PTWbw/

As a summary:

Plugins already ported:

- https://github.com/freenet/plugin-KeyUtils
- https://github.com/freenet/plugin-UPnP2

Plugins being ported:

- https://github.com/freenet/plugin-Library
  - https://github.com/freenet/plugin-Library/pull/17
- https://github.com/freenet/plugin-FlogHelper
  - https://github.com/freenet/plugin-FlogHelper/pull/20
- https://github.com/freenet/plugin-UPnP
  - https://github.com/freenet/plugin-UPnP/pull/12
- https://github.com/freenet/plugin-sharesite
  - https://github.com/freenet/plugin-sharesite/pull/3

Port pending:

- https://github.com/freenet/plugin-Freemail
- https://github.com/freenet/plugin-Freetalk
- https://github.com/freenet/plugin-Freereader
- https://github.com/freenet/plugin-Spider

Best regards,

Re: Statements about the HTL attacks

[Dr. Arne Babenhauserheide]

Hi shroobi,
shroobi  writes:

> I wanted to leave a note about these statements on the Freenet
> homepage. I don't understand why a response to disprove the paper
> would be released but there hasn't been any code put in place to
> address the problem.

There was no code put in place, because the statistics in the attacks
were false. We can’t fix it if there is no vulnerability in the first place.

To be frank: The paper was wrong.

> Furthermore, later a detailed description was made of *how exactly* an
> attack could be done with certainty. Not cool. An enormous risk has
> been put on users because of this. Why was that done?

That later description was also false:
https://www.draketo.de/software/levine-2017-errors.html

We cannot fix it in code when people simply fake proof.

The actual problem is in the legal system. If a court accepts false
proofs, the only way we can prevent this is to hide the address of the
node in the first place.

And Freenet enabled that in 2007: Use the friend-to-friend mode (high
security / darknet). This is the only way to prevent easy harvesting of
your IP, and so it is the only way to prevent someone from targeting you
with faked proof.

Best wishes,
Arne
-- 
Unpolitisch sein
heißt politisch sein
ohne es zu merken


signature.asc
Description: PGP signature