Re: Check Plugins to follow an API cleanup

[DC*]

Hello all!

We worked and tested all plugins on the list (except 2 that are 
pending) and we found that they weren't affected by the API change!


Most plugins compiles because they use a higher-level API, other 
plugins use FCP.


You can follow the updated list here:



Best regards,

On mié, ago 12, 2020 at 22:37, Dr. Arne Babenhauserheide 
 wrote:

Hi,

We did a small API cleanup to get rid of lots of FakeCallback-usages
just to get around the old API. Sadly there is at least one plugin 
which
used that API. We’re now checking all plugins whether they are 
affected.


It would be great if you could help check that! You only need to test
whether the plugin compiles when using the freenet.jar from build 
1486.


More information and the current state is available at:


Once we have all those points crossed, I’ll prepare 1487 with plugin
updates, including those fixes.

If you know a plugin not in the list, please tell us!

Projects on the site, state of now (~~ … ~~ means it’s already 
done):


- Flircp
- ~~FlogHelper~~ (compiles)
- ~~Freemail~~ (compiles)
- Fritter
- jfniki
- ~~Library~~ (compiles)
- ~~Sharesite~~ (compiles with fred next and only uses the 
HighLevelSimpleClient)

- Shoeshop
- ~~Sone~~ (uses FCP only)
- ThawIndexBrowser
- UPnP
- UPnP2
- WebOfTrust
- ~~WoTNS~~ (uses FCP only)
- BOF
- ~~Spider~~ (compiles)
- jFMS
- ~~jSite~~ (uses FCP only)
- munin-freenet
- munin-plugin-freenet
- RelayBot
- Syndie
- ~~jFCPlib~~ (uses FCP only)
- ShoeShop
- Keepalive
- KeyUtils 

Best wishes,
Arne
--
Unpolitisch sein
heißt politisch sein
ohne es zu merken

Re: Plugins build system upgrade

[Des]

Hello everyone,

A little update on the work to upgrade the plugins' build system.

Freetalk
- Pending -> In Progress
WebOfTrust
- Pending -> Done

We continue to work on the following plugins:

- Freetalk
- PR: 
- Library
- PR: 
- FlogHelper
- PR: 
- UPnP
- PR: 
- Sharesite
- PR: 

You can follow the updates here: 



Best regards,

Re: Statements about the HTL attacks

[Dr. Arne Babenhauserheide]

shroobi  writes:

>> Hi shroobi,
>> shroobi  writes:
>>
>>> I wanted to leave a note about these statements on the Freenet
>>> homepage. I don't understand why a response to disprove the paper
>>> would be released but there hasn't been any code put in place to
>>> address the problem.
>>
>> There was no code put in place, because the statistics in the attacks
>> were false. We can’t fix it if there is no vulnerability in the
>> first place.
>>
>> To be frank: The paper was wrong.
>>
>>> Furthermore, later a detailed description was made of *how exactly* an
>>> attack could be done with certainty. Not cool. An enormous risk has
>>> been put on users because of this. Why was that done?
>>
>> That later description was also false:
>> https://www.draketo.de/software/levine-2017-errors.html
>>
>> We cannot fix it in code when people simply fake proof.
>
> Final note: The minimal information required for statistical claims
> about observations of node upload or download activity in Freenet:

> … snip …

Did you see any claim that actually contained this information? If not,
then they are trying to fake proof by making unverifiable claims. I have
yet to see anyone giving a solid statistical argument while providing
the actually needed information to check their claims.

This is not to say that it is impossible to trace you on opennet. It’s
just that no one ever did it right.

To actually prevent all but the most powerful (those who can make ISPs
their tools and hack individual computers) from tracking you, you must
be connected via friend-to-friend mode (high security) with people you
trust not to try to pro-actively track you. To track you then requires
hacking your friends' computers.

To get even higher security, you‘ll also need to connect Freenet to the
internet via a regional mesh-network that does not spy on the data you
transmit to find people who upload lots of encrypted packages.

But the first step to improve protections for your privacy is really to
move to friend-to-friend mode.

Best wishes,
Arne
-- 
Unpolitisch sein
heißt politisch sein
ohne es zu merken


signature.asc
Description: PGP signature