Re: Is this the devl mailing list for Hyphanet/Freenet_Classic?

[Dr. Arne Babenhauserheide]

Hi,

>> Is this the devl mailing list for Hyphanet/Freenet_Classic?

freenetproject.org is the website for Hyphanet / the original Freenet.

"David Dernoncourt"  writes:
> While we're talking about good questions and the allocation of old
> resources, what happens to the seemingly large number of bitcoins that
> were donated to former-Freenet-now-Hyphanet?

The current developers of Hyphanet / the original Freenet have no access
to any of the donations that were made for Freenet, and except for
volunteer-hosted seednodes (thank you to the hosters!), we’re financing
the infrastructure of Hyphanet from our own pockets.

Regardless of what’s right or wrong, this is the reality on the ground
as I know it.

Best wishes,
Arne
-- 
Unpolitisch sein
heißt politisch sein,
ohne es zu merken.
draketo.de


signature.asc
Description: PGP signature

Re: Weird name on website

[Dr. Arne Babenhauserheide]

Nicolas Hernandez  writes:

>> There is a post about this on the Freenet website that also gives links
>> with further information:
>
>> https://www.freenetproject.org/freenet-renamed-to-hyphanet.html
> 404 on this page because of redirect

It does not redirect for you? That’s odd.

This is the redirect target:
https://www.hyphanet.org/freenet-renamed-to-hyphanet.html

>> Sorry for the confusion this causes.

Best wishes,
Arne
-- 
Unpolitisch sein
heißt politisch sein,
ohne es zu merken.
draketo.de


signature.asc
Description: PGP signature

Re: Weird name on website

[Dr. Arne Babenhauserheide]

"Dr. Arne Babenhauserheide"  writes:
> Hello Marek,
>
> Marek Küthe  writes:
>> I was after a long time again on the website of Freenet
>> freenetproject.org. There I noticed that I am redirected to
>> https://www.hyphanet.org/index.html. Furthermore every name "Freenet"
>> was replaced with "Hyphanet" there. Is this intentional? Is there
>> perhaps a blog post about this? Is this an attack on Freenet?
>
> Hyphanet is the original Freenet.
>
> There is a post about this on the Freenet website that also gives links
> with further information:
>
> https://www.freenetproject.org/freenet-renamed-to-hyphanet.html
>
> Sorry for the confusion this causes.

And I’m sorry for being tightlipped about this. I expect that if you
read the mailinglist thread linked in the article, you’ll understand why
I think that this minimizes damage to the project.

Best wishes,
Arne
-- 
Unpolitisch sein
heißt politisch sein,
ohne es zu merken.
draketo.de


signature.asc
Description: PGP signature

Re: Weird name on website

[Dr. Arne Babenhauserheide]

Hello Marek,

Marek Küthe  writes:

> I was after a long time again on the website of Freenet
> freenetproject.org. There I noticed that I am redirected to
> https://www.hyphanet.org/index.html. Furthermore every name "Freenet"
> was replaced with "Hyphanet" there. Is this intentional? Is there
> perhaps a blog post about this? Is this an attack on Freenet?

Hyphanet is the original Freenet.

There is a post about this on the Freenet website that also gives links
with further information:

https://www.freenetproject.org/freenet-renamed-to-hyphanet.html

Sorry for the confusion this causes.

Best wishes,
Arne
-- 
Unpolitisch sein
heißt politisch sein,
ohne es zu merken.
draketo.de


signature.asc
Description: PGP signature

Re: Important Announcement: Freenet naming change

[Dr. Arne Babenhauserheide]

Ian Clarke  writes:

> On Wed, Jan 18, 2023 at 11:40 AM Dr. Arne Babenhauserheide  
> wrote:
>
>  Ian Clarke  writes:
>  > What "room"? I've already said, the constituency I care about is the next 
> generation. You don't speak for them.
>
>  You do not care about the currently existing, vibrant Freenet Community?
>
> I care about the maintainers and users of Fred, and I've said I do

This is the room that Freenet304987 is talking about.

Best wishes,
Arne
-- 
Unpolitisch sein
heißt politisch sein,
ohne es zu merken.
draketo.de


signature.asc
Description: PGP signature

Re: Important Announcement: Freenet naming change

[Dr. Arne Babenhauserheide]

Ian Clarke  writes:
> What "room"? I've already said, the constituency I care about is the next 
> generation. You don't speak for them.

You do not care about the currently existing, vibrant Freenet Community?

Best wishes,
Arne
-- 
Unpolitisch sein
heißt politisch sein,
ohne es zu merken.
draketo.de


signature.asc
Description: PGP signature

Re: Important Announcement: Freenet naming change

[Dr. Arne Babenhauserheide]

Ian Clarke  writes:

> I know exactly who he is, I was asking who he was speaking on behalf
> of since he was claiming to speak on behalf of the "Freenet
> community", quite a bold claim.

He did not claim that. It’s just how it seemed to you.

Yet despite not claiming it, Steve actually has the backing of the other
core developers and maintainers. And from what I’ve seen in the Freenet
community spaces, he also has the backing of the Freenet community.

Best wishes,
Arne
-- 
Unpolitisch sein
heißt politisch sein,
ohne es zu merken.
draketo.de


signature.asc
Description: PGP signature

Re: Important Announcement: Freenet naming change

[Dr. Arne Babenhauserheide]

Ian Clarke  writes:
> Apologies to mutt users, but Freenet's mainstream brand recognition has been 
> on an uninterrupted
> downward trajectory since 2004:
>
> freenet-trend.png

You are showing the US-trend. Let’s look at the trend in a country where
there was PR done:


This is the trend in Germany, and you’ll see it going up again in the
past year where I gave a presentation for a German non-profit.

What was missing for spreading was not technical. Missing was that we
did not talk enough in public about Freenet.

And brand recognition is good among long term internet freedom
activists, but only for the scope and use-cases of the current Freenet,
not for the different scope of Locutus.

Best wishes,
Arne
-- 
Unpolitisch sein
heißt politisch sein,
ohne es zu merken.
draketo.de


signature.asc
Description: PGP signature

Re: Important Announcement: Freenet naming change

[Dr. Arne Babenhauserheide]

Dear Freenet Contributors and Enthusiasts,

I want to clear up some of the confusion.

Ian Clarke  writes:
> I hope this email finds you well. I am writing to inform you of an important 
> change that the Freenet Project board voted on unanimously on Friday.
> After much discussion over the past 18 months

Ian wrote me private emails about his plan and I strongly objected. He
chose to ignore that. I do not know whether he talked to someone else.

There are no public archives, because these were just private emails.

After he agreed that others could email him, I talked to other release
managers and core developers.⁰ It is a shared understanding that this
renaming would damage Freenet. We had hoped that Ian would not go
through with this, so we did not write in public to prevent damage to
the project.

After he now wrote, the damage is done. We can only try to minimize it.

⁰: Before he said that other developers can contact him, I held it as a
   confidential discussion out of respect for the privacy of personal
   communication.

Best wishes,
Arne
-- 
Unpolitisch sein
heißt politisch sein,
ohne es zu merken.
draketo.de


signature.asc
Description: PGP signature

Re: Important Announcement: Freenet naming change

[Dr. Arne Babenhauserheide]

Ian Clarke  writes:
> You're speaking as if you speak on behalf of the Freenet community. Who 
> specifically are you speaking for and what gives you the ability to speak for
> them?

I share the sentiment. Steve spoke to me before sending this message,
and he also speaks for me, the release manager of Freenet. Also David,
Florent, and xor disagree strongly with the renaming plan. These are
most of the non-anonymous core developers of Freenet.

And the actual Freenet community that communicates on Freenet via FMS
and Sone is absolutely enraged over this.

Best wishes,
Arne

> On Tue, Jan 17, 2023 at 2:46 PM Steve Dougherty  wrote:
>  I'm surprised. I'm not sure what to say, or what reaction you and the
>  rest of the board expected.
>
>  This is another demonstration of a complete disconnect between the board
>  of FPI, and the community around Freenet. After giving up initial plans
>  to name Locutus "Freenet 2" in the face of backlash, you and the rest of
>  the board appear to now want still more of Freenet's brand recognition.
>  The hope seems to be that the Freenet community, having not been
>  consulted, and reasonably assumed to disagree, will undertake the effort
>  to rename themselves the Freenet Classic community.
>
>  I don't think this will happen. It would require buy-in, and it has
>  none.
>
>  - Steve


-- 
Unpolitisch sein
heißt politisch sein,
ohne es zu merken.
draketo.de


signature.asc
Description: PGP signature

Freenet build 1496 released: fix keepalive, translations, windows

[Dr. Arne Babenhauserheide]

Freenet 0.7.5 build 1496 is now available.

> **Install Freenet** for **[Windows][windows-installer]**, for **[GNU/Linux, 
> macOS and other *nixes][linux-installer]**, or for 
> **[Android][android-package]**. See the [download page][download page] for 
> more information and other platforms.


This is a smaller release that provides three improvements and fixes
one regression:

- fix keepalive
- update translations
- new freemail info page
- installer, test and charset fixes


[windows-installer]: 
https://www.draketo.de/dateien/freenet/build01496/FreenetInstaller-1496.exe
[linux-installer]: 
https://www.draketo.de/dateien/freenet/build01496/new_installer_offline_1496.jar

(This still goes over the non-standard download-page. 1497 should use
the lysator-mirror again. Please use one of these mirrors — we found
that github releases heavily throttle our download-speeds)


Fix keepalive
-

This fixes breakage in keepalive by ignoring a negative maxsize.
This was broken by a fix to the client
to actually honor the maxsize which was ignored before,
so ignoring invalid values provides a compatibility layer
for old plugins.


Update translations
---

Imported updated translations from transifex.

The biggest changes were done by the Russian team,
adding or updating almost 200 translations.

The German team changed over 70 translations.

And 1 to 7 changes were done by teams
es, fa, fi, fr, hu, it, ja, nb-no,
nl, pt (br and PT), sv, zh-cn and zh-tw.

A big thank you for your work!


Bookmark curation
-

The update replaces the unmaintained freemail site in the default bookmarks
by a maintained one — thanks to Cynthia!


Further changes
---

- add meta charset tests
- add missing test annotations — thanks to vwoodzell!
- when using the windows installer to update, wrapper.conf will be overwritten
  to make it work with changed dependencies. Thanks to naejadu!
- support  in the header of freesites to set the encoding


A big thank you to all contributors and reviewers
for getting this release in shape!

And thank you for using Freenet!


Remaining known bug
---

There is one known problem with the installer that can cause Freenet
to stay in friend-to-friend mode (not connecting) even when you do not
check that you know people using Freenet. If that should happen to you
and you want to connect to strangers, please check in the menu
configuration - security levels and set the protection against
strangers to normal.

This should get fixed in 1497.


## Contribute

If you want to help us get better, please chat with us in
freenet @ irc.libera.chat . And 
give us time to answer, we’re all volunteers and might not be in your timezone.

To get into development right-away, have a look at one of the
Freenet-Projects (https://github.com/freenet/wiki/wiki/Projects) or just
get  fred (https://github.com/freenet/fred) and fix something that annoys you.

And to take on something that makes a big difference, have a look at the
high-impact tasks (https://github.com/freenet/wiki/wiki/High-Impact-tasks).


## What is Freenet?

Freenet is a peer-to-peer platform for  
censorship-resistant and privacy-respecting  
publishing and communication.

> I worry about my child and the Internet all the time, even though
> she's too young to have logged on yet. Here's what I worry about. I
> worry that 10 or 15 years from now, she will come to me and say
> 'Daddy, where were you when they took freedom of the press away from
> the Internet? --Mike Godwin, Electronic Frontier Foundation

That Freenet can keep moving forward and help people worldwide to
exercise their basic rights and freedoms is the work of amazing
volunteers, both contributors and people running Freenet nodes.

Thank you for your contributions, and thank you for using Freenet!


\-- AB


> **Install Freenet** for **[Windows][windows-installer]**, for **[GNU/Linux 
> and other *nixes][linux-installer]**, or for **[Android][android-package]**. 
> See the [download page][download page] for more information and other 
> platforms.



[releasetag1496]: https://github.com/freenet/fred/releases/tag/build01496
[download page]: pages/download.html
[windows-installer]: 
https://www.draketo.de/dateien/freenet/build01496/FreenetInstaller-1496.exe
[linux-installer]: 
https://www.draketo.de/dateien/freenet/build01496/new_installer_offline_1496.jar
[android-package]: https://freenet-mobile.github.io/app/
[debian-package-beta-test]: 
https://www.mail-archive.com/devl@freenetproject.org/msg55247.html

-- 
Unpolitisch sein
heißt politisch sein,
ohne es zu merken.
draketo.de


signature.asc
Description: PGP signature

Freenet build 1495 released: new user experience and performance

[Dr. Arne Babenhauserheide]

Hi,


Freenet 0.7.5 build 1495 is now available:
https://freenetproject.org/freenet-build-1495-new-user-experience-and-performance.html


This build improves four broad areas:

- new users
- user experience
- performance
- backend changes


New users
-

There is a new firsttime wizard for single-step setup, contributed
by redwerk and finally merged after resolving dependency-requirements.

To further ease the start, the bookmarks are re-organized with
"starting points" at the top.


User experience
---

For integration in browser extensions,  TheSeeker added support for
the schemes web+freenet and ext+freenet which do not need further
allow-listing by browsers to use.

CometZ@6DtYG~ created a new theme sky-dark-static, a clean dark scheme,
simpler than Winterfacey.

To enable more beautiful Freesites, Spider Admin, naejadu and vwoodzell
extended the CSS filter to enable sticky, transition, and word-wrap.

The m3u-player is now only inserted into sites which contain at least
one video or audio tag. When a part of a stream fails, it is now skipped,
allowing for continuous playback without user-intervention.


Performance
---

For better lifetime of larger files, the healing size is increased
from 16 to 256 MiB, so a 512 MiB file will keep working if accessed
once every 10 days. To keep alive files explicitly, you can use the
keepalive plugin. You can activate it from the menu via
Configuration / Plugins.

And the pending keys optimizations by Eleriseth should reduce the CPU
load on very fast nodes with many peers.


Backend Changes
---

- merged the HashingAPI by unixninja92, a GSoC project that had
  gotten lost in the pull requests. This provides an easy and
  well-tested way to create and verify different types of Hashes from byte
  arrays, including Sha256 and TigerTree.
  https://github.com/freenet/fred/pull/258
- merged announcement fixes by toad
- upgraded unit tests to junit4, thanks to vwoodzell!
- fixed the client getter method to honor the max size argument


A big thank you to all contributors and reviewers
for getting this release in shape!

And thank you for using Freenet!


## Contribute

If you want to help us get better, please chat with us in #freenet @
irc.libera.chat. And give us time to answer, we’re all volunteers and
might not be in your timezone.

- libera.chat: https://web.libera.chat/?nick=FollowRabbit|?#freenet

To get into development right-away, have a look at one of the
Freenet-Projects or just get fred and fix something that annoys you. And
to take on something that makes a big difference, have a look at the
high-impact tasks.

- Freenet-Projects: https://github.com/freenet/wiki/wiki/Projects
- fred: https://github.com/freenet/fred
- High-Impact Tasks: https://github.com/freenet/wiki/wiki/High-Impact-tasks


## What is Freenet?

Freenet is a peer-to-peer platform for  
censorship-resistant and privacy-respecting  
publishing and communication.

> I worry about my child and the Internet all the time, even though
> she's too young to have logged on yet. Here's what I worry about. I
> worry that 10 or 15 years from now, she will come to me and say
> 'Daddy, where were you when they took freedom of the press away from
> the Internet? --Mike Godwin, Electronic Frontier Foundation

That Freenet can keep moving forward and help people worldwide to
exercise their basic rights and freedoms is the work of amazing
volunteers, both contributors and people running Freenet nodes.

Thank you for your contributions, and thank you for using Freenet!


- Arne Babenhauserheide
-- 
Unpolitisch sein
heißt politisch sein,
ohne es zu merken.
draketo.de


signature.asc
Description: PGP signature

Re: final review needed for 1495 (needed ASAP …)

[Dr. Arne Babenhauserheide]

"Dr. Arne Babenhauserheide"  writes:

> I need someone to review https://github.com/freenet/fred/pull/816 ASAP

David and Steve reviewed the PR — a big thank you to both of you!

The release is progressing. Looks like despite lots of Chaos we can make
it in time to release before the decentral Chaos ends this year!

Sidenote: I started to upload videos from https://media.ccc.de/c/jev22
to watch-36c3-incrementally, so if you still need something to watch
over the weekend, you can watch the jev22 without telling the CCC folks
that you do (not that I expect any risk from that …) and without
overloading their servers (the streams I’m watching have been quite
spotty, so that might actually be useful: watch-36c3 will scale up as
much as needed, if people use it).

USK@KxGwMvg~cXm5hs1ZX4NSH~I8fYyqcQD-~8dDdtmDs18,gKSJ4JQ4E1s2Pi-C1iKnfcpWp2pTmcOLaAz6PsogCpw,AQACAAE/watch-36c3-incrementally/86/

Best wishes,
Arne
-- 
Unpolitisch sein
heißt politisch sein,
ohne es zu merken.
draketo.de


signature.asc
Description: PGP signature

final review needed for 1495 (needed ASAP …)

[Dr. Arne Babenhauserheide]

Hi,

I need someone to review https://github.com/freenet/fred/pull/816 ASAP

My window for releasing 1495 safely this year is closing quickly and
that bugfix for the new first time wizard resolves a hard release
blocker.

with JS enabled, a new install redirected from /wizard to /wiz with Javascript 
and then redirected back to /wizard due to the check for the first time wizard.

And filling out the first time wizard did not set the wizard filled out flag, 
so new users with Javascript enabled wouldn’t be able to get out of the wizard 
whatever they did.


Best wishes,
Arne
-- 
Unpolitisch sein
heißt politisch sein,
ohne es zu merken.
draketo.de


signature.asc
Description: PGP signature

Test release for Freenet 1495

[Dr. Arne Babenhauserheide]

Hi,


I’m pushing a test release for 1495 right now. If you want to help test it, you 
can change the update key of your node to 
USK@wytBz~rduWSo9-MmVW4AVqY3ESebPPCP9vC-eSxe-vg,mZqWi0sHmhn5kt0idu-~K4pk~~8eNXxMeYen73FOfA8,AQACAAE/jar/1494

(see http://127.0.0.1:/config/node.updater?fproxyAdvancedMode=2 )

Release notes:

- descriptions: 
SSK@wytBz~rduWSo9-MmVW4AVqY3ESebPPCP9vC-eSxe-vg,mZqWi0sHmhn5kt0idu-~K4pk~~8eNXxMeYen73FOfA8,AQACAAE/changelog-1495?type=text/plain
- technical: 
SSK@wytBz~rduWSo9-MmVW4AVqY3ESebPPCP9vC-eSxe-vg,mZqWi0sHmhn5kt0idu-~K4pk~~8eNXxMeYen73FOfA8,AQACAAE/fullchangelog-1495?type=text/plain

If no bigger problems crop up, this will become the release for 1495.


New users
-

There is a new firsttime wizard for single-step setup, contributed
by redwerk and finally merged after resolving dependency-requirement.

To further ease the start, the bookmarks are re-organized with
"starting points" at the top.


User experience
---

For integration in browser extensions,  TheSeeker added support for 
the schemes web+freenet and ext+freenet which do not need further
allow-listing by browsers to use.

CometZ@6DtYG~ created a new theme sky-dark-static, a clean dark scheme,
simpler than Winterfacey.

To enable more beautiful Freesites, Spider Admin, naejadu and vwoodzell
extended the CSS filter to enable sticky, transition, and word-wrap.

The m3u-player is now only inserted into sites which contain at least
one video or audio tag. When a part of a stream fails, it is now skipped,
allowing for continuous playback without user-intervention.


Performance
---

For better lifetime of larger files, the healing size is increased
from 20 to 320 MiB, so a 320 MiB file will keep working if accessed
once every 10 days.

And the pending keys optimizations by Eleriseth should reduce the CPU
load on very fast nodes with many peers.


Further technical improvements
--

- finally merged the HashingAPI by unixninja92, a GSoC project that had
  gotten lost in the pull requests. This provides an easy and
  well-tested way to create and verify different types of Hashes from byte
  arrays, including Sha256 and TigerTree.
  https://github.com/freenet/fred/pull/258
- old announcement fixes by toad were finally merged
- unit tests were upgraded to junit4, thanks to vwoodzell!
- the client getter method now honors the max size argument


Thank you for using Freenet!


Contribute
--

If you want to help us get better, please chat with us in #freenet @
libera chat. And give us time to answer, we’re all volunteers and might
not be in your timezone: https://web.libera.chat/?nick=Rabbit|?#freenet

To get into development right-away, have a look at one of the Freenet-Projects 
or just get fred and fix something that annoys you.
- https://github.com/freenet/wiki/wiki/Projects
- https://github.com/freenet/fred

And to take on something that makes a big difference, have a look at the
high-impact tasks: https://github.com/freenet/wiki/wiki/High-Impact-tasks).


What is Freenet?


Freenet is a peer-to-peer platform for  
censorship-resistant and privacy-respecting  
publishing and communication.

> I worry about my child and the Internet all the time, even though
> she's too young to have logged on yet. Here's what I worry about. I
> worry that 10 or 15 years from now, she will come to me and say
> 'Daddy, where were you when they took freedom of the press away from
> the Internet? --Mike Godwin, Electronic Frontier Foundation

That Freenet can keep moving forward and help people worldwide to 
exercise their basic rights and freedoms is the work of amazing 
volunteers, both contributors and people running Freenet nodes. 

Thank you for your contributions, and thank you for using Freenet!


Best wishes,
Arne
-- 
Unpolitisch sein
heißt politisch sein,
ohne es zu merken.
draketo.de


signature.asc
Description: PGP signature

Remaining reviews needed to release Freenet 1495

[Dr. Arne Babenhauserheide]

Hi,


We’re getting ever closer to release. I merged the already reviewed
pull-requests, but some important PRs remain so we can release. Please
help getting these reviewed!


Small or simple reviews:

- only include the inline m3u player if the page contains media-tags
  https://github.com/freenet/fred/pull/802

- bookmarks: add infocalypse and pyFreenet sharesite
  https://github.com/freenet/fred/pull/801

- add sky-dark-static theme by CometZ@6DtYG~
  https://github.com/freenet/fred/pull/796

- m3u-player: skip tracks that fail.
  https://github.com/freenet/fred/pull/795

- Client getter honor max size argument
  https://github.com/freenet/fred/pull/794


More complex review:

- Redesign firsttime wizard (updating the PR from redwerk)
  https://github.com/freenet/fred/pull/790
  (this needs review of the changes I added to ship the needed dependencies)


Once the pull-requests above are reviewed, we can finally release 1495
with pretty cool improvements:

- new firsttime wizard (single-step joining with clearer defaults)
- Add web+freenet and ext+freenet as supported schemas to support
  extensions. Thanks to TheSeeker
- healing size increased (better lifetime for popular files)
- CSS: enable sticky — thanks to Spider Admin
- CSS: enable transition and word-wrap — thanks to naejadu, thanks to
  vwoodzell for the review!
- Eleriseth pending keys merged (performance)
- re-organize default bookmarks: first section has "starting points",
  thanks to vwoodzell for the review!
- new theme: sky-dark-static
- m3u-player: only inline the m3u player if the page contains media tags
- m3u-player: skip broken files
- Client getter honor max size argument
- finally merged the HashingAPI by unixninja92, a GSoC project that had
  gotten lost in the pull requests. This provides an easy and
  well-tested way to create and verify different types of Hashes from
  byte arrays, including Sha256 and TigerTree.
  https://github.com/freenet/fred/pull/258
- upgrade unit tests to junit4, thanks to vwoodzell!
- old announcement fixes by toad finally merged



The following PR does not block the release, because it needs conceptual
review to ensure that we won’t get problems when deploying in a large
network, and that we don’t make it easier to observe behavior. The
existing logic seems to be problematic, but it does not break down
completely, and this is a pretty sensitive area:

- Trivuele batch 2: RequestStarter simplification and fixes
  https://github.com/freenet/fred/pull/777
  (it would be good to have more comments in this which explain the
  logic. There is somewhat detailed documentation in the commit message:
  
https://github.com/freenet/fred/pull/777/commits/984ad3f81a4374a8fe2d55cdec21ba92ab990082
  )


Finally, this is one of the two remaining release blockers:

- Create initial Github CI flow
  https://github.com/freenet/fred/pull/775
  (this needs review to ensure that it cannot spill deployment or
   account information)


And if you want to help DC* finish the Debian package (to get to the
point where people can just apt install freenet), please have a look at

- Debian Package Continuation
  https://github.com/freenet/fred/pull/774


Best wishes,
Arne


We need people to check the pull-requests. I’m not merging anything into
fred (=autoupdate) not seen by at least 2 people (author + reviewer) to
ensure that if I merged something without review this would raise red
flags and get many people to check that.

That protects Freenet against being corrupted by putting pressure on me
(or any other release-manager).

So if you can make some time, please have a look at one of the pull
requests that is not yet marked as readyToBeMerged:
https://github.com/freenet/fred/pulls


Thank you for your interest in Freenet!


Best wishes,
Arne
--
What is Freenet?

Freenet is a peer-to-peer platform for
censorship-resistant and privacy-respecting
publishing and communication.

I worry about my child and the Internet all the time, even though
she's too young to have logged on yet. Here's what I worry about. I
worry that 10 or 15 years from now, she will come to me and say
'Daddy, where were you when they took freedom of the press away from
the Internet? --Mike Godwin, Electronic Frontier Foundation

That Freenet can keep moving forward and help people worldwide to
exercise their basic rights and freedoms is the work of amazing
volunteers, both contributors and people running Freenet nodes.

See https://freenetproject.org


signature.asc
Description: PGP signature

Re: infocalypse: version control over Freenet mostly works again with Python 3

[Dr. Arne Babenhauserheide]

Hi,

DC*  writes:
> Thanks for looking into this. This project is really cool and promising.
>
> Hope I can give it a try soon. Keep up the good work!

Thank you for your answer!

The full version tracking roundtrip over Freenet — including
*pull-request* and *notifications* — works again! And there is now a
doc/usage.org file with a full interaction example.

And thanks to tactical enabling of the RealTimeFlag, it now needs 80%
less time in my tests.


If you want to try it, first install:
- Mercurial https://www.mercurial-scm.org
- pyFreenet3 (pip3 install --user pyFreenet3)

Then get infocalypse and set it up:
hg clone hg.sr.ht/~arnebab/infocalypse ~/infocalypse
hg -R ~/infocalypse update py3
echo "[extensions]
infocalypse = ~/infocalypse/infocalypse
" >> ~/.hgrc

For pull-requests, you need two Identities. None of them may be a prefix
of the other. Both must have enabled Freemail in the web interface (set
a non-empty password!) and stored the login settings via

hg fn-setupfreemail --truster TestBab-2@ --mailhost 
127.0.0.1

I use TestBab-1 and TestBab-2 in this example.

Then try the roundtrip:

# Variables for the run, choose two WoT IDs of your own, do not use
# the same: you cannot message yourself yet.
export WOT_ID1=TestBab-1
export WOT_ID2=TestBab-2
export N=$(uuidgen);

# Cleanup
rm -r /tmp/infocalypse-*
cd /tmp

# Prepare first repository
hg init infocalypse-revived-${N}
cd infocalypse-revived-${N}
echo "Follow the white rabbit" > looking-glass.txt
hg ci -Am "infocalypse"
cd ..

# Share the repo
hg clone infocalypse-revived-${N} 
freenet://${WOT_ID1}/infocalypse-revived-${N}

# Get a repo and add changes
hg clone freenet://${WOT_ID1}/infocalypse-revived-${N} 
infocalypse-averted-${N}
cd infocalypse-averted-${N}
echo "One pill makes you larger" >> looking-glass.txt
hg ci -m "And one pill makes you small, so you can roundtrip"

# Share the repo and file a pull-request
hg clone . freenet://${WOT_ID2}/infocalypse-averted-${N}
# the . means "the current folder"
hg fn-pull-request --wot ${WOT_ID1}/infocalypse-revived-${N} --mailhost 
127.0.0.1 # enter a message
cd ..

# give the pull-request 5 minutes of time to propagate
sleep 5m

# Check for pull-requests, then pull and share the changes
cd infocalypse-revived-${N}
hg fn-check-notifications --wot ${WOT_ID1} --mailhost 127.0.0.1
hg pull -u freenet://${WOT_ID2}/infocalypse-averted-${N}
hg push freenet://${WOT_ID1}/infocalypse-revived-${N}
cd ..


The result of hg fn-check-notifications --wot TestBab-1 --mailhost 127.0.0.1:

Found pull request from 
'testbab-2@4ev53r3crqpgc7yftwjl2qjtqfds6d4lipi7jbofw7qwksplm3na.freemail':

testifoo

bar
baz


To accept this request, pull from: 
freenet://USK@4Svdx2KMHmF-BZ2SvUEzgUcvD4tD0fSFxbfhZUnrZto,Qp2rRpMpSLFNEvMfcQCw5HH8vkDnhYu-eYLskXAMXdk,AQACAAE/infocalypse-averted-f494c10b-7ffd-403b-8e69-033fee4db12a.R1/1
   To your repository: 
/tmp/infocalypse-revived-f494c10b-7ffd-403b-8e69-033fee4db12a
hg -R /tmp/infocalypse-revived-f494c10b-7ffd-403b-8e69-033fee4db12a pull 
'freenet://USK@4Svdx2KMHmF-BZ2SvUEzgUcvD4tD0fSFxbfhZUnrZto,Qp2rRpMpSLFNEvMfcQCw5HH8vkDnhYu-eYLskXAMXdk,AQACAAE/infocalypse-averted-f494c10b-7ffd-403b-8e69-033fee4db12a.R1/1'


That’s it: a full, anonymous, decentralized, pull-request based
workflow over Freenet.

Please give it a try and write how it works for you: whether it breaks
or whether it just works!

I only tested it locally and there may be some dependencies on my local
setup that we still need to prune.

Best wishes,
Arne

PS: I also posted this to reddit: 
https://www.reddit.com/r/Freenet/comments/ymw6uf/infocalypse_truly_decentralized_version_control/

>> I’m really happy that infocalypse works again!
>> 
>> This gets us one step closer to self-sufficient development: Freenet
>> development could now be done by a group of pseudonymous people. We can
>> already release updates when all our centralized infrastructure is down
>> (if we decide to ship the old windows installer and let Windows boxes
>> update over Freenet; Microsoft requires centralized signing), now we can
>> actually do development over Freenet again.
>> 
>> We don’t yet know whether it will work with larger repositories like
>> fred (it used to, but back then the network was 3 times larger), and
>> we’ll have to check and possibly fix hg fn-reinsert so all contributors
>> can keep the repository working, but we finally have that in place
>> again.
>> 
>> 
>> A foundation of real information freedom in the internet — safe against
>> censorship by threat and by harassment and by flooding with noise.
>> 
>> 
>> Imagine a group of hackers living in remote or citybound meshnets,
>> connecting with solar-powered nodes to their friends while using their
>> pseudonymous developer IDs to check on pull-requests and merge their

Re: Reviews needed for Freenet 1495 +not 1494+

[Dr. Arne Babenhauserheide]

Sorry for the typo. We need people to check the pull-requests. I’m not
merging anything into fred (=autoupdate) not seen by at least 2 people
(author + reviewer) to ensure that if I merged something without review
this would raise red flags and get many people to check that.

That protects Freenet against being corrupted by putting pressure on me
(or any other release-manager).

Best wishes,
Arne

"Dr. Arne Babenhauserheide"  writes:

> [[PGP Signed Part:Good signature from DCCF0DB30BC10548 Arne Babenhauserheide 
> (Physikliebhaber, Hobbysänger und Ideenspringquell)  (trust 
> ultimate) created at 2022-10-01T01:20:40+0200 using RSA
> Good signature from 13EF8D452403C3EB Arne Babenhauserheide (Drak) 
>  (trust ultimate) created at 2022-10-01T01:20:40+0200 using 
> RSA]]
> Hi,
>
>
> We have pretty cool changes in the pipeline for 1495, but several of
> those still need reviews.
>
>
> The following changes are already ready to be merged and need no further
> review:
> https://github.com/freenet/fred/pulls?q=is%3Apr+is%3Aopen+label%3AreadyToBeMerged
>
> I’m especially happy that I finally got to resolve the conflicts in
> Eleriseth pending keys: https://github.com/freenet/fred/pull/404 This
> has the potential of reducing the CPU load for fast nodes and for WoT a
> lot.
>
> The healing size increase to 250MiB should increase the lifetime of
> large files a lot. Healing just didn’t work well for bigger files,
> because the limit was too low (it healed at most 16MiB, so many files
> bigger than 32MiB could not be healed fully by one access).
>
> (Also there are already two CSS improvements — and one more CSS
> improvement and a dark theme to file as PR in my TODO list; I’ll try to
> file them soon!)
>
>
> But there are a lot more pull-requests that still need review. They
> include the new firsttime wizard by redwerk (I finally managed to add
> the needed dependency tracking), work on bookmarks, announcement fixes
> and an improvement to the m3u-player (skip to the next track if a
> download failed, so you can keep it running like radio).
>
> So if you can make some time, please have a look at one of the pull
> requests that is not yet marked as readyToBeMerged:
> https://github.com/freenet/fred/pulls
>
>
> Thank you for your interest in Freenet!
>
>
> Best wishes,
> Arne


-- 
Unpolitisch sein
heißt politisch sein,
ohne es zu merken.
draketo.de


signature.asc
Description: PGP signature

Reviews needed for Freenet 1494

[Dr. Arne Babenhauserheide]

Hi,


We have pretty cool changes in the pipeline for 1495, but several of
those still need reviews.


The following changes are already ready to be merged and need no further
review:
https://github.com/freenet/fred/pulls?q=is%3Apr+is%3Aopen+label%3AreadyToBeMerged

I’m especially happy that I finally got to resolve the conflicts in
Eleriseth pending keys: https://github.com/freenet/fred/pull/404 This
has the potential of reducing the CPU load for fast nodes and for WoT a
lot.

The healing size increase to 250MiB should increase the lifetime of
large files a lot. Healing just didn’t work well for bigger files,
because the limit was too low (it healed at most 16MiB, so many files
bigger than 32MiB could not be healed fully by one access).

(Also there are already two CSS improvements — and one more CSS
improvement and a dark theme to file as PR in my TODO list; I’ll try to
file them soon!)


But there are a lot more pull-requests that still need review. They
include the new firsttime wizard by redwerk (I finally managed to add
the needed dependency tracking), work on bookmarks, announcement fixes
and an improvement to the m3u-player (skip to the next track if a
download failed, so you can keep it running like radio).

So if you can make some time, please have a look at one of the pull
requests that is not yet marked as readyToBeMerged:
https://github.com/freenet/fred/pulls


Thank you for your interest in Freenet!


Best wishes,
Arne
-- 
Unpolitisch sein
heißt politisch sein,
ohne es zu merken.
draketo.de


signature.asc
Description: PGP signature

infocalypse: version control over Freenet mostly works again with Python 3

[Dr. Arne Babenhauserheide]

Hi,


infocalypse is the awesome code-over-freenet tool created by djk 
and turned into an actual social coding tool by Steve (operhiem1), but
it has been broken in Python 3 for many years.

Last weekend I bit the bullet and spent a day (well, an evening, a night,
and a day) to get the minimal roundtrip working again: clone your code
to Freenet, clone back to the local computer, commit, and push it back.
It was lots of annoying string-to-byte and byte-to-string handling, but
it got into a minimally working state!

Then Debora took it up and fixed fn-setup which creates your local
infocalypse environment (I still had mine around so I didn’t hit that
while testing) and sent a bundle with the changes over FMS. Thank you!

Infocalypse is not yet fixed completely, but its core workflow is
operational. (with WoT and without WoT)


We have a working code-over-freenet system again!


If you want to try it, first install:
- Mercurial https://www.mercurial-scm.org
- pyFreenet3 (pip3 install --user pyFreenet3)

Then get infocalypse and set it up:
hg clone hg.sr.ht/~arnebab/infocalypse ~/infocalypse
hg -R ~/infocalypse update py3
echo "[extensions]
infocalypse = ~/infocalypse/infocalypse
" >> ~/.hgrc


Then try the roundtrip:

# variables for the run, choose a WoT ID of your own
export WOT_ID=ArneBab
export UUID=$(uuidgen);

# create a new repository
rm -r /tmp/infocalypse-*
hg init /tmp/infocalypse-revived
cd /tmp/infocalypse-revived
echo "Follow the white rabbit" > looking-glass.txt
hg ci -Am "infocalypse"

# clone to Freenet and get it back
hg clone . freenet:${WOT_ID}/infocalypse-revived-$UUID
hg clone freenet:${WOT_ID}/infocalypse-revived-$UUID 
/tmp/infocalypse-averted

# do a change and push it into Freenet again, this time without WOT
cd /tmp/infocalypse-averted
echo "One pill makes you larger" >> looking-glass.txt
hg ci -m "And one pill makes you small, so you can roundtrip"
hg clone . USK@/infocalypse-averted


I’m really happy that infocalypse works again!

This gets us one step closer to self-sufficient development: Freenet
development could now be done by a group of pseudonymous people. We can
already release updates when all our centralized infrastructure is down
(if we decide to ship the old windows installer and let Windows boxes
update over Freenet; Microsoft requires centralized signing), now we can
actually do development over Freenet again.

We don’t yet know whether it will work with larger repositories like
fred (it used to, but back then the network was 3 times larger), and
we’ll have to check and possibly fix hg fn-reinsert so all contributors
can keep the repository working, but we finally have that in place
again.


A foundation of real information freedom in the internet — safe against
censorship by threat and by harassment and by flooding with noise.


Imagine a group of hackers living in remote or citybound meshnets,
connecting with solar-powered nodes to their friends while using their
pseudonymous developer IDs to check on pull-requests and merge their
work until they have a release they can insert to auto-update.

Known to the community for the good work they have been doing on Freenet
in the past, an unbound focus of Freenet development.


Best wishes,
Arne
-- 
Unpolitisch sein
heißt politisch sein,
ohne es zu merken.
draketo.de


signature.asc
Description: PGP signature

Freenet 1494 released: streaming, config, security, windows, debian, tooling

[Dr. Arne Babenhauserheide]

Dear Freenauts,


Freenet 0.7.5 build 1494 is now available.
https://freenetproject.org/pages/download.html


(read this announcement on the website:
https://freenetproject.org/freenet-build-1494-streaming-config-security-windows-debian.html
 )


This build improves six broad areas:

- streaming on demand,
- configuration,
- security,
- windows installer and tray,
- the debian package, and
- tools.



## Streaming Audio and Video on Demand

Streaming provides improved video and audio:

- Video sizes are more robust when the size changes between subsequent videos.
- Audio tags no longer try to display the overlay.

This finally enables convenient Samizdat Radio.


## Configuration

To help modernize the configuration of existing nodes,
Freenet now shows a user alert once every Freenet update if the datastore is
below 10% of available space with a link to the store size wizard page
to make it easy to increase the store. Thanks to Trivuele!

Also the bandwidth settings now parse the bit suffix correctly
(lowercase b in kbps is bit, not byte).


## Security

Freenet received improvements to security both for friend to friend
mode, for opennet, and to tools for Freesites.

Friend-to-Friend mode now randomizes pitch black defense times
and waits at least 12 hours between pitch black mitigations
to prevent timing attacks.

Opennet is hardened by disabling the write local to datastore
functionality when opennet is enabled; it can be useful on a
small darknet, but on opennet it makes it easier to find downloaders.
Thanks to Trivuele!

Also a FOAF mitigation was fixed. It wasn't operational before,
because it lacked a conversion to percent. Thanks to
freedom-of-depression!

The /imagecreator/ tool, among other changes, now ensures
that requested image sizes are sane — thanks to Oleh from Redwerk

Finally it’s now easier to build fred without network access. Thanks
to Trivuele!


## Bugfixes

In addition to these improvements, bugs got fixed:

- fix build with modern Java: add opens jvmargs on java 17.
- remove Frost on ChatForumsToadlet from non-updated translations
  (removed 2019 from the original english).
- fix parts of the German translation.
- Do not store blocks in the cache, if they are eligible for the store
  (should increase usable cache size). Thanks to Trivuele!



## Windows Installer and Tray

The windows installer and tray application much more robust detection
of the installed Java — thanks to naejadu.

The windows installer and the tray application now detect Java on your
path, and the installer only prompts installing Java if there is none
yet. The installer also installs a clean adoptium Java 11, almost
halving the installer size.

And the tray toggles additional arguments depending on your Java
version to keep Freenet working when Java is updated to version 16 or
later.


## Debian Package

Thanks to DC*, who also ported Freenet [to Android][android-package],
There is finally a Debian package available. It still needs testing.

If you run Debian or a distribution based on Debian, or can help get the 
package included in Debian, please heed the
[call for beta-testers][debian-package-beta-test]!

$ curl -s
https://packagecloud.io/install/repositories/desyncr/freenet/script.deb.sh
| sudo bash
$ apt install freenet

(maybe read the script before you directly execute it like this)

The debian package accompanies our existing 
[Gentoo-package](https://gitweb.gentoo.org/repo/gentoo.git/tree/net-p2p/freenet)
 which spearheaded packaging completely from source, and the [Arch aur 
package](https://aur.archlinux.org/packages/freenet).


## Tools: media-site and freenetbrowser

Two new tools simplify publishing media in Freenet and using freenet
with stronger protections.

- Generate Media Site is a utility to create sites with streaming media on 
demand.
  https://github.com/freenet/generate-media-site/
- freenetbrowser auto-generates a separate browser-profile on GNU/Linux
  and can install a Freenet node with randomized IP and Port, preventing
  port detection (for example by unsafe local services).
  https://github.com/freenet/browser

After installing `freenetbrowser` (see the README), you can visit the example 
page for generate media site with:

freenetbrowser --install 
USK@rQnuHCVpf7BHcsZHBt911K3-iaELN1u1Vg0fzxDRq7k,I1vFYWONhGfECHr9XD-1lKxxstr64rF4dTykcMq9swY,AQACAAE/gms/6/

This provides a simple streaming setup and a handler for Freenet URIs.


A big thank you to all contributors and reviewers
for getting this release in shape!

And thank you for using Freenet!


## Contribute

If you want to help us get better, please chat with us in https://web.libera.chat/?nick=FollowRabbit|?#freenet" id="chatlink" 
class="btn button-custom btn-custom-two">#freenet @ irc.libera.chat. And 
give us time to answer, we’re all volunteers and might not be in your timezone.

To get into development right-away, have a look at one of the 

Freenet 1494-pre1 testing release

[Dr. Arne Babenhauserheide]

Hi,


I just created a testing release for 1494:
https://github.com/freenet/fred/releases/tag/build01494-pre1


changes:

- Show a user alert (once every Freenet update) if the datastore is
  below 10% of available space with a link to the store size wizard page
  to make it easy to increase the store — thanks to Trivuele

- Do not store blocks in the cache, if they are eligible for the store
  (should increase usable cache size) — thanks to Trivuele

- m3u-player: more robust sizes, do not use overlay for audio. This
  finally enables convenient Samizdat Radio

- randomize pitch black defense times and wait at least 12 hours
  between pitch black mitigations to prevent timing attacks

- bandwidth settings: parse bit suffix correctly

- improve /imagecreator/ — thanks to Oleh from Redwerk

- Disable write local to datastore functionality when opennet is
  enabled; it can be useful on a small darknet, but on opennet it
  makes it easier to find downloaders. — thanks to Trivuele

- make it easier to build fred without network access — thanks to Trivuele

- fix build with modern Java: add opens jvmargs on java 17

- fix: a FOAF mitigation wasn’t operational, because it lacked a
  conversion to percent. — thanks to freedom-of-depression

- remove Frost on ChatForumsToadlet from non-updated translations
  (removed 2019 from the original english)

- fix parts of the German translation


This also includes the new Windows installer (thanks to naejadu) that
should now recognize an already installed Java.

Note that the Freenet installer now needs Java 10 or higher. If no Java
is found, it provides Adoptium OpenJDK 11. Also thanks to using the new
Adoptium the size is below 100MiB again.


Best wishes,
AB


signature.asc
Description: PGP signature

Please test the new Windows Installer

[Dr. Arne Babenhauserheide]

Hi,

If you run Windows, could you try the new Freenet installer with the
wintray-improvements from naejadu?

- Does it install Freenet correctly?
- Does in install Java?
- Does the tray detect an existing or newly installed Java?

https://github.com/freenet/wininstaller-innosetup/releases/download/build01493-new-installer-test-2/FreenetInstaller-1493-new-installer-2.exe

Sources and changes: https://github.com/freenet/wintray/commits/master

Best wishes,
Arne


"Dr. Arne Babenhauserheide"  writes:

> [[PGP Signed Part:Good signature from DCCF0DB30BC10548 Arne Babenhauserheide 
> (Physikliebhaber, Hobbysänger und Ideenspringquell)  (trust 
> ultimate) created at 2022-06-12T01:20:19+0200 using RSA
> Good signature from 13EF8D452403C3EB Arne Babenhauserheide (Drak) 
>  (trust ultimate) created at 2022-06-12T01:20:19+0200 using 
> RSA]]
> Hi,
>
>
> There is already a pretty nice collection of changes in the pipeline for
> 1494 (see https://github.com/freenet/fred/pulls ), but four of the
> pull-requests still need a review to be able to release:
>
>
> - randomize pitch black defense times
>   https://github.com/freenet/fred/pull/747
>   (this one is important for the long-term viability of Freenet!)
>
> - m3u-player: more robust sizes, do not use overlay for audio.
>   https://github.com/freenet/fred/pull/768
>   (this enables *convenient* samizdat radio on Freesites!)
>
> - add opens jvmargs when building on java 17
>   https://github.com/freenet/fred/pull/769
>   (important to have an easier start for new contributors)
>
> - remove old unconditional logging line
>   https://github.com/freenet/fred/pull/770
>   (that’s a simple cleanup)
>
>
> Please look into them — I cannot review them myself, because I added
> them, and we need at least four eyes on every change for basic safety.
>
>
> Also if you have some knowledge about our RequestStarter logic, please
> have a look at https://github.com/freenet/fred/pull/777/files
>
> According to Trivuele that improves throttling of local requests
> significantly, because the existing logic was pretty inconsistent over
> time, but I don’t understand the old logic well enough to see whether
> the old behavior was a bug or whether there was a point to it.
>
>
> Best wishes,
> Arne


-- 
Unpolitisch sein
heißt politisch sein,
ohne es zu merken.
draketo.de


signature.asc
Description: PGP signature

Reviews needed for Freenet 1494

[Dr. Arne Babenhauserheide]

Hi,


There is already a pretty nice collection of changes in the pipeline for
1494 (see https://github.com/freenet/fred/pulls ), but four of the
pull-requests still need a review to be able to release:


- randomize pitch black defense times
  https://github.com/freenet/fred/pull/747
  (this one is important for the long-term viability of Freenet!)

- m3u-player: more robust sizes, do not use overlay for audio.
  https://github.com/freenet/fred/pull/768
  (this enables *convenient* samizdat radio on Freesites!)

- add opens jvmargs when building on java 17
  https://github.com/freenet/fred/pull/769
  (important to have an easier start for new contributors)

- remove old unconditional logging line
  https://github.com/freenet/fred/pull/770
  (that’s a simple cleanup)


Please look into them — I cannot review them myself, because I added
them, and we need at least four eyes on every change for basic safety.


Also if you have some knowledge about our RequestStarter logic, please
have a look at https://github.com/freenet/fred/pull/777/files

According to Trivuele that improves throttling of local requests
significantly, because the existing logic was pretty inconsistent over
time, but I don’t understand the old logic well enough to see whether
the old behavior was a bug or whether there was a point to it.


Best wishes,
Arne
-- 
Unpolitisch sein
heißt politisch sein,
ohne es zu merken.
draketo.de


signature.asc
Description: PGP signature

Re: little RFC: Limiting who receives local requests

[Dr. Arne Babenhauserheide]

"Dr. Arne Babenhauserheide"  writes:
> An unintended effect could be that local requests get sent mostly to
> nodes with a similar location, because these will be found again when
> connecting the next time. That would increase the average hops to
> content by one hop.

I see a way to use this to find out exactly whether a given node is the
originator: When you see suspicious requests with a long-lived node,
connect to the target with a short-lived node. If the short-lived node
receives none of the suspicious requests, you know *without a doubt* that
the target is the originator.

Best wishes,
Arne
-- 
Unpolitisch sein
heißt politisch sein,
ohne es zu merken.
draketo.de


signature.asc
Description: PGP signature

Re: little RFC: Limiting who receives local requests

[Dr. Arne Babenhauserheide]

Added discussion from FMS:

glenn@Oqb95agYHNenFlHLfHed92ZLbRRs0O4xHihnsmnIDQs wrote :
> What's the threat we are most worried about?

The biggest threat about requests in opennet is connecting to all nodes and 
spying on their requests.

But the actual biggest threat is finding uploaders.

> It's plausible that it offers some protection against a small number of nodes 
> trying to monitor a large portion of the network.
> 
> As I said in a previous post: If the attackers doesn't rely on location 
> hopping and just runs many nodes it might increase the chance of sending 
> local requests to the attackers.

Yes, that’s what I’m worried about.

> Can we estimate how long it takes to become a top 50% node on average? Hours? 
> Days? Months?

For an established node, old nodes in the vicinity will keep a higher
score. Even nodes with only 2h uptime per day will build up a high score
over time and a new node will need about 10% of the time the other nodes
have been active.

An unintended effect could be that local requests get sent mostly to
nodes with a similar location, because these will be found again when
connecting the next time. That would increase the average hops to
content by one hop.

Best wishes,
Arne
-- 
Unpolitisch sein
heißt politisch sein,
ohne es zu merken.
draketo.de


signature.asc
Description: PGP signature

Re: little RFC: Limiting who receives local requests

[Dr. Arne Babenhauserheide]

"Dr. Arne Babenhauserheide"  writes:
> - New nodes in the network will not receive any local requests, so they
>   will only route half as many HTL18 requests. A new node will therefore
>   have not only half the anonymity set against an attacker, but also
>   only half the cover traffic.

Also the HTL18 requests that new nodes do receive will be more specific
to their location, so they might be distinguishable from their local
requests.

Thoughts:

- Initial random routing could solve that problem (see
  https://github.com/freenet/fred/pull/529 ), but initial random routing
  actually makes correlation attacks easier, because it removes the
  requirement to know the FOAFs to do the statistics. Knowing all the
  CHKs for a given file would be a more powerful attack.

- Reducing the probability to decrement HTL18 could increase the cover
  traffic again — 75% to forward HTL18 unchanged would balance this
  change. To avoid increasing the average distance from senders, that
  might require reducing
  Node.canWriteDatastoreRequest to maxHTL - 1,
  and
  Node.canWriteDatastoreInsert to maxHTL - 2.

- The impact is limited, because our peers route by our FOAFs, and since
  we’re most likely already close to their location.


Best wishes,
Arne
-- 
Unpolitisch sein
heißt politisch sein,
ohne es zu merken.
draketo.de


signature.asc
Description: PGP signature

little RFC: Limiting who receives local requests

[Dr. Arne Babenhauserheide]

Hi,


I’d like to start a discussion on the local request protections by
Trivuele: https://github.com/freenet/fred/pull/778 — please comment.

I’ve been reviewing the patches by Trivuele, and I really like the idea
of limiting who receives local requests.


At the same time I’m worried, though. I see two dangers:

- We have less peers we send those requests to, so high-speed nodes that
  actually respond to requests get better statistics. They will get a
  bit less than twice as many local requests than they would get
  otherwise.

- New nodes in the network will not receive any local requests, so they
  will only route half as many HTL18 requests. A new node will therefore
  have not only half the anonymity set against an attacker, but also
  only half the cover traffic.


Also this further centralizes routing on a core of very fast nodes.


The advantage is that this change disarms the attack of regularly
changing the opennet location to do superficial surveillance of many
nodes. You then need to provide actual long-lived high bandwidth nodes
to do any kind of surveillance against local requests.


Please comment what you think. Do we need additional protections for new
nodes?


Best wishes,
Arne
-- 
Unpolitisch sein
heißt politisch sein,
ohne es zu merken.
draketo.de


signature.asc
Description: PGP signature

After the release is before the release — Freenet reviews :-)

[Dr. Arne Babenhauserheide]

Hi,

Now that 1493 is out, we already have new pull-requests that hope for
your reviews!

There are build fixes, m3u-player improvements, translation updates,
config improvements and (IMHO most critical) a privacy improvement for
darknet: https://github.com/freenet/fred/pull/747

Please come and check the pulls! https://github.com/freenet/fred/pulls

(to have some ensurance that the code isn’t corrupted, I cannot review
stuff I added myself; please chime in!)

Still open (with more work and reviews needed) is parsing the forwarded
header *correctly* for m3u, so radio over Freenet works when you connect
to your Freenet node via a proxy:
https://github.com/freenet/fred/pull/716

Best wishes,
Arne
-- 
Unpolitisch sein
heißt politisch sein,
ohne es zu merken.
draketo.de


signature.asc
Description: PGP signature

Re: Please help doing the three more checks required for releasing 1493!

[Dr. Arne Babenhauserheide]

"Dr. Arne Babenhauserheide"  writes:
>>>> 1. [X] auto update on windows  — thanks David and brick! ✓
>>>> 2. [X] auto update on GNU/Linux — thanks to Nicole Jones! ✓
>>>> 3. [X] installer on windows — thanks to HornyCow! ✓
>>>> 4. [X] installer on GNU/Linux  — thanks David! ✓

Thanks to Nicole Jones from Sone it’s all tested now!

Thank you! Proceeding to release.

Best wishes,
Arne
-- 
Unpolitisch sein
heißt politisch sein,
ohne es zu merken.
draketo.de


signature.asc
Description: PGP signature

Re: Please help doing the three more checks required for releasing 1493!

[Dr. Arne Babenhauserheide]

"David Dernoncourt"  writes:

>>> 1. [ ] auto update on windows
>
> I tested auto-update on one of my Windows nodes (with Java 11) and it 
> successfully auto-updated to 1493.

Thank you!

With your report we’re just one check away from releasing:

>>> 1. [X] auto update on windows  — thanks David! ✓
>>> 2. [ ] auto update on GNU/Linux
>>> 3. [X] installer on windows — thanks to HornyCow! ✓
>>> 4. [X] installer on GNU/Linux  — thanks David! ✓

> Another of my Windows nodes, running 1492 and on which I didn't touch
> the update key, received an update notice too: was the update released
> already? (this node is on manual update and I didn't apply it yet)

Did it update?

If you have a darknet connection between them, it will get the
information that a new version is available, but should not accept it,
because the update keys do not match.

Best wishes,
Arne
-- 
Unpolitisch sein
heißt politisch sein,
ohne es zu merken.
draketo.de


signature.asc
Description: PGP signature

Please help doing the three more checks required for releasing 1493!

[Dr. Arne Babenhauserheide]

Hi,


after fixing a bug that turned up in testing (wrong CHK in
dependencies.properties that got aborted because it did not match the
correct sha256 — I’m glad we double-check!), we need *three more tests*
not done by me to be able to finally push 1493 to the website and to
auto-update (because you seriously don’t want me to be the only one who
tests this).


Please help get the release out!


Required tests:

> 1. [ ] auto update on windows
> 2. [ ] auto update on GNU/Linux
> 3. [ ] installer on windows
> 4. [X] installer on GNU/Linux  — thanks David! ✓


Practically this means:

1. If you have a windows node, go to
   http://127.0.0.1:/config/node.updater?fproxyAdvancedMode=2
   then put the new testing key into the field that says
   "Where should Freenet look for updates?"
   
USK@BrNh~RNzsl3zQueAH0Ed8bgF88kZHa4AH64RNKjsCU4,~hvYp2qtiUUXk4r2AuwMbiNvLiBcPhl9Nt4lsrvaYn8,AQACAAE/jar/1492
   Then restart your node.
   It should update to 1493. Please report if you run into trouble!
   Also please report if it works!

2. Do the same on GNU/Linux. Yes, I did it, but if I’m the only one who
   does it, how should you trust Freenet to actually work?

3. Download the installer on Windows, run it, start the installed
   Freenet, and report errors you see — or that it works.
   The installer:
   
CHK@07dc2TkhlpuQBJV2WEK1z2SAycEiv07zbtZC9A4keQs,34RYMOAnxxIkGAyLIfC8qNoSNuZpPRjWtvS68aZ5rbQ,AAMC--8/FreenetInstaller-1493.exe
   or
   
https://github.com/freenet/fred/releases/download/build01493/FreenetInstaller-1493.exe


Once these three checks are done (and worked), I can finally push the
update.


… and once I pushed it, please run verify-build to ensure that what I
released is actually what’s in the sources!

- https://github.com/freenet/scripts/blob/master/verify-build


Let’s get this release out together!


Best wishes,
Arne
-- 
Unpolitisch sein
heißt politisch sein,
ohne es zu merken.
draketo.de


signature.asc
Description: PGP signature

Re: New test-release for 1493, with new testing key

[Dr. Arne Babenhauserheide]

"David Dernoncourt"  writes:
> I installed successfully on Linux with Java 17.
…
> Thanks for all the continued work :)

Thank you for testing!

Three more tests needed to be able to release:

>> - [ ] auto update on windows
>> - [ ] auto update on GNU/Linux
>> - [ ] installer on windows
>> - [X] installer on GNU/Linux ✓

> Default datastore size was 100 GiB indeed. On a side note, it would be
> great to be able to define a custom value without having to live-edit
> the page with web dev tools, like it is possible for bandwidth
> settings.

Patches / Pull requests welcome (this is not hard, but takes a while to 
realize).

The code is here: 
https://github.com/freenet/fred/blob/next/src/freenet/clients/http/wizardsteps/DATASTORE_SIZE.java#L61

Bandwidth settings as example are here: 
https://github.com/freenet/fred/blob/next/src/freenet/clients/http/wizardsteps/BANDWIDTH_RATE.java#L95

Best wishes,
Arne
-- 
Unpolitisch sein
heißt politisch sein,
ohne es zu merken.
draketo.de


signature.asc
Description: PGP signature

Re: New test-release for 1493, with new testing key

[Dr. Arne Babenhauserheide]

Steve Dougherty  writes:

> --- Original Message ---
> On Saturday, April 2nd, 2022 at 7:09 PM, Dr. Arne Bab.  
> wrote:
> ...
>> -- Draft for Announcement --
>>
>> Freenet 0.7.5 build 1493 is now available. [overview]
>
> I'd suggest removing "[overview]". When I wrote the template I
> intended it as a placeholder, not a section header.

Fixed — thank you :-)

(when standing on the shoulders of giants it’s really useful to have
them still around to ask „am I using this right?“ :-)

>> This build provides four core improvements:
>
> Nice! This release looks like a good collection of changes. :)

Thank you!

>> now provides all the tools for selfpublishing, not only in the
>
> I'd suggest "self-publishing"

fixed - thanks!

>> transifex updated enough of the the German, Persian, Finnish,
>
> Is it worth capitalizing Transifex? It seems to be how they style it 
> themselves.

You’re right. The important point about our translators is not that they
use transifex, but that they volunteer translating Freenet.

> I don't notice anything else I'd suggest changing in this
> announcement. Thanks for getting this release together!

Thank you for checking it!

> - Steve

Best wishes,
Arne
-- 
Unpolitisch sein
heißt politisch sein,
ohne es zu merken.
draketo.de


signature.asc
Description: PGP signature

One more Review needed for 1493

[Dr. Arne Babenhauserheide]

Hi,

I found and fixed a bug for the wrapper on ppc-64bit. So we have one
final pull-request to review, then we can do the release:

https://github.com/freenet/fred/pull/765

It would be cool to be able to start the builds for the release today!

Best wishes,
Arne

"Dr. Arne Babenhauserheide"  writes:

> [[PGP Signed Part:Good signature from DCCF0DB30BC10548 Arne Babenhauserheide 
> (Physikliebhaber, Hobbysänger und Ideenspringquell)  (trust 
> ultimate) created at 2022-03-29T12:30:48+0200 using RSA
> Good signature from 13EF8D452403C3EB Arne Babenhauserheide (Drak) 
>  (trust ultimate) created at 2022-03-29T12:30:48+0200 using 
> RSA]]
> Hello Nicolas,
>
> thank you for your answer! Updating existing nodes will not change these
> values, it’s only the defaults from the installer that change.
>
> You can do these changes directly in the wrapper.conf (for the thread
> stack size) or in the node config interface (for thread limit and memory).
>
> Best wishes,
> Arne
>
> Nicolas Hernandez  writes:
>
>> Hello,
>>
>> I have manually updated freenet.jar on an existing node.
>>
>> Nicolas
>>
>> Envoyé depuis ProtonMail mobile
>>
>>  Message d'origine 
>> Le 28 mars 2022, 22:18, Dr. Arne Babenhauserheide < arne_...@web.de > a 
>> écrit :
>>
>>  Hi, Nicolas Hernandez writes: > after testing the 1493-testing, the Thread 
>> limit is still 500 instead of 1000 > > "- increased default thread limit 
>> (1000)" >
>>  
>> CHK@Jlh-K8PFstROc5XMj6sWukKLP4cnHO5yX86jo6lqpVQ,aWxZGDO1OZlGnPxByz5i~Ws39s~qjgeWkC7Vd4v9D-Y,AAMC--8/threadlimit.png
>> Thank you for testing! Did you run the installer, or did you update
>> the existing
>>  node? I now fixed up the NEWS entry so it makes it clear that this
>> is for newly installed nodes. It only does strictly necessary
>> changes in wrapper.conf, because that’s critical: If we break
>> wrapper.conf, the node does
>>  not start anymore. Best wishes, Arne -- Unpolitisch sein heißt politisch 
>> sein, ohne es zu merken. draketo.de


-- 
Unpolitisch sein
heißt politisch sein,
ohne es zu merken.
draketo.de


signature.asc
Description: PGP signature

Re: Reviews needed for 1493

[Dr. Arne Babenhauserheide]

Hello Nicolas,

thank you for your answer! Updating existing nodes will not change these
values, it’s only the defaults from the installer that change.

You can do these changes directly in the wrapper.conf (for the thread
stack size) or in the node config interface (for thread limit and memory).

Best wishes,
Arne

Nicolas Hernandez  writes:

> Hello,
>
> I have manually updated freenet.jar on an existing node.
>
> Nicolas
>
> Envoyé depuis ProtonMail mobile
>
>  Message d'origine 
> Le 28 mars 2022, 22:18, Dr. Arne Babenhauserheide < arne_...@web.de > a écrit 
> :
>
>  Hi, Nicolas Hernandez writes: > after testing the 1493-testing, the Thread 
> limit is still 500 instead of 1000 > > "- increased default thread limit 
> (1000)" >
>  
> CHK@Jlh-K8PFstROc5XMj6sWukKLP4cnHO5yX86jo6lqpVQ,aWxZGDO1OZlGnPxByz5i~Ws39s~qjgeWkC7Vd4v9D-Y,AAMC--8/threadlimit.png
>  Thank you for testing! Did you run the installer, or did you update the 
> existing
>  node? I now fixed up the NEWS entry so it makes it clear that this is for 
> newly installed nodes. It only does strictly necessary changes in 
> wrapper.conf, because that’s critical: If we break wrapper.conf, the node does
>  not start anymore. Best wishes, Arne -- Unpolitisch sein heißt politisch 
> sein, ohne es zu merken. draketo.de


-- 
Unpolitisch sein
heißt politisch sein,
ohne es zu merken.
draketo.de


signature.asc
Description: PGP signature

Re: Reviews needed for 1493

[Dr. Arne Babenhauserheide]

Hi,

Nicolas Hernandez  writes:

> after testing the 1493-testing, the Thread limit is still 500 instead of 1000
>
> "- increased default thread limit (1000)"
> CHK@Jlh-K8PFstROc5XMj6sWukKLP4cnHO5yX86jo6lqpVQ,aWxZGDO1OZlGnPxByz5i~Ws39s~qjgeWkC7Vd4v9D-Y,AAMC--8/threadlimit.png

Thank you for testing!

Did you run the installer, or did you update the existing node?

I now fixed up the NEWS entry so it makes it clear that this is for
newly installed nodes. It only does strictly necessary changes in
wrapper.conf, because that’s critical: If we break wrapper.conf, the
node does not start anymore.

Best wishes,
Arne
-- 
Unpolitisch sein
heißt politisch sein,
ohne es zu merken.
draketo.de


signature.asc
Description: PGP signature

Re: Freenet 1493-pre1 test release

[Dr. Arne Babenhauserheide]

Please report if you find any problems — and also if it works for you!

It would be great to know OS (Windows or Linux), Distro, and Java
version (java -version) on which the installer and/or the update by
stopping the node and copying in freenet.jar works.

Best wishes,
Arne

"Dr. Arne Babenhauserheide"  writes:

> [[PGP Signed Part:Good signature from DCCF0DB30BC10548 Arne Babenhauserheide 
> (Physikliebhaber, Hobbysänger und Ideenspringquell)  (trust 
> ultimate) created at 2022-03-20T21:36:27+0100 using RSA
> Good signature from 13EF8D452403C3EB Arne Babenhauserheide (Drak) 
>  (trust ultimate) created at 2022-03-20T21:36:27+0100 using 
> RSA]]
> Hi,
>
> I just created the first pre-release for 1493:
> https://github.com/freenet/fred/releases/tag/build01493-pre1
>
> Please test the installers and please test whether the
> freenet-testing-build-1493-pre1.jar works as a drop-in replacement for
> freenet.jar freenet.jar.new and freenet-stable-latest.jar
>
> This will become 1493 if no major problems are found.
>
>
> Changes include:
>
>
> - The installer requires Java 9+ now — except on 32bit Windows that has
>   no Java version higher than 8.
> - Add the required module opens for Java 17 to wrapper.conf
> - Java 17 support of the installer
> - Update the wrapper files in dependencies.properties to 3.5.30
>   This change sets a consistent wrapper-version for Windows, *Nix, and
>   also OSX, thanks to operhiem1 for the review!
>
> - Update default bookmarks: Replace inactive indexes, add Shoeshop,
>   show active sites first. Thanks to AC4BB21B for the review!
>
> - Pseudonymous people found found a bug in our splitfile inserter that
>   TheSeeker tracked down to its source. It threw an exception if the
>   checksum was exactly [0,0,0,0], thanks to operhiem1 for the review!
>
> - Fix FreenetURI intern() to not forget edition of USK — thanks to
>   debbiedub for new nodes where UPnP does not give the speed.
>
> - Replace Pointer.SIZE with Native.POINTER_SIZE for JNA 5.x — thanks
>   to Leo3418 and Bombe!
>
> - more resilient noderef parsing for easier friend-to-friend connections
>   try replacing spaces by newlines in noderefs when parsing fails
> - Accept FreenetURI in add peer field; only try regular url on failure
>   — thanks to desyncr for the review!
>
> - Add warning about surveillance through voice recognition tech in the
>   wizard.
>
> - fix peer scaling for very fast peers: 
>   Very fast nodes have more peers to fix a conceptual mistake
>   (did not take the aggregated bandwidth limit of the peers into account). 
>   Thanks to TheSeeker for the review!
> - increase default datastore size to 100GiB, because SSDs are much
>   faster today.
> - Increase default bandwidth to 32KiB/s. This should improve
>   performance, thanks to operhiem1 for the review!
> - Set standard thread limit to 1000.
> - decreased default thread stack size for reduced memory usage
>   (512KiB).
>
> - add output of filtered file to the OggFilterTest to ease tracking down
>   bugs — especially http://freenet.mantishub.io//view.php?id=7163
>   (the bug has example files — correct and broken).
>   
>
>
> 1493 roadmap:
>
> - One week of testing the pre-release
> - A release to a testing key next weekend
> - Insert to the real update key on saturday 2022-04-02.
>
>
> If you want to fetch the release-files from Freenet:
>
> CHK@E1O3EIM6bu8h3xmpyy5l6lsF3nT-YN2~YNBBqR-w4cM,g4b9nYtwp7qgYjkBH1-SCOtG1uITduI~KJFWCR-qSC4,AAMC--8/FreenetInstaller-1493-pre1.exe
>
> CHK@mFMgVT0GsijDjs~AIiXL18AM7N7ILzMWtZ0svVWCCFk,lch1ng1oNtWw-mCFtSR5r1NXEBnMndLj4-p97j65i50,AAMC--8/FreenetInstaller-1493-pre1.exe.sig
>
> CHK@ZyWQ~~K8U0UdLCaExo1tu8nBtbKZDQChpMVKegDVCtQ,B0bFCRBJ9MghxdhRYDcjt0vh~WCHUXHC9hZsS2gxO~8,AAMC--8/freenet-testing-build-1493-pre1.jar
>
> CHK@1FLagYTdyBl2scZEDPXNspt83qUTsTQ59HHbl5gpYGQ,-Mibjhdw99LZc4jxR7gEbZKGUBe~kxseiN8LH8lVn0I,AAMC--8/freenet-testing-build-1493-pre1.jar.sha1
>
> CHK@sfc2X88a51E6fFdi9N8iLOr3Cg2WsHJcxFNiW1GjTsw,Dg8aV-DCF8eOAxQswj9OCa2tXhwUAd9spQXpa6G~zhE,AAMC--8/freenet-testing-build-1493-pre1.jar.sig
>
> CHK@0JUB8qp7b1P9oVTHLxDSiV1Te4V2HyWQE6YK-zTY1f0,~ypj-uMF~K6FY0ca7B~kpe6N3pqqOuTMJ6w7jT32440,AAMC--8/freenet-testing-build-1493-pre1-source.tar.bz2
>
> CHK@-hHZa0a~W4ggsYD9D89F3L5b8HmAE4YWhhrqqOeFalg,lS7H3bAJJTpsNMk3b1MM23ve6GUiS4dIZq2y8EVpBAE,AAMC--8/freenet-testing-build-1493-pre1-source.tar.bz2.sha1
>
> CHK@WBtttP9O0VTkfskXRUO~HoSLl4mzEyr6TZXNH8BiTNk,sqiTGQfezdLghSv9Xasy0PVWmVxHYvwS~~BI9SVab5o,AAMC--8/freenet-testing-build-1493-pre1-source.tar.bz2.sig
>
> CHK@aD1wna3gH23OkiZmqlbc~zJ-WXY2GljtwKxGZr1~T8M,IApypqxdDhSew1sfT47z--DCxXtExQsccoLr2eXMUAo,AAMC--8/new_installer_offline_1493-pre1.jar
>
> CHK@RZdNctfKbgK1PpnpsUGnGYAW1

Freenet 1493-pre1 test release

[Dr. Arne Babenhauserheide]

Hi,

I just created the first pre-release for 1493:
https://github.com/freenet/fred/releases/tag/build01493-pre1

Please test the installers and please test whether the
freenet-testing-build-1493-pre1.jar works as a drop-in replacement for
freenet.jar freenet.jar.new and freenet-stable-latest.jar

This will become 1493 if no major problems are found.


Changes include:


- The installer requires Java 9+ now — except on 32bit Windows that has
  no Java version higher than 8.
- Add the required module opens for Java 17 to wrapper.conf
- Java 17 support of the installer
- Update the wrapper files in dependencies.properties to 3.5.30
  This change sets a consistent wrapper-version for Windows, *Nix, and
  also OSX, thanks to operhiem1 for the review!

- Update default bookmarks: Replace inactive indexes, add Shoeshop,
  show active sites first. Thanks to AC4BB21B for the review!

- Pseudonymous people found found a bug in our splitfile inserter that
  TheSeeker tracked down to its source. It threw an exception if the
  checksum was exactly [0,0,0,0], thanks to operhiem1 for the review!

- Fix FreenetURI intern() to not forget edition of USK — thanks to
  debbiedub for new nodes where UPnP does not give the speed.

- Replace Pointer.SIZE with Native.POINTER_SIZE for JNA 5.x — thanks
  to Leo3418 and Bombe!

- more resilient noderef parsing for easier friend-to-friend connections
  try replacing spaces by newlines in noderefs when parsing fails
- Accept FreenetURI in add peer field; only try regular url on failure
  — thanks to desyncr for the review!

- Add warning about surveillance through voice recognition tech in the
  wizard.

- fix peer scaling for very fast peers: 
  Very fast nodes have more peers to fix a conceptual mistake
  (did not take the aggregated bandwidth limit of the peers into account). 
  Thanks to TheSeeker for the review!
- increase default datastore size to 100GiB, because SSDs are much
  faster today.
- Increase default bandwidth to 32KiB/s. This should improve
  performance, thanks to operhiem1 for the review!
- Set standard thread limit to 1000.
- decreased default thread stack size for reduced memory usage
  (512KiB).

- add output of filtered file to the OggFilterTest to ease tracking down
  bugs — especially http://freenet.mantishub.io//view.php?id=7163
  (the bug has example files — correct and broken).
  


1493 roadmap:

- One week of testing the pre-release
- A release to a testing key next weekend
- Insert to the real update key on saturday 2022-04-02.


If you want to fetch the release-files from Freenet:

CHK@E1O3EIM6bu8h3xmpyy5l6lsF3nT-YN2~YNBBqR-w4cM,g4b9nYtwp7qgYjkBH1-SCOtG1uITduI~KJFWCR-qSC4,AAMC--8/FreenetInstaller-1493-pre1.exe

CHK@mFMgVT0GsijDjs~AIiXL18AM7N7ILzMWtZ0svVWCCFk,lch1ng1oNtWw-mCFtSR5r1NXEBnMndLj4-p97j65i50,AAMC--8/FreenetInstaller-1493-pre1.exe.sig

CHK@ZyWQ~~K8U0UdLCaExo1tu8nBtbKZDQChpMVKegDVCtQ,B0bFCRBJ9MghxdhRYDcjt0vh~WCHUXHC9hZsS2gxO~8,AAMC--8/freenet-testing-build-1493-pre1.jar

CHK@1FLagYTdyBl2scZEDPXNspt83qUTsTQ59HHbl5gpYGQ,-Mibjhdw99LZc4jxR7gEbZKGUBe~kxseiN8LH8lVn0I,AAMC--8/freenet-testing-build-1493-pre1.jar.sha1

CHK@sfc2X88a51E6fFdi9N8iLOr3Cg2WsHJcxFNiW1GjTsw,Dg8aV-DCF8eOAxQswj9OCa2tXhwUAd9spQXpa6G~zhE,AAMC--8/freenet-testing-build-1493-pre1.jar.sig

CHK@0JUB8qp7b1P9oVTHLxDSiV1Te4V2HyWQE6YK-zTY1f0,~ypj-uMF~K6FY0ca7B~kpe6N3pqqOuTMJ6w7jT32440,AAMC--8/freenet-testing-build-1493-pre1-source.tar.bz2

CHK@-hHZa0a~W4ggsYD9D89F3L5b8HmAE4YWhhrqqOeFalg,lS7H3bAJJTpsNMk3b1MM23ve6GUiS4dIZq2y8EVpBAE,AAMC--8/freenet-testing-build-1493-pre1-source.tar.bz2.sha1

CHK@WBtttP9O0VTkfskXRUO~HoSLl4mzEyr6TZXNH8BiTNk,sqiTGQfezdLghSv9Xasy0PVWmVxHYvwS~~BI9SVab5o,AAMC--8/freenet-testing-build-1493-pre1-source.tar.bz2.sig

CHK@aD1wna3gH23OkiZmqlbc~zJ-WXY2GljtwKxGZr1~T8M,IApypqxdDhSew1sfT47z--DCxXtExQsccoLr2eXMUAo,AAMC--8/new_installer_offline_1493-pre1.jar

CHK@RZdNctfKbgK1PpnpsUGnGYAW1tmFrQ7WAHq9DhMdIsI,~UcCljcowzhAoqq0YAf5DNn~NrUzGoh6LjnDG5v0DVM,AAMC--8/new_installer_offline_1493-pre1.jar.sig


This release contains the Java 17 compatibility fixes, and that requires
changes in the wrapper which are a bit brittle (failing there can cause
Freenet to fail to start), so we need testing in many configurations.

Please give it good testing!


Best wishes,
Arne
-- 
Unpolitisch sein
heißt politisch sein,
ohne es zu merken.
draketo.de


signature.asc
Description: PGP signature

Two more Reviews needed for 1493

[Dr. Arne Babenhauserheide]

Hi,


The fix for the checksum error is reviewed — thank you, Steve!


To finish the compatibility for Java 9+, we need one more review: adding
the newer wrapper files to dependencies.properties (I’m getting closer
to the final steps; there are a lot of small steps to update all the
tooling we have for multiplatform auto-update, and I hope I finally got
it all done):

- https://github.com/freenet/fred/pull/763
  Update the wrapper files in dependencies.properties to 3.5.30
  This change sets a consistent wrapper-version for Windows, *Nix, and
  also OSX.


Also we still need a review for improved safety of the pitch black
mitigation. That may sound daunting, but all that this fix does are
changes to the calculation *when* to run the mitigation:

- randomize pitch black defense times
  https://github.com/freenet/fred/pull/747


All the other needed reviews are done! Thank you!

You can see them with the tag readyToBeMerged on
https://github.com/freenet/fred/pulls


The last step I need to do is to update the seedrefs. After that I can
finally create the test release and push it to a testing key so we can
test it in different setups.


Best wishes,
Arne


"Dr. Arne Babenhauserheide"  writes:

> [[PGP Signed Part:Good signature from DCCF0DB30BC10548 Arne Babenhauserheide 
> (Physikliebhaber, Hobbysänger und Ideenspringquell)  (trust 
> ultimate) created at 2022-03-12T13:19:46+0100 using RSA
> Good signature from 13EF8D452403C3EB Arne Babenhauserheide (Drak) 
>  (trust ultimate) created at 2022-03-12T13:19:46+0100 using 
> RSA]]
> Hi,
>
> TheSeeker found a bug in our splitfile inserter, so we need one more
> review:
>
> - fix: this threw an exception if the checksum was exactly [0,0,0,0]. #762 
>   https://github.com/freenet/fred/pull/762
>
> Update: The following pull-requests have been reviewed now:
>
> - https://github.com/freenet/fred/pull/761 — thank you Steve!
> - https://github.com/freenet/fred/pull/760 — thank you AC4BB21B
> - https://github.com/freenet/fred/pull/759 — thank you Bombe!
>
> The one other pull-request still in need of a review is
>
> - randomize pitch black defense times
>   https://github.com/freenet/fred/pull/759
>
>
> Best wishes,
> Arne


-- 
Unpolitisch sein
heißt politisch sein,
ohne es zu merken.
draketo.de


signature.asc
Description: PGP signature

Re: Reviews needed for 1493

[Dr. Arne Babenhauserheide]

Hi,

TheSeeker found a bug in our splitfile inserter, so we need one more
review:

- fix: this threw an exception if the checksum was exactly [0,0,0,0]. #762 
  https://github.com/freenet/fred/pull/762

Update: The following pull-requests have been reviewed now:

- https://github.com/freenet/fred/pull/761 — thank you Steve!
- https://github.com/freenet/fred/pull/760 — thank you AC4BB21B
- https://github.com/freenet/fred/pull/759 — thank you Bombe!

The one other pull-request still in need of a review is

- randomize pitch black defense times
  https://github.com/freenet/fred/pull/759


Best wishes,
Arne
-- 
Unpolitisch sein
heißt politisch sein,
ohne es zu merken.
draketo.de


signature.asc
Description: PGP signature

Reviews needed for 1493

[Dr. Arne Babenhauserheide]

Hi,


Freenet 1493 is almost in place. To move forward, we need three code
reviews:

- Randomize pitch black defense times.
  https://github.com/freenet/fred/pull/747

- Update default bookmarks: Replace inactive indexes, add Shoeshop, show
  active sites first.
  https://github.com/freenet/fred/pull/760

- Increase default bandwidth to 32KiB/s. This should improve performance
  for new nodes where UPnP does not give the speed.
  https://github.com/freenet/fred/pull/761

It would be great if you could have a look!


Also I’ll need to look into updating the wrapper for Linux, not just for
Windows (where the new version is required; Linux does not need it, but
having different versions would be calling for problems).


Already reviewed is

- Replace Pointer.SIZE with Native.POINTER_SIZE for JNA 5.x
  https://github.com/freenet/fred/pull/759

Thank you, Bombe!


Additional changes are:

- Very fast nodes have more peers to fix a conceptual mistake
- Java 17 support of the installer,
- more resilient noderef parsing for easier friend-to-friend connections,
- increased max datastore size (100GiB)
- increased default thread limit (1000)
- decreased default thread stack size for reduced memory usage (512KiB)


So all in all the new release should improve the new user experience and
increase resilience of the network.


Let’s get Freenet 1493 released!


Best wishes,
Arne

PS: To get an overview of the changes in the past years, see our NEWS file:
https://github.com/freenet/fred/blob/next/NEWS.md
-- 
Unpolitisch sein
heißt politisch sein,
ohne es zu merken.
draketo.de


signature.asc
Description: PGP signature

Re: state of 1493 — and needed pull-requests

[Dr. Arne Babenhauserheide]

"Dr. Arne Babenhauserheide"  writes:

> There are also changes to the wrapper, but
> these are already from 2018 and not by me and I have to find out how and
> where we can push that code (and yes, that must happen before release).

The updated wrapper is built from upstream, wrapper-3.5.30. You can
get it from https://wrapper.tanukisoftware.com/doc/english/versions.jsp
and retrieve the source from from
https://sourceforge.net/p/wrapper/code/HEAD/tree/

There’s also a newer version, but a VM in our build pipeline changed
dependencies that would require more changes, so I’m sticking with the
older build.

Best wishes,
Arne
-- 
Unpolitisch sein
heißt politisch sein,
ohne es zu merken.
draketo.de


signature.asc
Description: PGP signature

state of 1493 — and needed pull-requests

[Dr. Arne Babenhauserheide]

Hi,


The changes to make Freenet work with Java 16 and 17 on Windows are
finally in (not yet perfect, but functional on my test VM¹), so we’re
back on track for 1493 now.


There are three pull-requests that still need review for release, though:

- randomize pitch black defense times
  https://github.com/freenet/fred/pull/747
  this removes a possible leak of the startup time,
  found by nextgens
- Update default bookmarks for 1493
  https://github.com/freenet/fred/pull/760
  Add Index Clean Spider.
  Remove dead indexes. They cause people to think that there is nothing
  new, and they are available via jFniki.Index
  (sidenote: it would be great if someone could step up with contact
   on FMS or Sone to maintain jFniki.Index)
  Add Sharesite Documentation freesite
  Add Shoeshop and FLIP (both are essential power-tools that were
   totally undiscoverable for new users)
- Increase upload bandwidth fallback if none detected to 32KiB/s
  https://github.com/freenet/fred/pull/761
  because it’s no longer 2011 — even mobile phones are much faster nowadays.
  32KiB/s are 10 peers, so this should give good performance even if
  UPnP fails. 16KiB/s were only 7 peers, which gives a sluggish Freenet 
experience.


Also please check the changes in wininstaller-innosetup and wintray and
call out anything strange! I’m pushing there directly. Please do keep a
sharp eye on what I commit. There are also changes to the wrapper, but
these are already from 2018 and not by me and I have to find out how and
where we can push that code (and yes, that must happen before release).
And please DO NOT TRUST ME. Please check what I do.

- https://github.com/freenet/wininstaller-innosetup/
- https://github.com/freenet/wintray


¹: a changed innosetup (installs java 10 on windows 64 now), and a
   change to the wrapper (thanks to operhiem1 and nextgens who already
   fixed that it 2018, it just wasn’t in the installer), and a change to
   the wintray so it recognizes that Java 9+ is OK. The only problem
   that remains is that signing the FreenetTray does not work, so this
   will need testing whether that creates problems on a real windows
   (instead of a testing VM). I did not expect the adjustment to the
   changes to the registry in modern Java to take that long.


Best wishes,
Arne

PS: The censorship surrounding the war in Ukraine convinced even the BBC
that communication over darknet is important. With Shoeshop now
visible in the default bookmarks, Freenet provides a level of
independence from establishehd power that previously was only
available with massive effort via analog Samizdat using typewriters
(shoutout: https://cyberpunk.fandom.com/wiki/95.2_Samizdat_Radio).
-- 
Unpolitisch sein
heißt politisch sein,
ohne es zu merken.
draketo.de


signature.asc
Description: PGP signature

Re: Pull-requests in need of reviews

[Dr. Arne Babenhauserheide]

Hi,

I hit a roadblock on the Windows installer — it needs someone with
innosetup skills and ideally a Windows system. We need Java 10 bundled
with the installer. I already added the new JRE, but it needs to be
unzipped (without zip we hit the github filesize limit).

It would be awesome if one of you could clone
https://github.com/freenet/wininstaller-innosetup.git and get
https://github.com/freenet/wininstaller-innosetup/blob/master/FreenetInstall_InnoSetup.iss
working on windows64!

There is a github workflow, but developing against that without a local
setup is awful.
https://github.com/freenet/wininstaller-innosetup/blob/master/.github/workflows/ci.yml

Best wishes,
Arne

"Dr. Arne Babenhauserheide"  writes:

> DC*  writes:
>> Happy new year!
>
> Thank you! To you, too!
>
>> These emails summaries are a good idea to push work forward and point
>> people to places where help is needed. Keep them up! :)
>
> I’ll try :-)
>
>
> We got many reviewed now. The following is still open and required for 
> release:
>
>>> # Java 16 and 17 compat:
>>> - add required module opens for Java 17 to wrapper.conf:
>>> https://github.com/freenet/fred/pull/755
>
>
> This one is still open, but does not block the release:
>
>>> # Remove potential attack-vector in pitch black mitigation (thanks to 
>>> nextgens!)
>>> - randomize pitch black defense times: 
>>> https://github.com/freenet/fred/pull/747
>
> And these are *reviewed* and ready for release. Thank you!
>
>>> # Fix peer scaling (fast nodes needed more than their capacity from slow 
>>> nodes)
>>> - fix peer scaling for very fast peers:
>>> - https://github.com/freenet/fred/pull/749
>
>>> # More robust friend-to-friend workflow:
>>> - New peer via freenet uri: https://github.com/freenet/fred/pull/753
>>> - try replacing spaces by newlines in noderefs when parsing fails:
>>> https://github.com/freenet/fred/pull/752
>>> 
>>> # Config-Optimizations:
>>> - Increase default max threads to 1000: 
>>> https://github.com/freenet/fred/pull/757
>>> - increase default datastore size to 100GiB:
>>> https://github.com/freenet/fred/pull/756
>>> 
>>> 
>>> # Add warning about voice-recognition being used for surveillance
>>> - add voice recognition warning: https://github.com/freenet/fred/pull/750
>>> 
>>> # add support-code to make it easier for someone to take up the task to
>>>   fix the ogg vorbis filter
>>> - add output of filtered file to the OggFilterTest:
>>> https://github.com/freenet/fred/pull/748
>>> 
>>> # Polish:
>>> - note effectively published field: https://github.com/freenet/fred/pull/754
>
> Thank you very much for your reviews!
>
> Best wishes,
> Arne


-- 
Unpolitisch sein
heißt politisch sein,
ohne es zu merken.
draketo.de


signature.asc
Description: PGP signature

Re: Pull-requests in need of reviews

[Dr. Arne Babenhauserheide]

DC*  writes:
> Happy new year!

Thank you! To you, too!

> These emails summaries are a good idea to push work forward and point
> people to places where help is needed. Keep them up! :)

I’ll try :-)


We got many reviewed now. The following is still open and required for release:

>> # Java 16 and 17 compat:
>> - add required module opens for Java 17 to wrapper.conf:
>> https://github.com/freenet/fred/pull/755


This one is still open, but does not block the release:

>> # Remove potential attack-vector in pitch black mitigation (thanks to 
>> nextgens!)
>> - randomize pitch black defense times: 
>> https://github.com/freenet/fred/pull/747


And these are *reviewed* and ready for release. Thank you!

>> # Fix peer scaling (fast nodes needed more than their capacity from slow 
>> nodes)
>> - fix peer scaling for very fast peers:
>> - https://github.com/freenet/fred/pull/749

>> # More robust friend-to-friend workflow:
>> - New peer via freenet uri: https://github.com/freenet/fred/pull/753
>> - try replacing spaces by newlines in noderefs when parsing fails:
>> https://github.com/freenet/fred/pull/752
>> 
>> # Config-Optimizations:
>> - Increase default max threads to 1000: 
>> https://github.com/freenet/fred/pull/757
>> - increase default datastore size to 100GiB:
>> https://github.com/freenet/fred/pull/756
>> 
>> 
>> # Add warning about voice-recognition being used for surveillance
>> - add voice recognition warning: https://github.com/freenet/fred/pull/750
>> 
>> # add support-code to make it easier for someone to take up the task to
>>   fix the ogg vorbis filter
>> - add output of filtered file to the OggFilterTest:
>> https://github.com/freenet/fred/pull/748
>> 
>> # Polish:
>> - note effectively published field: https://github.com/freenet/fred/pull/754


Thank you very much for your reviews!


Best wishes,
Arne
-- 
Unpolitisch sein
heißt politisch sein,
ohne es zu merken.
draketo.de


signature.asc
Description: PGP signature

Pull-requests in need of reviews

[Dr. Arne Babenhauserheide]

Hi,


I created several small and self-contained pull-requests that need
review. Please take a look so we can move forward with the next release!

# Java 16 and 17 compat:
- add required module opens for Java 17 to wrapper.conf: 
https://github.com/freenet/fred/pull/755

# Remove potential attack-vector in pitch black mitigation (thanks to nextgens!)
- randomize pitch black defense times: https://github.com/freenet/fred/pull/747

# More robust friend-to-friend workflow:
- New peer via freenet uri: https://github.com/freenet/fred/pull/753
- try replacing spaces by newlines in noderefs when parsing fails:
https://github.com/freenet/fred/pull/752

# Config-Optimizations:
- Increase default max threads to 1000: https://github.com/freenet/fred/pull/757
- increase default datastore size to 100GiB: 
https://github.com/freenet/fred/pull/756

# Fix peer scaling (fast nodes needed more than their capacity from slow nodes)
- fix peer scaling for very fast peers:
- https://github.com/freenet/fred/pull/749

# Add warning about voice-recognition being used for surveillance
- add voice recognition warning: https://github.com/freenet/fred/pull/750

# add support-code to make it easier for someone to take up the task to
  fix the ogg vorbis filter
- add output of filtered file to the OggFilterTest: 
https://github.com/freenet/fred/pull/748

# Polish:
- note effectively published field: https://github.com/freenet/fred/pull/754


There are also related changes in java_installer and
wininstaller_innosetup. Please take a look at the commits!

- https://github.com/freenet/java_installer/commits/next
- https://github.com/freenet/wininstaller-innosetup/commits/master


Best wishes,
Arne
-- 
Unpolitisch sein
heißt politisch sein,
ohne es zu merken.
draketo.de


signature.asc
Description: PGP signature

Re: Freenet 1492-pre1 test release

[Dr. Arne Babenhauserheide]

Hi,

I received reports of working 1492-pre1, so there is now a full test
release: https://github.com/freenet/fred/releases/tag/build01492

You can get it by changing your auto-update key to 
USK@wytBz~rduWSo9-MmVW4AVqY3ESebPPCP9vC-eSxe-vg,mZqWi0sHmhn5kt0idu-~K4pk~~8eNXxMeYen73FOfA8,AQACAAE/jar/1491
Find it at http://127.0.0.1:/config/node.updater?fproxyAdvancedMode=2

The release-notes are available under 
SSK@wytBz~rduWSo9-MmVW4AVqY3ESebPPCP9vC-eSxe-vg,mZqWi0sHmhn5kt0idu-~K4pk~~8eNXxMeYen73FOfA8,AQACAAE/changelog-1492
SSK@wytBz~rduWSo9-MmVW4AVqY3ESebPPCP9vC-eSxe-vg,mZqWi0sHmhn5kt0idu-~K4pk~~8eNXxMeYen73FOfA8,AQACAAE/fullchangelog-1492

Best wishes,
Arne

"Dr. Arne Babenhauserheide"  writes:

> [[PGP Signed Part:Good signature from DCCF0DB30BC10548 Arne Babenhauserheide 
> (Physikliebhaber, Hobbysänger und Ideenspringquell)  (trust 
> ultimate) created at 2021-10-26T08:55:16+0200 using RSA
> Good signature from 13EF8D452403C3EB Arne Babenhauserheide (Drak) 
>  (trust ultimate) created at 2021-10-26T08:55:16+0200 using 
> RSA]]
> Hi,
>
>
> On sunday I created the first pre-release for 1492:
> https://github.com/freenet/fred/releases/tag/build01492-pre1
>
> Please test the installers, and please test whether the
> freenet-testing-build-1492-pre1.jar works as a drop-in replacement for
> freenet.jar freenet.jar.new and freenet-stable-latest.jar
>
> This will become 1492 if no major problems are found.
>
>
> Changes include improvements in fred and updated plugins.
>
>
> Fred:
>
> - The multi-node test to show that the mitigation against the pitch
>   black attack works.
>   https://github.com/freenet/fred/pull/736
>
> - The m3u-player for video on demand over Freenet now prevents most
>   visual flickering.
>   https://github.com/freenet/fred/pull/734
>
> - Clickable labels for checkboxes. Thanks to AC4BB21B.
>   https://github.com/freenet/fred/pull/741
>
> - Fix: skip in support.io.SkipShieldingInputStream must return
>   non-negative. Thanks to dennisnez.
>   https://github.com/freenet/fred/pull/737
>
> - Fix: NodeConfig was reading a particular config from default on every
>   start up. Thanks to desyncr.
>   https://github.com/freenet/fred/pull/739
>
> - OpenJDK 16+ compat: add wrapper.conf argument to allow access to
>   internal openjdk modules.
>   https://github.com/freenet/fred/pull/740
>
> - Fix: Correct "current size" option in Wizard => datastore size. Thanks to 
> AC4BB21B.
>   https://github.com/freenet/fred/pull/742
>
>
> Plugins:
>
> - KeyUtils:
>   Fix API call to allow compiling, and
>Fix extra bytes display for composed SSK.
>   both thanks to TheSeeker.
>   https://github.com/freenet/plugin-KeyUtils/pull/17
>   https://github.com/freenet/plugin-KeyUtils/pull/16
>
> - Library:
>   search with unchecked boxes thanks to redwerk
>   https://github.com/freenet/plugin-Library/pull/14 - 
>   
>   custom index docname thanks to TheSeeker
>   https://github.com/freenet/plugin-Library/pull/18
>
> - Spider:
>   Fix writing to the bucket and Replace SortedIntSet thanks to redwerks
>   https://github.com/freenet/plugin-Spider/pull/6
>
>   Fix build thanks to Juiceman
>   https://github.com/freenet/plugin-Spider/pull/5
>
> - FlogHelper
>   Add new media tags in tool menu: audio and video thanks to
>   AlexandreRio
>   https://github.com/freenet/plugin-FlogHelper/pull/19
>   (you can simply set an uploaded m3u file as as source of a video
>and it will show up on your flog as video on demand)
>   
>
> related: Florent fixed our website build (Thank you!), so we can release
> there again. I polished our theme and the messaging on the index-page.
> https://freenetproject.org/
>
>
> 1492 roadmap:
> - One more day of testing this 1492-pre1.
> - A release to a testing key on wednesday.
> - Insert to the real update key on monday 2021-11-01.
>
>
> Help needed: We still have some useful pull-requests open that need a
> review or addressing review notes to get finished:
>   - https://github.com/freenet/plugin-Freemail/pull/40 — migrate to new WoT 
> API
>   - https://github.com/freenet/plugin-Freemail/pull/39 — add settings page
>   - https://github.com/freenet/plugin-Library/pull/16 — Upgrade SnakeYAML 
> library
>   - https://github.com/freenet/plugin-Library/pull/15 — fix search index 
> creation.
>   - https://github.com/freenet/plugin-Library/pull/19 — 15 + more changes
> (15 needs to be merged first, there already are notes there)
>
>
> If you want to fetch the release-files from Freenet:
>
> CHK@fOhI~e2PoGv0v4G58efzklzpHOMccwmYqCWOyU-zFyA,M7oS5jaEV9CBbI6o9ABi-ktt3XO7Y~HsWlz6~bE1cZA,AAMC--8/freenetinstaller-1492-pre1.exe
>
> CHK@0AOzGu2

Freenet 1492-pre1 test release

[Dr. Arne Babenhauserheide]

Hi,


On sunday I created the first pre-release for 1492:
https://github.com/freenet/fred/releases/tag/build01492-pre1

Please test the installers, and please test whether the
freenet-testing-build-1492-pre1.jar works as a drop-in replacement for
freenet.jar freenet.jar.new and freenet-stable-latest.jar

This will become 1492 if no major problems are found.


Changes include improvements in fred and updated plugins.


Fred:

- The multi-node test to show that the mitigation against the pitch
  black attack works.
  https://github.com/freenet/fred/pull/736

- The m3u-player for video on demand over Freenet now prevents most
  visual flickering.
  https://github.com/freenet/fred/pull/734

- Clickable labels for checkboxes. Thanks to AC4BB21B.
  https://github.com/freenet/fred/pull/741

- Fix: skip in support.io.SkipShieldingInputStream must return
  non-negative. Thanks to dennisnez.
  https://github.com/freenet/fred/pull/737

- Fix: NodeConfig was reading a particular config from default on every
  start up. Thanks to desyncr.
  https://github.com/freenet/fred/pull/739

- OpenJDK 16+ compat: add wrapper.conf argument to allow access to
  internal openjdk modules.
  https://github.com/freenet/fred/pull/740

- Fix: Correct "current size" option in Wizard => datastore size. Thanks to 
AC4BB21B.
  https://github.com/freenet/fred/pull/742


Plugins:

- KeyUtils:
  Fix API call to allow compiling, and
   Fix extra bytes display for composed SSK.
  both thanks to TheSeeker.
  https://github.com/freenet/plugin-KeyUtils/pull/17
  https://github.com/freenet/plugin-KeyUtils/pull/16

- Library:
  search with unchecked boxes thanks to redwerk
  https://github.com/freenet/plugin-Library/pull/14 - 
  
  custom index docname thanks to TheSeeker
  https://github.com/freenet/plugin-Library/pull/18

- Spider:
  Fix writing to the bucket and Replace SortedIntSet thanks to redwerks
  https://github.com/freenet/plugin-Spider/pull/6

  Fix build thanks to Juiceman
  https://github.com/freenet/plugin-Spider/pull/5

- FlogHelper
  Add new media tags in tool menu: audio and video thanks to
  AlexandreRio
  https://github.com/freenet/plugin-FlogHelper/pull/19
  (you can simply set an uploaded m3u file as as source of a video
   and it will show up on your flog as video on demand)
  

related: Florent fixed our website build (Thank you!), so we can release
there again. I polished our theme and the messaging on the index-page.
https://freenetproject.org/


1492 roadmap:
- One more day of testing this 1492-pre1.
- A release to a testing key on wednesday.
- Insert to the real update key on monday 2021-11-01.


Help needed: We still have some useful pull-requests open that need a
review or addressing review notes to get finished:
  - https://github.com/freenet/plugin-Freemail/pull/40 — migrate to new WoT API
  - https://github.com/freenet/plugin-Freemail/pull/39 — add settings page
  - https://github.com/freenet/plugin-Library/pull/16 — Upgrade SnakeYAML 
library
  - https://github.com/freenet/plugin-Library/pull/15 — fix search index 
creation.
  - https://github.com/freenet/plugin-Library/pull/19 — 15 + more changes
(15 needs to be merged first, there already are notes there)


If you want to fetch the release-files from Freenet:

CHK@fOhI~e2PoGv0v4G58efzklzpHOMccwmYqCWOyU-zFyA,M7oS5jaEV9CBbI6o9ABi-ktt3XO7Y~HsWlz6~bE1cZA,AAMC--8/freenetinstaller-1492-pre1.exe

CHK@0AOzGu2q~jTHirZSin1Vltp8rzceMFcz7wHLdj9PcTk,PsoJWteIzabKCX78lRBM9XKu5LkomeEL5QcrfsokvCs,AAMC--8/freenetinstaller-1492-pre1.exe.sig

CHK@9SWNOkhgPD0TXdZvEUESR70fP8SnvCQq7Rt5fQNX6e0,x08pdGHvLmewqszKwhG8CjmzAnugFCAOdksofzOYpjQ,AAMC--8/freenet-testing-build-1492-pre1.jar

CHK@VF-RGTiMOE8kK6QJvuO97BFya0ScBzPddFMsXle~mUA,H-nlpHjlbFgIHClpX0pGtWedgIMJLUVfjo5Tihk0GPo,AAMC--8/freenet-testing-build-1492-pre1.jar.sig

CHK@euCzFQlVQ4H8r5SmsinSAZF0ivfMbEBoCxiu1qqyoMA,7q0twQYdRoFO2g7Vc7TGV3E1nPVspOwiwZMPTUXnPm4,AAMC--8/new_installer_offline_1492-pre1.jar

CHK@yL99YWCmYjBJgp~EP2XUA30UJWEL1Vh51KYkW8L7nqg,RkUsEvAAQADlXMLOIoBhm2h-WF-e6xttHcRrqGIPhJg,AAMC--8/new_installer_offline_1492-pre1.jar.sig

CHK@e-kFC1XLRBvaUKZVXlqsD2dn~uewnrZ09dq9ftkR-EU,afSmHSX~9ZYDPDj7WUn~-6nX6EpSZE22hl3ELGJC2Yk,AAMC--8/freenet-testing-build-1492-pre1-source.tar.bz2.sha1

CHK@WiuPG5Hj1Yc7JcrcBQC2NxiflbiV7aTMXD4YbMXzXRQ,kIjiXqW5sQGgOW-fsTztLd9TCvsCFcEPnrbbo0234g8,AAMC--8/freenet-testing-build-1492-pre1-source.tar.bz2.sig

CHK@MC2p0DzBOHIk1LIUt2F2B2imH08dWL7Jt6VaQ~4OqWw,lYl8eXuBj7yCIv8Kq7VUr5Fkxy9HMvJT72qHe-3ldXw,AAMC--8/freenet-testing-build-1492-pre1-source.tar.bz2


--- - -
Freenet is a peer-to-peer platform for
censorship-resistant and privacy-respecting
publishing and communication.
- https://freenetproject.org -


Best wishes,
Arne
-- 
Unpolitisch sein
heißt politisch sein,
ohne es zu merken.
draketo.de


signature.asc
Description: PGP signature

Re: Plugins build system upgrade

[Dr. Arne Babenhauserheide]

Hi,

DC*  writes:

> Other plugins are marked as Ready to be Merged or gone through Code Reviews:
>
> * https://github.com/freenet/plugin-Library

I had to reset and re-open this because it did not run when loaded as
plugin. I’m not sure about the cause.

We might have to use fred from a local checkout, or use
parsing of dependencies.properties.

Best wishes,
Arne
-- 
Unpolitisch sein
heißt politisch sein,
ohne es zu merken.
draketo.de


signature.asc
Description: PGP signature

A test release for build 1491 is available

[Dr. Arne Babenhauserheide]

Hi,

The new test release for build 1491 is going in, hopefully the final one
for 1491. If you want to help test it, please change your auto-update
key to
USK@wytBz~rduWSo9-MmVW4AVqY3ESebPPCP9vC-eSxe-vg,mZqWi0sHmhn5kt0idu-~K4pk~~8eNXxMeYen73FOfA8,AQACAAE/jar/1490

Release on Github: https://github.com/freenet/fred/releases/tag/build01491

changes: 
SSK@wytBz~rduWSo9-MmVW4AVqY3ESebPPCP9vC-eSxe-vg,mZqWi0sHmhn5kt0idu-~K4pk~~8eNXxMeYen73FOfA8,AQACAAE/fullchangelog-1491
SSK@wytBz~rduWSo9-MmVW4AVqY3ESebPPCP9vC-eSxe-vg,mZqWi0sHmhn5kt0idu-~K4pk~~8eNXxMeYen73FOfA8,AQACAAE/changelog-1491

Release Notes:

2021-05-02

Freenet 0.7.5 build 1491 is now available.


This build is a bugfix release.
It ships cleanup to the pitch black defense and to streaming video and audio in 
the browser.


For the pitch black defense, it disables defensive swapping
if swapping is disabled in general because the node uses opennet.
This should resolve problems to the network structure and data persistence
introduced during the pitch-black fix because 
opennet nodes started swapping when they had network-issues (Sorry for that 
:-().
Also it delays the pitch black defense to 10 minutes after startup instead of 1 
minute after startup
to further reduce the probability of stray swapping.
Mitigating the Pitch Black Attack is funded by NLnet through the NGIO PET fund 
with financial support from the European Commission's Next Generation Internet 
programme.

Sidenote: If you have a Freenet project, that might be a good match for the 
Assure grant or the Search and Discovery grant, have a look at their site! The 
two application periods are open until first of June and a good match for 
individuals who want to get funding for concrete improvements: 
https://nlnet.nl/themes/


For streaming, this release fixes operation over proxies that provide a http 
node via https,
and it adds m3u compability for mobile devices - thanks to DC*
(some mobile browsers answer the query "supports m3u" with "maybe" O_o).


Further improvments in this release:

- Improve OpenBSD support thanks to jv@D7b92AQB2664AkrR.
- Fix plugin compatibility problems from refactoring.
- More cleanup of old code thanks to Jan Gerritsen.
- Fix label for logged attribute RoutingDisabled - thanks to Jan Gerritsen


Thank you for using Freenet!

- Arne Babenhauserheide
-- 
Unpolitisch sein
heißt politisch sein
ohne es zu merken


signature.asc
Description: PGP signature

Freenet 0.7.5 build 1490 codename “pitch black streaming” is now available

[Dr. Arne Babenhauserheide]

Hi,


The Freenet team is happy to release Freenet 1490 today.


This release provides three different changes:
- streaming in the browser,
- mitigating the pitch black attack, and
- providing the windows-installer from the node again.


It is available at https://freenetproject.org/pages/download.html


For **streaming**, it builds on the m3u-filter to provide
direct in-browser streaming. Currently
it works with audio (mp3 and ogg vorbis)
and video (ogg theora) in sufficient quality for
music playlists and specially crafted video-streams.

With this change, adding a media-tag that references an m3u-list like


stream.m3u


or


stream.m3u, starting with sff-001.ogv.
Putting the first video here causes freesitemgr to more likely
put the first video into the container, giving faster initial startup.


gives you a freesite with a clickable media-tag that plays the m3u-list.
In Sharesites you need to add at least one space before the tag.

If you want to stream via Freenet yourself, you’ll find help in
a [thirdparty howto][streaming-howto].

There are three example sites:

- Audio-Playlist: 
USK@1wpsnrzb9fiFmmq6OozoZ0Mnk376AlizUKjKPh3TXwM,CwfRO8X0xaCUzH28eoHigxUV-5TkRV8hCoQdO2kmsQM,AQACAAE/streaming-over-fproxy/3/
- Streaming Video: 
USK@UGh1rxaHczJVr4k4LwxWrxFBc-Dt5P0F3IuPONpp8ZQ,klWF5g9B2PLst8tRO8c9tzk6XvisGynFVJRzM8-9718,AQACAAE/stream-36c3-sff/3/
- Radio Interview: 
USK@4DQ15JpGlVGDdyXvQE3Egz7SLK2TzMAUmp~aptnwyt4,ljFASreV8AHaQhscfrNLuVyl3qksltgP9sndtLuUHB8,AQACAAE/stream-radiocc-freenet/1/

This follows an old idea to enhance freesites with strictly checked 
interactivity,
similar to userscripts but without the security implications of adding a script
that might have a very different threat model than Freenet itself.


Also this release ships a **mitigation for the pitch black attack**. 
For details see 
<https://www.mail-archive.com/devl@freenetproject.org/msg55182.html>

Mitigating the pitch black attack is supported by NLnet
as part of the NGI0 PET Fund.
For details see <https://nlnet.nl/project/Freenet-Routing/>
Thank you!

There are still more tests needed to ensure that the change suffices
to resolve the main objection that existed among people well-versed
in the technical background of Freenet, GNUnet, and others
against using the friend-to-friend mode of Freenet since 2007.

It used to be far too easy to break a pure friend-to-friend net
(all nodes using high-security mode). This should be resolved now.


And finally the **UOM transfer max sizes were tripled**,
so the windows-installer provided by Freenet nodes gets updated again,
and the annoying warning about freenet-latest-installer-windows.exe
during install and update disappears.


Thank you for using Freenet!


- Arne Babenhauserheide


PS: The Mac Installer needs support. The plan for next release is to get
smaller pull-requests and plugin-changes released.


[releasetag1490]: https://github.com/freenet/fred/releases/tag/build01490
[streaming-howto]: https://www.draketo.de/software/stream-over-freenet.html
-- 
Unpolitisch sein
heißt politisch sein
ohne es zu merken


signature.asc
Description: PGP signature

Re: Potential GSoC mentors: please answer today

[Dr. Arne Babenhauserheide]

Hi,

I got 1 more positive reply over IRC, so we’re at 3 mentors now.

Best wishes,
Arne

DC*  writes:

> Hey all,
>
> I'm up for it although I can help mostly with integration (the App
> mostly), not core parts. May be new projects around REST API or
> similar.
>
> I can give a 2-3 hours a day (evening GMT).
>
> Best regards
>


Hakimi Abdul Jabar  writes:

> Thanks Arne!
>
> Already asking around.  Hope we get 5-10!
>
> On Thu, 18 Feb 2021, 9:08 a.m. Dr. Arne Babenhauserheide, 
> wrote:
>
>> Hi,
>>
>> I’ve almost finished our GSoC-application, and one field that is
>> still open is: Do we have 1-5 mentors or 5-10.
>>
>> If you’d be interested in mentoring for GSoC this year, please answer
>> today so I can give the best estimate.
>>
>> Deadline for the application is 19. Feb. 2021 at 19:00 UTC.
>>
>> Best wishes,
>> Arne
>> --
>> Unpolitisch sein
>> heißt politisch sein
>> ohne es zu merken
>>


-- 
Unpolitisch sein
heißt politisch sein
ohne es zu merken


signature.asc
Description: PGP signature

Potential GSoC mentors: please answer today

[Dr. Arne Babenhauserheide]

Hi,

I’ve almost finished our GSoC-application, and one field that is
still open is: Do we have 1-5 mentors or 5-10.

If you’d be interested in mentoring for GSoC this year, please answer
today so I can give the best estimate.

Deadline for the application is 19. Feb. 2021 at 19:00 UTC.

Best wishes,
Arne
-- 
Unpolitisch sein
heißt politisch sein
ohne es zu merken


signature.asc
Description: PGP signature

Re: Maybe make jna-4 optional, jna-3 is preferred here

[Dr. Arne Babenhauserheide]

Dennis Nezic  writes:

> Why are we forced to use JNA-4? (Looks like it was introduced in 1486?
> [1])

There was a problem with the update of Java on Windows which would have
broken all Windows nodes with the old JNA.

> In my distro, it pulls in a whole bunch of X11 stuff, starting with
> libXt, none of which I need since it's a headless server. JNA-3 doesn't
> have such dependencies.
>
> Things compile and work fine here with jna-3.4.1 if I get rid of one
> "isAndroid()" call in src/freenet/support/JVMVersion.java[2] ... it
> seems like that's the only JNA-4 specific code?

You could easily patch that out — the patch looks good for desktop.

> If JNA-4 really is needed for some people, perhaps there can be a
> config compile-time option for this?

It is needed on Windows and on Android.

> [1] https://freenetproject.org/freenet-build-1486-released.html
> [2] https://754990.bugs.gentoo.org/attachment.cgi?id=671710

Best wishes,
Arne
-- 
Unpolitisch sein
heißt politisch sein
ohne es zu merken


signature.asc
Description: PGP signature

Re: Google Summer of Code 2021?

[Dr. Arne Babenhauserheide]

Hakimi Abdul Jabar  writes:

> Defintely Ian, Arne!  Or we should now prefer Dr. Arne!

Please stick with Arne :-)

Best wishes,
Arne
-- 
Unpolitisch sein
heißt politisch sein
ohne es zu merken


signature.asc
Description: PGP signature

Google Summer of Code 2021?

[Dr. Arne Babenhauserheide]

Hi,

Registration for Google Summer of Code 2021 for Organizations is open.
Will we take part?

https://summerofcode.withgoogle.com/

We need an „official representative“ of the project to register, which
would be Ian?

I started a list of interesting tasks in the wiki and on a Freesite
https://github.com/freenet/wiki/wiki/Google-Summer-of-Code-2021
USK@1e~oSIunnUl4nWEdyZBLjYMGt1IladVmY7GhXnfmHRw,hAhN74IAmm2Eo5Qkr6ZCEcG3MVBEexrbFXBp61W3jcI,AQACAAE/gsoc-2021/2/

The ones that I see as most impactful on the short term now that we have
a mobile app in FDroid (yay DC*!) are content filters for
- ogg opus,
- vp9, and
- av1

Those would make the upcoming in-browser streaming fast enough that
freesites can provide video-on-demand in HD-quality.

In addition anything that can add features from icicles to the mobile
node: https://github.com/freenet-mobile/app

Best wishes,
Arne
-- 
Unpolitisch sein
heißt politisch sein
ohne es zu merken


signature.asc
Description: PGP signature

Streaming over Freenet in the Browser

[Dr. Arne Babenhauserheide]

Hi,

I shot a small peek preview video of streaming in the browser:

- https://twitter.com/ArneBab/status/1355280449845735426
- https://rollenspiel.social/@ArneBab/105641351537267109
- https://youtu.be/MHhyAf-bdLk

You can test this by building from the m3u-player pull-request (there’s
also an example jar for the reckless) and visiting the example freesites:

- pull-request:
  https://github.com/freenet/fred/pull/721
- Audio-Playlist:
  
USK@1wpsnrzb9fiFmmq6OozoZ0Mnk376AlizUKjKPh3TXwM,CwfRO8X0xaCUzH28eoHigxUV-5TkRV8hCoQdO2kmsQM,AQACAAE/streaming-over-fproxy/3/
- Streaming Video:
  
USK@UGh1rxaHczJVr4k4LwxWrxFBc-Dt5P0F3IuPONpp8ZQ,klWF5g9B2PLst8tRO8c9tzk6XvisGynFVJRzM8-9718,AQACAAE/stream-36c3-sff/3/

The pull-request needs careful review because it touches on CSP-headers
and relies on Javascript (details are in the description).

Best wishes,
Arne
-- 
Unpolitisch sein
heißt politisch sein
ohne es zu merken


signature.asc
Description: PGP signature

Re: Freenet Mobile available on Fdroid!

[Dr. Arne Babenhauserheide]

DC*  writes:
> After awhile Freenet Mobile is finally available on Fdroid
> repositories [1].

That’s awesome!

Congratulations!

>  [1]: 
>  [2]: 

Best wishes,
Arne
-- 
Unpolitisch sein
heißt politisch sein
ohne es zu merken


signature.asc
Description: PGP signature

Re: 1489-pre1 test release

[Dr. Arne Babenhauserheide]

Ian Clarke  writes:

> Great work Arne!

Thank you!

Best wishes,
Arne

> On Sun, Nov 29, 2020 at 4:07 AM Dr. Arne Babenhauserheide 
> wrote:
>
>> Hi,
>>
>> I created a test release for 1489:
>> https://github.com/freenet/fred/releases/tag/testing-build-1489-pre1
>> CHK@2vnn7QNa49lJUC44Wp65w9
>> ~HVOj07Qiv72yz-SJDxUw,owMWSbHR-WcuznWkbcYmFu8lzR3tp9ZFlAeIKjgHaA0,AAMC--8/freenet.jar
>>
>>
>> The main change compared too 1488 is that this release adds m3u filter
>> support. This enables streaming audio (ogg/mp3) and video (theora).
>>
>>
>> Since I did not announce the previous releases
>> here: The changes in previous releases were:
>>
>> 1488 updated translations.
>>
>> https://freenetproject.org/freenet-build-1487-released.html
>> https://freenetproject.org/freenet-build-1486-released.html
>> https://freenetproject.org/freenet-build-1485-released.html
>>
>>
>> Best wishes,
>> Arne
>> --
>> Unpolitisch sein
>> heißt politisch sein
>> ohne es zu merken
>>


-- 
Unpolitisch sein
heißt politisch sein
ohne es zu merken


signature.asc
Description: PGP signature

1489-pre1 test release

[Dr. Arne Babenhauserheide]

Hi,

I created a test release for 1489:
https://github.com/freenet/fred/releases/tag/testing-build-1489-pre1
CHK@2vnn7QNa49lJUC44Wp65w9~HVOj07Qiv72yz-SJDxUw,owMWSbHR-WcuznWkbcYmFu8lzR3tp9ZFlAeIKjgHaA0,AAMC--8/freenet.jar


The main change compared too 1488 is that this release adds m3u filter
support. This enables streaming audio (ogg/mp3) and video (theora).


Since I did not announce the previous releases
here: The changes in previous releases were:

1488 updated translations.

https://freenetproject.org/freenet-build-1487-released.html
https://freenetproject.org/freenet-build-1486-released.html
https://freenetproject.org/freenet-build-1485-released.html


Best wishes,
Arne
-- 
Unpolitisch sein
heißt politisch sein
ohne es zu merken


signature.asc
Description: PGP signature

Fixing the pitch black vulnerability

[Dr. Arne Babenhauserheide]

Hi,


The next few months I want to implement a fix for the pitch black
attack. In this email I’m starting by presenting the concrete plan.


Introduction


The pitch black attack is a crippling weakness of our friend-to-friend
mode which currently enables a single node to take down all of darknet.
The pitch black attack was found by the GNUnet folks in 2007.¹

The fix has been known since 2008, but not implemented, because it
hadn’t been simulated.

In 2016 I completed a simulation (originally started by thesnark) and
showed that the fix works.²

¹: http://grothoff.org/christian/pitchblack.pdf
²: 
https://www.draketo.de/light/english/freenet/mitigate-pitch-black-attack-simulation-works

The pitch black attack works by lying in swap requests: Claim better
peers than the target to make the target accept your location. But don’t
actually accept the location of the other node: In the next swap request
you start with the same location again. That way you can slowly but
irreversibly drain locations from the network (see the simulation linked
above for details).

The original plan to fix the pitch black attack was to send a request to
a random location and check the distance between the closest node and
the key. If the distance is larger than 0.037, then the network is
guaranteed to be under attack and we take that location.

Recently I discussed the original plan to address the pitch black attack
with Florent again, and he found a weakness in the Scheme: attackers
could start a competition of veiled almost-same locations. In the
discussion we found a more robust fix that has the advantage of only
relying on actual performance metrics.


The new fix
---

Regularly insert random data as SSK or CHK and try to retrieve it with a
random delay up to the typical lifetime of a key. If it is gone, we take
its location.

This turns Freenet into a self-balancing graph: If some part of the
network becomes unreachable, nodes fill the void.

Healing of data which is partially available from cache recovers lost
content. Regular swapping returns nodes that took a random location back
to a location close to the data in its store, because most of its peers
are still located close to the original location.

Since it’s unknown who inserted an SSK, attackers cannot target those
inserts specifically. Detection of an attack on part of the keyspace
becomes based only on actual performance. Alternate between checking
SSKs and checking CHKs to prevent attacks on only parts of the store,
for example taking up part of the keyspace and having a tiny CHK store,
but a large SSK store.


Attacks that would still work
-

- Delete content by taking over parts of the keyspace with nodes which
  do not swap and at some point shutting them all down. if people kept
  running keepalive for important files, then most of the important
  content would actually be in caches and not only at the target nodes,
  so it could be reconstructed and would get re-inserted the moment they
  purge their stores.

- Delete all old content from those nodes but keep more recent content
  (but then only old files could be taken down while communication would
  continue). This relies on the interval after which 

- Have nodes positioned around the keyspace with a small store and
  move-swap all others into a very narrow portion of the keyspace. This
  can degrade performance, but if it is too small, then lifetime will
  not be guaranteed, so some nodes will detect the attack and fill the
  space.

- Blackhole all requests from a certain part of the keystore to get
  nodes to leave that part. However they will snap back with further
  swapping requests, because their peers will still be optimal for that
  part of the keyspace, or others will fill the void.

With this change attackers can still degrade the service, but no longer
disrupt it.

If people keep running keepalive for important files, then most of the
important but infrequently accessed content would be in caches and not
only at the target nodes, so it could be reconstructed and would get
re-inserted shortly after attackers purge their stores. 

Keepalive is an official plugin starting with 1487.

Frequently accessed content will already be in caches even if people
don’t use keepalive for it.


Question



Do you see powerful attacks on the new scheme that I missed?


The next steps
--


If no crippling weaknesses are found, I intend to implement this scheme
during the following months.


Best wishes,
Arne
Hi,


The next few months I want to implement a fix for the pitch black
attack. In this email I’m starting by presenting the concrete plan.


Introduction


The pitch black attack is a crippling weakness of our friend-to-friend
mode which currently enables a single node to take down all of darknet.
The pitch black attack was found by the GNUnet folks in 2007.¹

The fix has been known since 2008, but not implemented, because it

Re: Statements about the HTL attacks

[Dr. Arne Babenhauserheide]

shroobi  writes:

>> Hi shroobi,
>> shroobi  writes:
>>
>>> I wanted to leave a note about these statements on the Freenet
>>> homepage. I don't understand why a response to disprove the paper
>>> would be released but there hasn't been any code put in place to
>>> address the problem.
>>
>> There was no code put in place, because the statistics in the attacks
>> were false. We can’t fix it if there is no vulnerability in the
>> first place.
>>
>> To be frank: The paper was wrong.
>>
>>> Furthermore, later a detailed description was made of *how exactly* an
>>> attack could be done with certainty. Not cool. An enormous risk has
>>> been put on users because of this. Why was that done?
>>
>> That later description was also false:
>> https://www.draketo.de/software/levine-2017-errors.html
>>
>> We cannot fix it in code when people simply fake proof.
>
> Final note: The minimal information required for statistical claims
> about observations of node upload or download activity in Freenet:

> … snip …

Did you see any claim that actually contained this information? If not,
then they are trying to fake proof by making unverifiable claims. I have
yet to see anyone giving a solid statistical argument while providing
the actually needed information to check their claims.

This is not to say that it is impossible to trace you on opennet. It’s
just that no one ever did it right.

To actually prevent all but the most powerful (those who can make ISPs
their tools and hack individual computers) from tracking you, you must
be connected via friend-to-friend mode (high security) with people you
trust not to try to pro-actively track you. To track you then requires
hacking your friends' computers.

To get even higher security, you‘ll also need to connect Freenet to the
internet via a regional mesh-network that does not spy on the data you
transmit to find people who upload lots of encrypted packages.

But the first step to improve protections for your privacy is really to
move to friend-to-friend mode.

Best wishes,
Arne
-- 
Unpolitisch sein
heißt politisch sein
ohne es zu merken


signature.asc
Description: PGP signature

Re: Statements about the HTL attacks

[Dr. Arne Babenhauserheide]

Hi shroobi,
shroobi  writes:

> I wanted to leave a note about these statements on the Freenet
> homepage. I don't understand why a response to disprove the paper
> would be released but there hasn't been any code put in place to
> address the problem.

There was no code put in place, because the statistics in the attacks
were false. We can’t fix it if there is no vulnerability in the first place.

To be frank: The paper was wrong.

> Furthermore, later a detailed description was made of *how exactly* an
> attack could be done with certainty. Not cool. An enormous risk has
> been put on users because of this. Why was that done?

That later description was also false:
https://www.draketo.de/software/levine-2017-errors.html

We cannot fix it in code when people simply fake proof.

The actual problem is in the legal system. If a court accepts false
proofs, the only way we can prevent this is to hide the address of the
node in the first place.

And Freenet enabled that in 2007: Use the friend-to-friend mode (high
security / darknet). This is the only way to prevent easy harvesting of
your IP, and so it is the only way to prevent someone from targeting you
with faked proof.

Best wishes,
Arne
-- 
Unpolitisch sein
heißt politisch sein
ohne es zu merken


signature.asc
Description: PGP signature

Re: Bitcoin donation housekeeping and change of donation address for security reasons (website needs redeploy)

[Dr. Arne Babenhauserheide]

Hi Ian,

The tag suffices, yes. If you don’t see your changes yet, this could be
due to caching. Just try it with a cache-busting parameter like:
https://freenetproject.org/pages/donate.html?somethingrandom

Thank you!

And also thank you for doing the paperwork and funds management!

Best wishes,
Arne

Ian Clarke  writes:

> Thanks Florent, I've created a new release
> ,
> should that be sufficient?
>
> On Fri, Aug 21, 2020 at 11:14 AM Florent Daignière <
> nextg...@freenetproject.org> wrote:
>
>> Hi Ian,
>>
>> We already have some CI setup... each time you push on that repository,
>> it gets built/deployed by travis.
>>
>> Here's the job for your last commit:
>> https://travis-ci.org/github/freenet/website/builds/719980195
>>
>> It goes live on
>> https://staging.freenetproject.org
>>
>> If you would like it to be promoted to the main website, you need to
>> push a tag (the tag's name doesn't matter).
>>
>> Florent
>>
>>
>> On Fri, 2020-08-21 at 11:02 -0500, Ian Clarke wrote:
>> > We've been using Blockchain.info to manage our Bitcoin donations, but
>> > we were using a legacy wallet which has limited backup and security
>> > precautions (Blockchain.info has evolved a lot since we started using
>> > it).
>> >
>> > So I've moved the funds to the primary Blockchain wallet to take full
>> > advantage of the various security precautions, I'm also transferring 2
>> > BTC to Freenet Project Inc's US dollar account to reduce our exposure
>> > to the whims of Bitcoin fluctuations (but we still have plenty of BTC
>> > to benefit if the current rally continues).
>> >
>> > The old donation address will continue to work fine, however I've
>> > updated the donation address to:
>> >
>> >
>> https://www.blockchain.com/btc/address/12FNaL4XN1WRh4SHWXb8Gw2VvjkahqpJc7
>> >
>> > Note this address begins with the number twelve, and ends with the
>> > number seven.  I've updated the website accordingly via Github, would
>> > someone mind redeploying it?  I haven't modified the website in a few
>> > years and am unfamiliar with the procedure (although we should
>> > investigate whether we can automate it through Github Actions).
>> >
>> > As an additional precaution, I've attached a terrible photo of me with
>> > the new BTC address.
>> >
>> > On a related note, I filed Freenet Project's taxes last week.  As a
>> > nonprofit it doesn't need to pay tax, but unfortunately still needs to
>> > file the paperwork every year to maintain that status.
>> >
>> > Ian.
>> >
>>


-- 
Unpolitisch sein
heißt politisch sein
ohne es zu merken


signature.asc
Description: PGP signature

Re: CSS definitions for tags without IDs or classes

[Dr. Arne Babenhauserheide]

Hi Bombe,

David “Bombe” Roden  writes:
> For Sone I have added a simple reset (i.e. “max-width: inherit;”) but other 
> plugins might or might not do that. So for the future I would ask everyone to 
> please restrict such broad definitions in CSS with an additional class (or 
> even better, ID) in order to have minimal impact on plugins and other pages. 
> That also means that we should watch out for that in future code reviews.

Thank you for the warning!

We had a similar problem in Freetalk once (a change to Toadlets added
linebreaks after tags which broke the Freetalk messages), but I missed
it in the code-review. Sorry for that :-/

Will try to look more carefully at global redefinitions in themes.

Best wishes,
Arne
-- 
Unpolitisch sein
heißt politisch sein
ohne es zu merken


signature.asc
Description: PGP signature

Check Plugins to follow an API cleanup

[Dr. Arne Babenhauserheide]

Hi,

We did a small API cleanup to get rid of lots of FakeCallback-usages
just to get around the old API. Sadly there is at least one plugin which
used that API. We’re now checking all plugins whether they are affected.

It would be great if you could help check that! You only need to test
whether the plugin compiles when using the freenet.jar from build 1486.

More information and the current state is available at:
https://cryptpad.piratenpartei.de/code/#/2/code/edit/XFGQmQQpfwDylsVj8OTw7bDh/

Once we have all those points crossed, I’ll prepare 1487 with plugin
updates, including those fixes.

If you know a plugin not in the list, please tell us!

Projects on the site, state of now (~~ … ~~ means it’s already done):

- Flircp
- ~~FlogHelper~~ (compiles)
- ~~Freemail~~ (compiles)
- Fritter
- jfniki
- ~~Library~~ (compiles)
- ~~Sharesite~~ (compiles with fred next and only uses the 
HighLevelSimpleClient)
- Shoeshop
- ~~Sone~~ (uses FCP only)
- ThawIndexBrowser
- UPnP
- UPnP2
- WebOfTrust
- ~~WoTNS~~ (uses FCP only)
- BOF
- ~~Spider~~ (compiles)
- jFMS
- ~~jSite~~ (uses FCP only)
- munin-freenet
- munin-plugin-freenet
- RelayBot
- Syndie
- ~~jFCPlib~~ (uses FCP only)
- ShoeShop
- Keepalive
- KeyUtils https://github.com/freenet/plugin-KeyUtils/pull/14

Best wishes,
Arne
-- 
Unpolitisch sein
heißt politisch sein
ohne es zu merken


signature.asc
Description: PGP signature

Freenet build 1486 released

[Dr. Arne Babenhauserheide]

Freenet 0.7.5 build 1486 is now available.

It is available via auto-update or via download from our website:

https://freenetproject.org/pages/download.html?1486


This is an emergency release which updates JNA to version 4.5.2 to
prevent Windows nodes from breaking when Java is updated.

Since we’re releasing from next, this release contains a number of
further improvements we had already prepared:

The first time wizard now warns users on first run to disable
thirdparty IMEs (input method editors). There are reports that
some of those IMEs send all keystrokes to their owners.

Alex Williams changed the bandwidth allocation to give more bandwidth
to friend-to-friend connections than to opennet connections.
Friend-to-friend connections (Darknet-mode) are the only way to build
a Sybil-resistant network. Please invite people you’ve known for years
long to join you in Freenet and connect to them as Friends.

Oleh from Redwerk improved the styles of our main theme (Winterfacey).
It now works much better for small devices like phones. Also Freenet
will offer a connection speed upgrade when increased speed is
detected.

On the technical side, operhiem1 and nextgens got us a new jarsigner
certificate which should remove some ugly warnings during
installation, and thanks to Bombe our SSK and USK key validation is
now stricter, and our tests now use JUnit 4. And we increased the max
size for passthrough, so our Windows installer should spread over [UOM][]
again.

Finally, outside the direct release, but significant: desyncr ported
Freenet to Android! The new [Freenet
Mobile][freenet-mobile] is optimized to preserve
bandwidth and battery power in phones. Find out how to test it [on
reddit][freenet-mobile-reddit].


For additional details see the [release tag for 1486][releasetag1486].


You can download this release as usual from the [download page][],
or if you are already using Freenet, simply let your freenet node
update itself over Freenet.


Thank you for using and contributing to Freenet!


- Arne Babenhauserheide

[releasetag1486]: https://github.com/freenet/fred/releases/tag/build01486
[freenet-mobile-reddit]: 
https://www.reddit.com/r/Freenet/comments/i21dca/freenet_mobile_01_beta
[freenet-mobile]: https://github.com/freenet-mobile/app
[download page]: pages/download.html
[UOM]: https://github.com/freenet/wiki/wiki/Update-Over-Mandatory

PS: This message did not get into the mailing list on the first try.
-- 
Unpolitisch sein
heißt politisch sein
ohne es zu merken


signature.asc
Description: PGP signature

Re: Freenet build 1486 released

[Arne Babenhauserheide]

PS: you can watch 1486 spread on
USK@UHdUBsE9sdwYOuqPyHTlq4LvvlvzpqTYk5ze9nMX-sA,FriN3wJ0wgkXU2-nc0D3JrK0GU3FpX4qsbVSS9-lhYs,AQACAAE/watch-1486/0/

Arne Babenhauserheide  writes:

> Freenet 0.7.5 build 1486 is now available.
>
> It is available via auto-update or via download from our website:
>
> https://freenetproject.org/pages/download.html?1486
>
>
> This is an emergency release which updates JNA to version 4.5.2 to
> prevent Windows nodes from breaking when Java is updated.
>
> Since we’re releasing from next, this release contains a number of
> further improvements we had already prepared:
>
> The first time wizard now warns users on first run to disable
> thirdparty IMEs (input method editors). There are reports that
> some of those IMEs send all keystrokes to their owners.
>
> Alex Williams changed the bandwidth allocation to give more bandwidth
> to friend-to-friend connections than to opennet connections.
> Friend-to-friend connections (Darknet-mode) are the only way to build
> a Sybil-resistant network. Please invite people you’ve known for years
> long to join you in Freenet and connect to them as Friends.
>
> Oleh from Redwerk improved the styles of our main theme (Winterfacey).
> It now works much better for small devices like phones. Also Freenet
> will offer a connection speed upgrade when increased speed is
> detected.
>
> On the technical side, operhiem1 and nextgens got us a new jarsigner
> certificate which should remove some ugly warnings during
> installation, and thanks to Bombe our SSK and USK key validation is
> now stricter, and our tests now use JUnit 4. And we increased the max
> size for passthrough, so our Windows installer should spread over [UOM][]
> again.
>
> Finally, outside the direct release, but significant: desyncr ported
> Freenet to Android! The new [Freenet
> Mobile][freenet-mobile] is optimized to preserve
> bandwidth and battery power in phones. Find out how to test it [on
> reddit][freenet-mobile-reddit].
>
>
> For additional details see the [release tag for 1486][releasetag1486].
>
>
> You can download this release as usual from the [download page][],
> or if you are already using Freenet, simply let your freenet node
> update itself over Freenet.
>
>
> Thank you for using and contributing to Freenet!
>
>
> - Arne Babenhauserheide
>
> [releasetag1486]: https://github.com/freenet/fred/releases/tag/build01486
> [freenet-mobile-reddit]: 
> https://www.reddit.com/r/Freenet/comments/i21dca/freenet_mobile_01_beta
> [freenet-mobile]: https://github.com/freenet-mobile/app
> [download page]: pages/download.html
> [UOM]: https://github.com/freenet/wiki/wiki/Update-Over-Mandatory


-- 
Unpolitisch sein
heißt politisch sein
ohne es zu merken


signature.asc
Description: PGP signature

Re: Freenet 1486 Test release

[Dr. Arne Babenhauserheide]

DC*  writes:

> On 2020-08-02 19:59, Dr. Arne Babenhauserheide wrote:
>> test-release for what should become 1486.
>> 
>> You can get it from GitHub:
>> https://github.com/freenet/fred/releases/tag/build01486
>
> Great work Arne and everyone involved on this release!

Thank you!

Best wishes,
Arne
-- 
Unpolitisch sein
heißt politisch sein
ohne es zu merken


signature.asc
Description: PGP signature

Freenet 1486 Test release

[Dr. Arne Babenhauserheide]

Hi,


I created a test-release for what should become 1486.

You can get it from GitHub:
https://github.com/freenet/fred/releases/tag/build01486


This is not the 1486 release we wanted to release, but an emergency
release, because java 8 update 261 breaks Freenet on Windows. Therefore
we updated JNA to version 4.5.2.


Note that this is a pre-release. We gave it testing over the past 2
weeks, but we might have overlooked something.

You can also get it via auto-update by setting the update-key to
USK@BrNh~RNzsl3zQueAH0Ed8bgF88kZHa4AH64RNKjsCU4,~hvYp2qtiUUXk4r2AuwMbiNvLiBcPhl9Nt4lsrvaYn8,AQACAAE/jar/1485
on http://127.0.0.1:/config/node.updater?fproxyAdvancedMode=2
If Freenet does not find the update after changing the key, you might
have to restart it.

Please backup your Freenet installation (just copy the Folder) and then
change the update key to help us test whether the auto-update works.


We released from next (that’s the point of next), so the following
already prepared changes also come with this update:

- add warning message for IME to the first time wizard
- new jarsigner certificate should remove some ugly warnings - thanks to 
operhiem1 and nextgens!
- no longer accept certain invalid SSKs and USKs - thanks to Bombe!
- increase max size for passthrough to our Windows installer should spread over 
UOM again
- provide more bandwidth to darknet connections than to opennet connections - 
thanks to Alex Williams!
- offer connection speed upgrade when increased speed is detected - thanks to 
Oleh from Redwerk!
- improve CSS for small devices - thanks to Oleh from Redwerk!
- improve Winterfacey style - thanks to Oleh from Redwerk!


Please help us test 1486 so we can get it out before too many windows
nodes die.


Best wishes,
Arne
-- 
Unpolitisch sein
heißt politisch sein
ohne es zu merken


signature.asc
Description: PGP signature

Re: Linux installer as jar?

[Dr. Arne Babenhauserheide]

Steve Dougherty  writes:

> I can't speak for Arne but as far as I'm aware the things I mentioned
> in my quoted message still apply: we'd need to write a way for the
> package to update itself over Freenet.

While I think that this would be ideal, I also think that most users do
not need update over Freenet, since it only gives them a privacy
advantage, when they run full darknet.

The Gentoo package for example does not update over Freenet.

The distributions usually do their own quality control and update with a
delay, and while that makes measuring the update-process a bit harder,
it would also give some additional security against a Freenet release
manager going rogue.

Best wishes,
Arne
-- 
Unpolitisch sein
heißt politisch sein
ohne es zu merken


signature.asc
Description: PGP signature

Freenet 0.7.5 build 1485 released

[Arne Babenhauserheide]

Freenet 0.7.5 build 1485 is now available
-


   theora video-support, faster compression-check, Java 8


This release adds checking for Ogg Theora video files thanks to redwerk:
Freenet can now display video safely.

For files whose size does not shrink a lot by compression, compression
is now skipped. This should speed up inserts of video files. Also
compressors were cleaned up: During upload a test of one deprecated
compressor will now be skipped, if other compressions methods are
requested, too.

Freenet now requires Java 8 as the minimum version. Maintenance of Java
7 has long been stopped, and Java 8 is now available on all target
machines, including Debian stable. If you do not have Java 8 yet, please
update.

Also Freenet captures fetchKeyBoxAboveBookmarks from the theme as default value.

In preparation of directly usable pure friend-to-friend installers,
Freenet will now ask the user whether to connect, if there are *.fref
files in a peers-offers/ folder.

And it fixes a bug that caused some Freenet nodes to loop on startup due
to excessive memory use.


Important sidenote: If you are using a thirdparty IME (Input Method
Editor, used as text input for common asian languages), please disable
it for Freenet and use an IME from your Operating System. There have
been reports of the IME collecting your keystrokes and sending them to
remote servers.


Thank you for using Freenet!


For additional details see the release tag for 1485:

https://github.com/freenet/fred/releases/tag/build01485

You can download this release as usual from the download page, or if you
are already using Freenet, simply let your freenet node update itself
over Freenet.

https://freenetproject.org/pages/download.html


Deepest thanks to all involved!


-- Arne Babenhauserheide


What is Freenet?


Freenet is a free software peer-to-peer platform for
censorship-resistant communication and publishing that has been in
continuous development and practical use since 2000.

With Freenet you can share files, browse, publish, and chat on forums,
without fear of censorship.

Find and download Freenet at https://freenetproject.org/

1485 testing

[Arne Babenhauserheide]

Hi,

Since we had no test results on the testing-build-1485-pre1, I created
an 1485 now, but kept it marked as pre-release until it gets enough
testing.

It did not go into auto-update yet. I’m working on the release scripts
to make it easier to create testing releases with installers and
everything, but there’s still some way to go (see some of my initial
work in the scripts repo).

https://github.com/freenet/fred/releases/tag/build01485

If no problems are found until the 1st of February, we can first turn
this into a non-pre release (so people can update and test with
./update.sh) and if still no problems are found then, it can go to the
auto-update.

I intentionally split off the plugin, translation and seednodes updates
to avoid delaying this build even more.

So plugin, translation and seednode updates should be coming in 1486.

Please test this! Especially tests of the installers on Windows and
different GNU Linux distributions are important!

User-visible changes since 1484:

- fix a possible reason for the startup loop
- skip file compression where compression typically does not yield much 
improvement
- compressor: skip LZMA (old) if it is not the only requested compression method
- switch to java8 as the minimum required version
- capture fetchKeyBoxAboveBookmarks from the theme as default value
- If there are *.fref files in a peers-offers/ folder, ask user whether to 
connect to them
- Theora fixes thanks to redwerk: we can get Video safely now (the first step 
for streaming)!

More information:

https://github.com/freenet/fred/releases/tag/build01485

You can also test the update over freenet by changing the auto-update
key to

USK@fXwqbboBEN1s2AEOaxhtya4nh6ASGlrDbcYMlKJZcTI,Xw6DyVWgSkRccUc4XqHPD0St95JjQsC-cPK8rzwjp64,AQACAAE/jar/1484
on
http://127.0.0.1:/config/node.updater?fproxyAdvancedMode=2
and restarting freenet

Note however that this will show version 1485, so your node will stand
out until this goes to the general auto-update, because I don’t yet have
the release scripts with infrastructure back at the point where we can
release pre-releases that keep using the old version.

Best wishes,
Arne
--
Unpolitisch sein
heißt politisch sein
ohne es zu merken

Re: Possibility for prioritization of funding allocation

[Arne Babenhauserheide]

Hi Hakimi,

Hakimi Abdul Jabar  writes:
> *take money for Freenet work.*
>
> I thought we all agreed umpteen years ago for our work on Freenet to be pro
> bono like - as in free & voluntary?
>
> It was Freenet that raised the bar on Free & Voluntariness.  Hence,
> commercializing our efforts on the Freenet dev & platform sounds pretty
> contradictory to Ian's original idea & our consensus umpteen years ago.

For most of the lifetime of the Freenet project, Freenet had paid
developers. Most of the time one paid developer: toad.
And this has been the consensus for more than a decade.

So no, we’re not limiting Freenet contributions to those
with enough priviledge that they can afford to work without pay,
and we did not do so in the past.

Also working for pay need not be in conflict with free & voluntary.

The money we have is from donations, and not spending that "to assist in
developing and disseminating technological solutions to further the open
and democratic distribution of information over the Internet or its
successor electronic communication networks or organizations … to
guarantee consenting individuals the free, unmediated, and unimpeded
reception and impartation of all intellectual, scientific, literary,
social, artistic, creative, human rights, and cultural expressions,
opinions and ideas without interference or limitation by or service to
state, private, or special interests … [and] to educate the world
community and be an advocate of these purposes." goes against the
mission of the Freenet Project non-profit. See our donation page:
https://freenetproject.org/pages/donate.html


Best wishes,
Arne


signature.asc
Description: PGP signature

Re: Possibility for prioritization of funding allocation

[Arne Babenhauserheide]

Hi Ian,

That system looks interesting, though from the UX side I think the tasks
should be more visible — more take center stage.

But while we’re talking about funding: Are you in contact with thesnark?
He might be able to take money for Freenet work.

Best wishes,
Arne

Ian Clarke  writes:

> I've been working on a prototype system for democratized resource
> allocation, it's available at http://mediator.ai/.
>
> It's still an early prototype but the important functionality is there.
> Feedback appreciated.


-- 
Unpolitisch sein
heißt politisch sein
ohne es zu merken


signature.asc
Description: PGP signature

Re: Proper form for a public FMS outproxy?

[Arne Babenhauserheide]

yanma...@cock.li writes:

> On 2019-07-20 07:59, Arne Babenhauserheide wrote:
>> Hi,
>>
>> yanma...@cock.li writes:
>>
>>> Now, my idea is this: You set up a public (onion or clearnet) frontend
>>> where you can make and read posts, with its back-end being FMS.
>> …
>>> Frontends would be disposable and dime-a-dozen; a front-end with too
>> To get to this situations, you must make it very, very easy to host
>> them. This might be a major endeavor (but one which would benefit
>> Freenet a lot).
>> …
> Well, would it? You can pass through FMS, and only intercept the parts
> related to posting. You'd also want to intercept the progress screens
> for downloads, which might be a bit harder.

If you want to make it dime-a-dozen, you need to make it easy to install
Freenet with FMS already setup.

> All you'd need to do is write the code that does the filtering.

If you have actual IDs, you must provide a secure way to log in — not
secure against the server, but secure against others users impersonating
you.

Visibility is also based on the ID, otherwise you don’t get real spam
defense (you’d have to rely on the site hoster to manage spam for you).

> What I'm curious about is how the identity generation should
> proceed. In particular, can the WoT have multiple identities sharing
> the same key?

No, and that wouldn’t be a good idea, since they could switch to the
other ID if they’d manage to trick the server into using another public
name.

> That makes implementation much simpler too, since you don't need to
> pass on the IP info or treat onions as a special case. What you could
> do otherwise is to use for instance the Spamhaus RBL. That would block

If you block open proxies, then you exclude all tor users, but you don’t
get real security, because botnets are horribly cheap.

> Doesn't FMS already limit posting rate on the client side?

Not that I know of. It has delay of messages to provide more anonymity.

> Solving an additional captcha per week would be trivial to add.

> This might be overkill though. Adds implementation cost, and now the
> server gets access to non-public information (although it never has to
> save it). Easier to just tell people to make a new identity once a
> month.

The server always has non-public information about the users. The
question is just how to represent it.

>>> Specifically, a user that didn't like this would set list trust of the
>>> master identity to 0. Do you reckon this would happen?
>>
>> Yes, I think this would happen, because one bad apple would spoil the
>> whole identity.
>>
>> But if you would find a way to pre-generate IDs and then assign them to
>> new users (so the standard FMS spam-defense would work), then this idea
>> could work.
>>
>> If the proxy had a main ID which gives trust-list-trust to these IDs,
>> then people could decide whether they want to see the new IDs.
>>
> Well, this is what I'm concerned about. Do you reckon they would
> blacklist the main ID's trust list, because it has too many children
> which are rotten apples?

Yes. It would then be the same as those public IDs (where the secret key
was published intentionally) which get blocked after abuse.

> Then the bots could agree on some protocol; they make posts announcing
> themselves somewhere, and then these are assumed to take effect after
> X seconds. If other bots find X too low, they rate them negatively,
> but they all get to specify X. And a similar parameter, let's call it
> Y.

There are distributed leader election protocols. You could use a simple
bully-protocol
https://en.wikipedia.org/wiki/Leader_election#Asynchronous_ring[3]

> Bots which "jump the gun" would get blacklisted by the other bots
> programmatically. Bots which censor messages would get blacklisted,
> provided they didn't block all messages sent within a certain
> timeframe.

You’d likely have to block them via FMS and only consider bots in the
distributed algorithm which are not blacklisted by given moderator IDs.

> Another question is if FCP already supports a "stripped-down mode",
> where it doesn't expose internal material, only stuff that's on the
> network. I know SIGAINT ran a Freenet <-> Tor proxy, do you know how
> they did it?

There is public gateway mode, but I would not vouch for its security —
it might have deteriorated over the past years of little usage.

Best wishes,
Arne
--
Unpolitisch sein
heißt politisch sein
ohne es zu merken


signature.asc
Description: PGP signature

Re: Proper form for a public FMS outproxy?

[Arne Babenhauserheide]

Hi,

yanma...@cock.li writes:

> Now, my idea is this: You set up a public (onion or clearnet) frontend
> where you can make and read posts, with its back-end being FMS.
…
> Frontends would be disposable and dime-a-dozen; a front-end with too
To get to this situations, you must make it very, very easy to host
them. This might be a major endeavor (but one which would benefit
Freenet a lot).
…
> My idea is that each user posting would get some kind of unique name
> (e.g. truncated salted IP hash, or for Tor users a cookie they need to
> solve say 20 captchas to get - maybe you could do JS PoW or something
> like that). Then the frontend would post with its key but that
> name. It would also assign message trust slightly above zero, but no
> list trust.
>
> Do you think this would work? It's a bit ugly taking the IPs, but not
> disastrously bad. The server wouldn't need to do any IP banning of
> pathological cases. It could carry out basic spam filtering
> (e.g. Bayes), but it wouldn't have to. Captchas might be possible to
> replace with rate limits.

I’m thinking about this as I would an attacker to do. If I did not like
your forums, I would simply DoS them by posting from many different IPs.

Providing this with an ID just tied to solved captchas via cookies could
work. That would then be ephemeral identities. If combined with limited
posting rate and limited lifetime (i.e. solve one additional captcha per
week so you cannot just collect IDs and then use them all at once
without maintenance cost) would prevent using this system to DoS FMS.

> Specifically, a user that didn't like this would set list trust of the
> master identity to 0. Do you reckon this would happen?

Yes, I think this would happen, because one bad apple would spoil the
whole identity.

But if you would find a way to pre-generate IDs and then assign them to
new users (so the standard FMS spam-defense would work), then this idea
could work.

If the proxy had a main ID which gives trust-list-trust to these IDs,
then people could decide whether they want to see the new IDs.

Best wishes,
Arne
--
Unpolitisch sein
heißt politisch sein
ohne es zu merken


signature.asc
Description: PGP signature

Re: [WEBCHAT/IRC] Accessibility for noobs and devs who don't want to authnticate

[Arne Babenhauserheide]

Nicolas Hernandez  writes:

> at one time there was a simple support channel and 'real time' for novice 
> users who are accessing Freenet for the first time.
>
> Alas, today, apparently, the possibility of webchat via irc is no longer 
> possible, in any case, it now faces an authentication request that makes the 
> operation more complex and may be unsuitable (authentication). I think the 
> Freenet community is losing a lot by abandoning this type of support channel

We disabled access without authentication due to too much spam — is that
still necessary? Could we disable the need to be authenticated?

Liebe Grüße,
Arne
-- 
Unpolitisch sein
heißt politisch sein
ohne es zu merken


signature.asc
Description: PGP signature

merging toads simulation speedups?

[Arne Babenhauserheide]

Hi,

We have some pull-requests by toad waiting to be reviewed and merged
which speed up simulations enough that it’s actually viable to simulate
networks on the scale of the current userbase.

It would be cool if someone here could take up those pull-requests,
review them and get them merge-able.

If you’re up for it — just go for it and tell us!

If you need help to get going, please say so and we’ll provide what we
can.

https://github.com/freenet/fred/pull/576
https://github.com/freenet/fred/pull/489
https://github.com/freenet/fred/pull/475
https://github.com/freenet/fred/pull/457
https://github.com/freenet/fred/pull/456

Best wishes,
Arne
-- 
Unpolitisch sein
heißt politisch sein
ohne es zu merken


signature.asc
Description: PGP signature

Linux installer as jar?

[Arne Babenhauserheide]

Hi,

With Java 11 Webstart is no longer part of the official
distribution. JNLP files no longer start by default.

What do you think about just providing the jar?

Or should we try whether we can get the installer compiled with Graal?
https://www.graalvm.org/docs/getting-started/#native-images

Best wishes,
Arne
--
Unpolitisch sein
heißt politisch sein
ohne es zu merken


signature.asc
Description: PGP signature

Re: accessibility of web of trust

[Arne Babenhauserheide]

Hello Craig,

Thank you for writing!

A solution to CAPTCHAs for blind people are audio-CAPTCHAs, which are
already provided in the FMS forum system. These would need to be ported
to the WebOfTrust plugin, though.

See
http://127.0.0.1:/USK@0npnMrqZNKRCRoGojZV93UNHCMN-6UU3rRSAmP6jNLE,~BG-edFtdCC1cSH4O3BWdeIYa8Sw5DfyrSV-TKdO5ec,AQACAAE/fms/-137/

Best wishes, and thank you for using Freenet!
Arne

Craig Mcgee  writes:

> Hello all, my name's Craig, and I thought it best to post this to the 
> development list, rather than support, as it's more of an issue that devs 
> will need to sort out, than a help request, as I already got a friend to help 
> in this instance.
>
> I am totally blind, so use software on my computer that reads everything back 
> to me, like text to speech, but it doesnt read captchas. I have another bit 
> of software that can solve captchas but only one per page, so the web of 
> trust page, for instance, that has 17 or so captchas on it can't cope with 
> it, so this creates an access barrier. Luckily I had a friend I could send 
> over the screen shots of the pages too, to get them to send me back the 
> captchas, but this isn't really the point.
>
> I understand that there needs to be tight security, to stop people creating 
> identities on web of trust, and then using said identities to spam and be 
> trusted inherantly, without proving that they are actually human, and the 
> fact the system is anonymous wouldn't obviously allow for people to use 
> things like twitter or facebook to verify their web of trust identity, but 
> I'm hoping that someone can come up with an idea that is more accessible than 
> captchas, but still keeps out bots. I thought maybe logic questions, or 
> mathematical questions but I dont know if bots are clever enough to 
> understand those, I suspect some are, so i'm not sure of the solution?
>
> Maybe a system where if you are blind you're advised to email either the 
> support or development list with your web of trust ID and ask for someone to 
> validate it and add it to a list of ids that would be manually trusted by 
> developers after it passes some sort of anti spam test. if there was a sudden 
> spike in emails, and say 100 emails came in in five minutes, then the people 
> on the list would be more wary thinking it was spam, as its more manual than 
> the captcha process and this might be the way to do it?
>
> take care
> craig.


-- 
Unpolitisch sein
heißt politisch sein
ohne es zu merken


signature.asc
Description: PGP signature

Re: 1484 hopefully last test, auto-update testing key

[Arne Babenhauserheide]

Hi,

I just force-pushed an update to the 1484 tag since the change in
default theme and some strings had not been added

Sorry for the inconvenience :/

Best wishes,
Arne


Arne Babenhauserheide  writes:

> Hi,
>
> I inserted Freenet build 1484 to the following *testing* update key. If
> you want to test it, you can use the key as auto-update key (please
> remember to switch back tot he official key after testing!):
>
> USK@fXwqbboBEN1s2AEOaxhtya4nh6ASGlrDbcYMlKJZcTI,Xw6DyVWgSkRccUc4XqHPD0St95JjQsC-cPK8rzwjp64,AQACAAE/jar/1483
>
> Release-announcement:
> SSK@fXwqbboBEN1s2AEOaxhtya4nh6ASGlrDbcYMlKJZcTI,Xw6DyVWgSkRccUc4XqHPD0St95JjQsC-cPK8rzwjp64,AQACAAE/changelog-1484?type=text/plain
>
> Changelog:
> SSK@fXwqbboBEN1s2AEOaxhtya4nh6ASGlrDbcYMlKJZcTI,Xw6DyVWgSkRccUc4XqHPD0St95JjQsC-cPK8rzwjp64,AQACAAE/fullchangelog-1484?type=text/plain
>
> The build included here is a followup build from several tests already
> released as pure jar+sources over the past weeks and has been on github
> since yesterday evening:
> https://github.com/freenet/fred/releases/tag/build01484
>
> The planned data was last weekend, and I’m sorry that it got delayed by
> one more week. The release VM only works well enough to release, when
> virtualization is enabled in the BIOS so qemu can use KVM. That took
> quite a few hours to find out …
>
> If we don’t find new blockers, I’ll release to the official auto-update
> keys (Java 7 + Java 8) this weekend. After release, please run the
> verify-build to ensure that what is released as jar corresponds to the
> released sources.
>
> Best wishes,
> Arne


-- 
Unpolitisch sein
heißt politisch sein
ohne es zu merken


signature.asc
Description: PGP signature

1484 hopefully last test, auto-update testing key

[Arne Babenhauserheide]

Hi,

I inserted Freenet build 1484 to the following *testing* update key. If
you want to test it, you can use the key as auto-update key (please
remember to switch back tot he official key after testing!):

USK@fXwqbboBEN1s2AEOaxhtya4nh6ASGlrDbcYMlKJZcTI,Xw6DyVWgSkRccUc4XqHPD0St95JjQsC-cPK8rzwjp64,AQACAAE/jar/1483

Release-announcement:
SSK@fXwqbboBEN1s2AEOaxhtya4nh6ASGlrDbcYMlKJZcTI,Xw6DyVWgSkRccUc4XqHPD0St95JjQsC-cPK8rzwjp64,AQACAAE/changelog-1484?type=text/plain

Changelog:
SSK@fXwqbboBEN1s2AEOaxhtya4nh6ASGlrDbcYMlKJZcTI,Xw6DyVWgSkRccUc4XqHPD0St95JjQsC-cPK8rzwjp64,AQACAAE/fullchangelog-1484?type=text/plain

The build included here is a followup build from several tests already
released as pure jar+sources over the past weeks and has been on github
since yesterday evening:
https://github.com/freenet/fred/releases/tag/build01484

The planned data was last weekend, and I’m sorry that it got delayed by
one more week. The release VM only works well enough to release, when
virtualization is enabled in the BIOS so qemu can use KVM. That took
quite a few hours to find out …

If we don’t find new blockers, I’ll release to the official auto-update
keys (Java 7 + Java 8) this weekend. After release, please run the
verify-build to ensure that what is released as jar corresponds to the
released sources.

Best wishes,
Arne
--
Unpolitisch sein
heißt politisch sein
ohne es zu merken


signature.asc
Description: PGP signature

test release 1484-pre1

[Arne Babenhauserheide]

Hi,

I created a pre-release for 1484. It would be great, if you could give
it some testing!

https://github.com/freenet/fred/releases/tag/testing-build-1484-pre1

https://github.com/freenet/fred/releases/download/testing-build-1484-pre1/freenet-build01483-180-g5e5ff7d548-snapshot.jar
https://github.com/freenet/fred/releases/download/testing-build-1484-pre1/freenet-build01483-180-g5e5ff7d548-source.tar.bz2

This is a **TESTING** release.

To help testing it, just stop your freenet node, replace freenet.jar,
freenet.jar.new and freenet-stable-latest with the freenet.jar file,
then start your node again.

Then try to listen to this song:

CHK@tOwwq70fTosZuCnpZP4j1vMkEKiFuRIblmC351CbgpE,w6BTgWSJBDOM1~lWnsE83K2gOv3huEGHzSPWFBN4xFc,AAMC--8/infinite-hands-free-software.flac

It should display directly in your browser. The theora video-filter is
still a bit overzealous, so not all files will work right-away. The next
step is then to get it polished and to test m3u files. That’s the first
step towards secure and convenient multimedia over Freenet.

Changes:

- increase scaling to 3 again because old 1480 nodes otherwise slow down 
updated nodes
- plugin manager cleanup: more readable code
- new ogg theora, vorbis, flac filter: can show ogg-files! (but theora is still 
brittle)
- m3u filter: can stream playlists
- make winterfacey theme the default
- Sharesite updated to 0.4.7: With protection against time zone leakage → ready 
for being active by default.

See the changes at https://github.com/freenet/fred/pull/649

Best wishes,
Arne
--
Unpolitisch sein
heißt politisch sein
ohne es zu merken


signature.asc
Description: PGP signature

measurement: the thread priority fix resolves 1481 windows performance issues

[Arne Babenhauserheide]

Hi,

The thread priority fixes seem to work[1]. However there are reports
that downloads of uncompressed files get corrupted when restarting
Freenet:

> It also still corrupts downloads of files that were inserted without 
> compression on stopping and restarting Freenet.  Also, it leaves behind the 
> "orphaned" temp file in my downloads directory when I cancel and restart 
> those corrupted downloads.
— 
SSK@BKc5LtaIdeM6QMIoutwtG3tDa8iZoY8C5QN7u9dwHec,RK7kB6rAwbqQJ9XztTdNPNdd8yk1kNo79NzqEZNNIwU,AQACAAE/fms|2018-11-17|Message-1

We still have some way to go to get the new builds with Gradle and JNA
back into the quality of the version before, but we’re getting there.

If you want a Hackathon topic, it would be cool if you could investigate
the corruption of downloads.

Besides: We now have an estimate of Java 7 usage among people who use
pure auto-update: I am inserting the Java 7 update for 1482 today, but
for Java 8 I inserted two days ago. Therefore all those still on 1481 as
of *now*[2] minus all those still on 1481 tomorrow were still using Java
7. Currently (at 3400 minutes into the release) 2 out of ~30 use
1481. If that goes to zero tomorrow, we know that we have around 7%
users on Java 7 — roughly 400 users.[3]

Another interesting point: around one in three of our users manually
downgraded to 1480 again, so we have a high proportion of users who are
tech savvy enough to manage their nodes (or who have good
backups). Which I think is a good thing.


Where to go from here
-

I want to release 1483 with the thread priority fix tomorrow. It would
be cool to be able to add some improvements from the hackathon, too.

If 1483 resolves the problems for Windows users, we can look into
increasing the peer count again. Ideal to see the effect would be if we
could collect several stats for "Success rates by HTL (remote bulk
fetches)" and "Success rates by HTL (remote realtime fetches)" from the
current (low) peer count and an increased peer-count. That will give us
an estimate of the average hops a request needs to reach its target. To
provide serious anonymity, we should have *at least* three hops on
average.


[2]: spreading of 1482: 
USK@CQFyzDofVhBmeHN5VcCMWaULAttLNY3bUBMhcJWiGks,X-frg11rtR037GuwC3ndhwHZm5WByWKeO9i2LMF13DQ,AQACAAE/watch-1482/186/

[3]: according to the probe statistics we have around 5000-6000 active nodes
right now:
USK@WMa1Z40iYdZZ51yctQ3toFl9zuuFEnNdsm3NejJU5KE,jCBcaNBeKD5~sSQeSkyKz737Bh5ibBGqdzfD8mgfdMY,AQACAAE/statistics/371/

Best wishes,
Arne

[1]: the measurements are from FMS:

> Test with 1480, 1481 (original and nextgens commit without the reduced 
> peer-count patches), 1482 (original and with nextgens commit).
> Time started with the first connected peer, then first measurement after 15 
> minutes, because freenet takes some time (5-8 min) to stabilize. Second 
> measurement after 30 minutes.
> CPU values are now averaged over (the last) 15 minutes (meaning the spikes 
> are included, so the values are a bit higher than the above).
>
> Results:
> RAM usage is consistently a lot higher with 1481/1482.
> Nextgens patch seems to reduce RAM usage a lot (still higher than 1480).
> Network speeds are a lot lower with 1482.
> Nextgens patch applied to either 1481 or 1482 reduces CPU usage significantly.
> => If you release 1482, make sure you have nextgens patch applied.
>
>
>
> 1480:
> - 15min: 128 MB; 16/19 peers; 59.4/56.6 KiB D/U;
> - 30min: 107 MB; 15/19 peers; 52.5/48.9 KiB D/U; 2.90% CPU
>
>
>
> 1481:
> - 15min: 557 MB; 16/19 peers; 45.5/40.5 KiB D/U;
> - 30min: 459 MB; 18/19 peers; 50.4/45.9 KiB D/U; 4.26% CPU
>
> 1481 (nextgens):
> - 15min: 275 MB; 15/19 peers; 47.1/44.7 KiB D/U;
> - 30min: 169 MB; 15/19 peers; 49.6/48.9 KiB D/U; 3.01% CPU
>
>
>
> 1482:
> - 15min: 471 MB; 10/12 peers; 19.0/17.8 KiB D/U;
> - 30min: 509 MB; 10/12 peers; 19.0/18.1 KiB D/U; 2.68% CPU
>
> 1482 (nextgens):
> - 15min: 200 MB; 9/12 peers; 19.2/18.5 KiB D/U;
> - 30min: 145 MB; 11/12 peers; 19.4/18.6 KiB D/U; 2.15% CPU
— 
SSK@vRVILhDSHOnxWBnmeLXCCtTqaXkR6Td8XoI8K4nabDs,NZesW44VfZBk4Blu7bSu8HggVNyHxDlJLyicWUMBV2Q,AQACAAE/fms|2018-11-16|Message-0

> I haven't tried the nextgens patch as yet, but I can say 1482 is marginally 
> better than 1481 CPU usage-wise.
>
> 1481 consistently used 20-40% CPU for me, with occasional spikes higher.  
> 1482 sits at 2-5% much of the time, but frequently spikes into the 30-40% 
> range for 30-60 seconds at a time.  1480 rarely went over 1.5% CPU usage.
>
> 1482 also still has the bug of corrupting downloads of files that were 
> inserted without compression when you stop and restart Freenet.
— 
SSK@BKc5LtaIdeM6QMIoutwtG3tDa8iZoY8C5QN7u9dwHec,RK7kB6rAwbqQJ9XztTdNPNdd8yk1kNo79NzqEZNNIwU,AQACAAE/fms|2018-11-17|Message-0



--
Unpolitisch sein
heißt politisch sein
ohne es zu merken


signature.asc
Description: PGP signature

Re: Freenet's Hackathon (second edition)

[Arne Babenhauserheide]

darcos...@protonmail.com writes:
> Le dimanche 11 novembre 2018 23:30, Mar Arribas Ortolà 
>  a écrit:
>
>> If it's a need, I can do translations english-spanish (And, if we're
>> really bored, catalan).
> I can do the same things in french.

That sounds great!

Thank you!

Best wishes,
Arne
-- 
Unpolitisch sein
heißt politisch sein
ohne es zu merken


signature.asc
Description: PGP signature

testing insert for 1482 emergency release, please help testi

[Arne Babenhauserheide]

Hi,

To help with testing 1482, please set this as your auto-update key: 

USK@dLxKiIFKlfhgdgkYNlHoGoSO~KWRYPTkdbWfznZyatg,OwghtrmoY5Mj~1pfUHbo308FHZyTVwXfEXNX5C2EKT8,AQACAAE/jar/1481

The insert to the testing key is already running

This is also available on github as pre-release: 
https://github.com/freenet/fred/releases/tag/build01482


Release notes:

Freenet 0.7.5 build 1482 is now available. [overview]

This release addresses increased CPU load in 1481 by reducing
the peer-count by 30%. The lower number of peers should reduce
the necessary work for routing. Since all nodes reduce their peercount,
the bandwidth per peer rises, so the speeds should stay the same.

Also 1482 applies the winterfacey theme adaptions by poet.
You can test the winterfacey theme by activating it in
Configuration -> Web interface.

Thank you for using Freenet!

- Arne Babenhauserheide

Developer changelog:

2018-11-11

Changes in 1482:

This is an emergency fix to address doubled to tripled CPU load in 1481.

- reduce opennet peernumber scaling_constant from 4 to 1.61803.
  Reduced peer-count should reduce the CPU load from routing.
  Since all reduce their peercount, the bandwidth per peer rises,
  and bandwidth should stay the same.
- reduce log level of removing wrong node or removing twice to minor
- apply the winterfacey adaptions by poets

- Arne Babenhauserheide

[include shortlogs of any installer or plugin changes]

---
Arne Babenhauserheide (3):
  reduce peer count scaling from 4 to 2.5
  cut the peer count scaling to 1.61803: 10K has 4 peers
  update scaling constant in comment, too

Arne Babenhauserheide (freenet releases) (3):
  reduce log level of removing wrong node or removing twice to minor
  Update default bookmark editions
  Build 1482

poets@FMS (1):
  winterfacey adaptions by poets
-- 
Unpolitisch sein
heißt politisch sein
ohne es zu merken


signature.asc
Description: PGP signature

hotfixes for 1481, take one: reduce peer count scaling

[Arne Babenhauserheide]

Hi,

I prepared an emergency fix because some of our users with the biggest
bandwidth report big problems with CPU load. They report that the update
from 1480 to 1481 increased their CPU load by factor 2 to factor
3. Since in the merge from master to merge we kept the min bandwidth
requirements of 10kB/s, the lowest peer count will be 4, which still
suffices for scaling (as shown by the link length fix).

Risk: Users might complain that their target peers are reduced, because
they don’t understand that this change does not reduce the bandwidth
they can use (because the bandwidth per peer is increased if the
peer-count decreases network-wide, and caching should actually become
more effective, countering potential problems due to longer paths).

Please comment on the pull-request:

https://github.com/freenet/fred/pull/646

I’d like to get this into testing tomorrow, since I won’t have lots of
time during the week.

(actually I’d prefer to release this tomorrow to see over the next week
whether it suffices to improve the user experience again)


As fallback, here’s the diff:

diff --git a/src/freenet/node/OpennetManager.java 
b/src/freenet/node/OpennetManager.java
--- a/src/freenet/node/OpennetManager.java
+++ b/src/freenet/node/OpennetManager.java
@@ -190,12 +190,16 @@ public class OpennetManager {
/** Enable scaling of peers with bandwidth? */
public static final boolean ENABLE_PEERS_PER_KB_OUTPUT = true;
/** Constant for scaling peers: we multiply bandwidth in kB/sec by this
-* and then take the square root. scaling at 4 gives 4 peers at 5K,
-* 5 at 7K, 6 at 10K, 9 at 20K, 11 at
-* 30K, 15 at 60K, 20 at 100K, 24 at 140K, 100 at 2500K.
-* 122 at 30mbit/s (the mean upload in Japan in 2014) and
-* 210 at 88mbit/s (the mean upload in Hong Kong in 2014).*/
-   public static final double SCALING_CONSTANT = 4.0;
+* and then take the square root. Minimum is MIN_PEERs_FOR_SCALING.
+ * 
+ * (define (peers kbps) (sqrt (* kbps scaling)))
+ * 
+ * Scaling at 2.5 gives 4 peers at 5K (min peers),
+* 4 at 7K, 4 at 10K, 6 at 20K, 7 at 30K, 10 at 60K, 
+ * 13 at 100K, 15 at 140K, 63 at 2500K.
+* 78 at 30mbit/s (the mean upload in Japan in 2014) and
+* 133 at 88mbit/s (the mean upload in Hong Kong in 2014).*/
+   public static final double SCALING_CONSTANT = 1.61803; // for Euclid 
and Pythagoras!
/**
 * Minimum number of peers. As a rough estimate, because the vast 
majority
 * of requests complete in 5 hops, 10 peers give just one binary 
decision
diff --git a/src/freenet/node/UIDTag.java b/src/freenet/node/UIDTag.java
--- a/src/freenet/node/UIDTag.java
+++ b/src/freenet/node/UIDTag.java
@@ -158,13 +158,18 @@ public abstract class UIDTag {
 * @param next The node we are no longer routing to.
 */
public void removeRoutingTo(PeerNode next) {
-   if(logMINOR)
+   if(logMINOR) {
Logger.minor(this, "No longer routing to "+next+" on 
"+this, new Exception("debug"));
+   }
boolean noRecordUnlock;
synchronized(this) {
-   if(currentlyRoutingTo == null) return;
+   if(currentlyRoutingTo == null) {
+   return;
+   }
if(!currentlyRoutingTo.remove(next)) {
-   Logger.warning(this, "Removing wrong node or 
removing twice? on "+this+" : "+next, new Exception("debug"));
+   if(logMINOR) {
+   Logger.minor(this, "Removing wrong node 
or removing twice? on "+this+" : "+next, new Exception("debug"));
+   }
}
if(handlingTimeouts != null) {
handlingTimeouts.remove(next);
@@ -172,7 +177,9 @@ public abstract class UIDTag {
if(!mustUnlock()) return;
noRecordUnlock = this.noRecordUnlock;
}
-   if(logMINOR) Logger.minor(this, "Unlocking "+this);
+   if(logMINOR) {
+   Logger.minor(this, "Unlocking "+this);
+   }
innerUnlock(noRecordUnlock);
}



Best wishes,
Arne
--
Unpolitisch sein
heißt politisch sein
ohne es zu merken


signature.asc
Description: PGP signature

Freenet 0.7.5 build 1481 released

[Arne Babenhauserheide]

Freenet 0.7.5 build 1481 is now available


The Freenet Team is proud to release Freenet build 1481, the first
build to be compiled from gradle! This concludes work during the past
two years to make it easier for new developers to start hacking on
Freenet.

Your Freenet node should update itself from Freenet via the auto-update.
To install a new node, get an installer from
https://freenetproject.org/pages/download.html


This release rekeys the update URIs to ensure they are compliant with
RFC6979. It also splits off java 7 into its own update key for 1482,
so we can use java 8 starting with 1483. The updated keys have been
split into shares using -split and distributed among core
developers to maximize our release management bus factor:
https://en.wikipedia.org/wiki/Bus_factor


We also added the Winterfacey theme and set sky-static as default
theme until Winterfacey got more testing. You can test switch between
themes on Configuration -> Web Interface


Thank you for using Freenet!


And a special thank you to DC* (desyncr) who tracked down an OOM so we
could finally fix it and release after 6 weeks of fruitless search!


- Arne Babenhauserheide, current release manager


About Freenet:
Freenet is free software which lets you anonymously share files, browse
and publish "freesites" (web sites accessible only through Freenet) and
chat on forums, without fear of censorship. Freenet is decentralised to
make it less vulnerable to attack, and if used in "darknet" mode, where
users only connect to their friends, is very difficult to detect.
See https://freenetproject.org/pages/about.html


---


Developer changelog:

2018-10-16

Changes in 1481:

Switch to gradle. If you block network access of your development box,
you can use ./gradlew --offline jar test (you will then need to get
the dependencies yourself).

Switch from JNI (Java Native Interfaces) to JNA (Java Native
Access). This might allow getting rid of hard-to-build
freenet-ext.jar.

This also means that you need jna-4.2.2.jar and jna-platform-4.2.2.jar
in your freenet folder. The auto-updater takes care of that for you.
If you update manually by copying in new jar-files, you need to adapt
the classpath in wrapper.conf or in run.sh (if you do not use the wrapper).

Added a workaround for JNA bug in multi-user system: move tempdir into
the freenet folder: java.io.tmpdir=./tmp/; Needed until
https://github.com/java-native-access/jna/issues/985 is fixed
upstream.

Changes to update keys: Rekey the update URIs to ensure they are
RFC6979. Split off java 7 into its own update key for 1482, so we can
use java 8 starting with 1483. The updated keys have been split into
shares using -split and distributed among core developers. See
https://github.com/freenet/scripts/blob/master/generate_autoupdate_key

Add Winterfacey theme. Set sky-static as default theme until
Winterfacey got more testing.

Further changes:

- Fix commons-compress bug, might help fix the Gentoo ebuild.
- Execute in background mode (reduced I/O priority) on windows NT6+.
- Override list request identifier
- use fallocate
- ipv6 fixes
- fix warnings
- optimization
- Persist "Bookmark Updated" notifications across restarts
- minimum bandwidth increased to 10KiB again
- undo update of pinned SSL certificates (site no longer exists)
- Add support for GIF89a
- Fix wrapped FCP message
- Add config option to allow caching of CHK and SSK keys
- bookmarks: fix jumping layout (missing activelink)
- reduce thread usage.
- Prepare for Java 8 - 1482 will be the last build to support Java 7.

A heartfelt thank you to all involved!

And a special thank you to DC* (desyncr) who tracked down an OOM so we could 
finally fix it and release after 6 weeks of fruitless search!

- Arne Babenhauserheide

---

shortlog:

Arne Babenhauserheide (7):
  add task ./gradlew tar, still pretty rough
  wrapper.conf: add JNA tmpdir on update if it is not yet set
  commit COMPRESS-449 workaround, see 
https://freenet.mantishub.io/view.php?id=6921, thanks to dennisne
  always use BouncyCastle in KeyGenUtils
  use a SkipShieldingInputStream as commons compress workaround
  use the SkipShieldingInputStream
  gradle: apply compatibility mode to all classes, not just to Version.java

Arne Babenhauserheide (freenet releases) (24):
  update version to 1480 to be in sync with master
  remove unnecessary TODO
  remove stray files
  remove stray import
  Update default bookmark editions
  add 1480 section to NEWS
  increase minimum bandwith to 10KiB again
  adjust wizard and comment to increased min bandwidth
  fix typo (found by TheSeeker)
  Build 1481
  undo SSL certificates switched to AWS
  add jna-platform and order
  Update default bookmark editions
  Update default bookmark editions
  Build 1481
  Update default bookmark editions
  KeyGenUtils: re-use the bouncy castle instance to avoid the 

Re: final final test release of 1481

[Arne Babenhauserheide]

The insert is finally running.

You can watch it spread in almost-realtime:

http://127.0.0.1:/USK@IJtoXv08j4bpqh7IBSVtokneXPFqBhjD~IBWHJWo8KY,ttFryeQK7tkHHXcWc~6iW7WyEW8OWIxzBNHBr5Yc~MU,AQACAAE/watch-1481/-1/

The site is also available via my whitelisting inproxy
(though the cache might serve outdated versions):

https://d6.gnutella2.info/freenet/USK@IJtoXv08j4bpqh7IBSVtokneXPFqBhjD~IBWHJWo8KY,ttFryeQK7tkHHXcWc~6iW7WyEW8OWIxzBNHBr5Yc~MU,AQACAAE/watch-1481/-5/

Best wishes,
Arne

DC*  writes:

> Great news! I've been running 1481 without issues for weeks!
>
> Best regards
>
> On November 6, 2018 5:41:35 PM GMT-03:00, Arne Babenhauserheide 
>  wrote:
>>Hi Steve,
>>
>>Thank you very much!
>>
>>It’s finally time to insert the release!
>>
>>Best wishes,
>>Arne
>>
>>Steve Dougherty  writes:
>>
>>> I haven't tested beyond running the build that was originally tagged
>>1481, (so c4b1caa16819937bc7c368f74e7deea16cc9b263 I think?) and have
>>no reasons to suggest the release be further delayed.
>>>
>>> I was able to verify the build on an updated Debian Jessie VM, and
>>set up doing the same with a Docker build, inspired by how Signal does
>>it. It has to run sed to disable ECDSA or the TLS connection to
>>download the Gradle wrapper will fail due to a Java bug apparently. The
>>command Docker runs could be `./gradlew jar` were it not for that. The
>>rest of my message is a log of doing so (the weird syntax for pwd is
>>because of Fish shell):
>>>
>>> steve@monolith /tmp> git clone ~/Documents/Coding/freenet/fred
>>> steve@monolith /tmp> cd fred
>>> steve@monolith /t/fred (master)> wget
>>https://gist.github.com/Thynix/f02f9ba33e296d037defd60972dd39fd/raw/55996e4ba863ba568efdc5d53d7a7bb3086a1723/build.sh
>>>

Re: final final test release of 1481

[Arne Babenhauserheide]

ore/1.9.5/mockito-core-1.9.5.pom
> Download 
> https://jcenter.bintray.com/org/bouncycastle/bcprov-jdk15on/1.59/bcprov-jdk15on-1.59.pom
> Download 
> https://jcenter.bintray.com/net/java/dev/jna/jna-platform/4.2.2/jna-platform-4.2.2.pom
> Download 
> https://jcenter.bintray.com/org/hamcrest/hamcrest-library/1.3/hamcrest-library-1.3.pom
> Download 
> https://jcenter.bintray.com/org/hamcrest/hamcrest-parent/1.3/hamcrest-parent-1.3.pom
> Download 
> https://jcenter.bintray.com/org/hamcrest/hamcrest-core/1.3/hamcrest-core-1.3.pom
> Download 
> https://jcenter.bintray.com/org/objenesis/objenesis/1.0/objenesis-1.0.pom
> Verifying org.bouncycastle:bcprov-jdk15on
> Download 
> https://jcenter.bintray.com/org/bouncycastle/bcprov-jdk15on/1.59/bcprov-jdk15on-1.59.jar
> Verifying net.java.dev.jna:jna-platform
> Download 
> https://jcenter.bintray.com/net/java/dev/jna/jna-platform/4.2.2/jna-platform-4.2.2.jar
> Verifying net.java.dev.jna:jna
> Download https://jcenter.bintray.com/net/java/dev/jna/jna/4.2.2/jna-4.2.2.jar
> Verifying org.freenetproject:freenet-ext
> Download 
> https://mvn.freenetproject.org/org/freenetproject/freenet-ext/29/freenet-ext-29.jar
> Verifying junit:junit
> Download https://jcenter.bintray.com/junit/junit/4.12/junit-4.12.jar
> Verifying org.mockito:mockito-core
> Download 
> https://jcenter.bintray.com/org/mockito/mockito-core/1.9.5/mockito-core-1.9.5.jar
> Verifying org.hamcrest:hamcrest-library
> Download 
> https://jcenter.bintray.com/org/hamcrest/hamcrest-library/1.3/hamcrest-library-1.3.jar
> Verifying org.hamcrest:hamcrest-core
> Download 
> https://jcenter.bintray.com/org/hamcrest/hamcrest-core/1.3/hamcrest-core-1.3.jar
> Verifying org.objenesis:objenesis
> Download 
> https://jcenter.bintray.com/org/objenesis/objenesis/1.0/objenesis-1.0.jar
> :buildInfo UP-TO-DATE
> :compileJava UP-TO-DATE
> :compileVersion UP-TO-DATE
> :copyResourcesToClasses2 UP-TO-DATE
> :processResources NO-SOURCE
> :jar UP-TO-DATE
>
> BUILD SUCCESSFUL in 19s
> 4 actionable tasks: 4 up-to-date
> SHA-256 of freenet.jar: 
> f4673bf5e5c416e3e346183c45b6b29bea152646d12801050ad768159e8d7c11
>
> ‐‐‐ Original Message ‐‐‐
> On Saturday, October 27, 2018 6:44 AM, Arne Babenhauserheide 
>  wrote:
>
>> (testing update key at the end)
>> 
>
>> > On 2018-10-24 19:05, Arne Babenhauserheide wrote:
>> > 
>
>> > > Please give it some now hopefully truly final testing:
>> > > https://github.com/freenet/fred/releases/tag/build01481
>> > > Installers:
>> > > → *nix:
>> > > https://github.com/freenet/fred/releases/download/build01481/new_installer_offline_1481.jar
>> > > → Windows:
>> > > https://github.com/freenet/fred/releases/download/build01481/FreenetInstaller-1481.exe
>> > > (add .sig for the PGP signature, the OSX installer will follow once
>> > > mrsteveman1 has time).
>> 
>
>> The installers are updated, please test them again!
>> 
>
>> > > I’m sorry that this adds another week to the release date. I’m also
>> > > still waiting for confirmation by anonymous@6KMY4DVjZ… on FMS whether
>> > > the breakage reported was due to missing the jna files. If that’s
>> > > resolved, there are no more release blockers I know of.
>> 
>
>> anonymous@6KMY4DVjZ… answered that the problems were indeed due to
>> copying in the jar-file manually. When adding the libraries and and
>> modifying wrapper.conf so that the libs are on the classpath, the update
>> worked.
>> 
>
>> > > I plan to upload this true true real final release to a new testing key
>> > > the next days so we can do another full update cycle test (install 1480,
>> > > change the update key, watch freenet update to 1481 over Freenet,
>> > > celebrate). And then get this release truly fully done.
>> 
>
>> Here’s the update key for the TESTING release which you can add 
>> onhttp://127.0.0.1:/config/node.updater?fproxyAdvancedMode=2
>> 
>
>> USK@dLxKiIFKlfhgdgkYNlHoGoSO~KWRYPTkdbWfznZyatg,OwghtrmoY5Mj~1pfUHbo308FHZyTVwXfEXNX5C2EKT8,AQACAAE/jar/1480
>> — ONLY FOR TESTING! REMOVE IT AFTERWARDS!
>> 
>
>> Does the Java webstart installer of 1480 work for you?
>> 
>
>> https://freenetproject.org/assets/jnlp/freenet.jnlp?1480
>> 
>
>> for me it currently takes ages to download the actual installer from
>> github.
>> 
>
>> With ages I mean, it takes minutes to download (with no progress) and
>> then 5 more minutes until it shows the setup dialog. Something is broken
>> there … (this is with icedtea-web, note that Oracle has removed webstart
>> from Java 9, we’ll need to find out how to cope with that.
>> 
>
>> Best wishes,
>> Arne
>> 
>
>> --
>> 
>
>> Unpolitisch sein
>> heißt politisch sein
>> ohne es zu merken


-- 
Unpolitisch sein
heißt politisch sein
ohne es zu merken


signature.asc
Description: PGP signature

Re: Freenet's Hackathon (second edition)

[Arne Babenhauserheide]

DC*  writes:
> - Web interface changes (translations, enhancements, bug fixes)
> - Installers bug fixes
> - Website translations and visual enhancements
> - Testing, documentation and code reviews
>
> @Arne Do you have a list of tasks you'll like to see included?

Some more things I see which should be viable in a Hackathon and can
make a big difference:

- add "send confidential message" button to friends page, instead
  of hiding the n2ns in a dropdown list.

- fix freemail to be robust against missing IDs in WoT (and other corner
  cases).

- offer upgrade of the connection speed on upgrade, if auto-detected
  speed is much higher than the set speed, or even better: if the
  detected speed increased significantly since the last offer.

- simplify add-friend (remove unnecessary decisions, i.e. "only show
  name" can go, and there should be a default for everything).

- remove browser-info in wizard when the browser is safe.

- offer new first-time setup wizard if the user has javascript. Layout
  and behavior are already done, just need to be integrated:
  https://freenet.mantishub.io/view.php?id=6020

- If there are *.fref files in a peers-offers/ folder, ask user whether
  to connect to them. That would be a step towards introduction bundles:
  You can manually build an installer which auto-connects to you.

- Live stream the Hackathon presentations over Freenet (if we get 1482
  released till then (with m3u support): just put all the to-be-uploaded
  mp3-segments into an m3u list and then create them with the ffmpeg
  segment muxer: https://superuser.com/a/999560/45469 — then people can
  listen with streaming-capable music players)

- Flircp with privacy by default: announce either at a fixed hour of day
  or when the user wrote something. Add "duplicate" flag (or similar),
  so messages can be repeated for users who see the ID later without
  showing up twice. Avoid any kind of heartbeat message. High-security
  mode by default: aggregate messages and send them together with random
  delay each at a fixed hour of day (randomly chosen when the ID is
  created). Add an "send immediately" option with a privacy warning, so
  only those who do not worry about connecting the Flircp ID with their
  real name would use it.

- Get Freenet running on an android phone (initially with fixed settings
  like in-memory store) and upload it to

- Connect with others on the Hackathon using the Icicle app:
  https://github.com/louboco/Icicle

Best wishes,
Arne
--
Unpolitisch sein
heißt politisch sein
ohne es zu merken


signature.asc
Description: PGP signature

Re: final final test release of 1481

[Arne Babenhauserheide]

(testing update key at the end)
> On 2018-10-24 19:05, Arne Babenhauserheide wrote:
>> Please give it some now hopefully truly final testing:
>>
>> https://github.com/freenet/fred/releases/tag/build01481
>>
>> Installers:
>> → *nix:
>> https://github.com/freenet/fred/releases/download/build01481/new_installer_offline_1481.jar
>> → Windows:
>> https://github.com/freenet/fred/releases/download/build01481/FreenetInstaller-1481.exe
>>
>> (add .sig for the PGP signature, the OSX installer will follow once
>>  mrsteveman1 has time).

The installers are updated, please test them again!

>> I’m sorry that this adds another week to the release date. I’m also
>> still waiting for confirmation by anonymous@6KMY4DVjZ… on FMS whether
>> the breakage reported was due to missing the jna files. If that’s
>> resolved, there are no more release blockers I know of.

anonymous@6KMY4DVjZ… answered that the problems were indeed due to
copying in the jar-file manually. When adding the libraries and and
modifying wrapper.conf so that the libs are on the classpath, the update
worked.

>> I plan to upload this true true real final release to a new testing key
>> the next days so we can do another full update cycle test (install 1480,
>> change the update key, watch freenet update to 1481 over Freenet,
>> celebrate). And then get this release truly fully done.

Here’s the update key for the TESTING release which you can add on 
http://127.0.0.1:/config/node.updater?fproxyAdvancedMode=2

USK@dLxKiIFKlfhgdgkYNlHoGoSO~KWRYPTkdbWfznZyatg,OwghtrmoY5Mj~1pfUHbo308FHZyTVwXfEXNX5C2EKT8,AQACAAE/jar/1480
— ONLY FOR TESTING! REMOVE IT AFTERWARDS!


Does the Java webstart installer of 1480 work for you?

https://freenetproject.org/assets/jnlp/freenet.jnlp?1480

for me it currently takes ages to download the actual installer from
github.

With ages I mean, it takes minutes to download (with no progress) and
then 5 more minutes until it shows the setup dialog. Something is broken
there … (this is with icedtea-web, note that Oracle has removed webstart
from Java 9, we’ll need to find out how to cope with that.

Best wishes,
Arne
--
Unpolitisch sein
heißt politisch sein
ohne es zu merken


signature.asc
Description: PGP signature

final final test release of 1481

[Arne Babenhauserheide]

Hi,

I had to add some more fixes to run.sh to ensure that the classpath
includes jna and jna-platform. I updated the pre-release with the new
files and added a note for those who update by copying in the jar:

> This also means that you need jna-4.2.2.jar and jna-platform-4.2.2.jar
> in your freenet folder. The auto-updater takes care of that for you.
> If you update manually by copying in new jar-files, you need to adapt
> the classpath in wrapper.conf or in run.sh (if you do not use the wrapper).

Please give it some now hopefully truly final testing:

https://github.com/freenet/fred/releases/tag/build01481

Installers:
→ *nix: 
https://github.com/freenet/fred/releases/download/build01481/new_installer_offline_1481.jar
→ Windows: 
https://github.com/freenet/fred/releases/download/build01481/FreenetInstaller-1481.exe

(add .sig for the PGP signature, the OSX installer will follow once
 mrsteveman1 has time).

Thanks to jamesaxl from #freenet on Freenode for finding this problem on BSD!


I’m sorry that this adds another week to the release date. I’m also
still waiting for confirmation by anonymous@6KMY4DVjZ… on FMS whether
the breakage reported was due to missing the jna files. If that’s
resolved, there are no more release blockers I know of.


I plan to upload this true true real final release to a new testing key
the next days so we can do another full update cycle test (install 1480,
change the update key, watch freenet update to 1481 over Freenet,
celebrate). And then get this release truly fully done.


Sidenote: the statistics site should soon work again. I switched pyProbe
from enum to enum34 to resolve a dependency conflict with the
cryptography package (that needs enum34, but user-installed enum can
override that and cause undecipherable errors).


Best wishes,
Arne


Arne Babenhauserheide  writes:

> Steve Dougherty  writes:
>> Hooray! I was able to verify this build on my Debian Jessie box:
> Nice! Thank you for checking!
>
>> Thank you for your work, both of you! :)
>
> Thank you for verifying the build, and for your work on preparing the
> new keys! There’s a lot of work which finally gets released in this build.
>
>> - Steve
>>
>> PS: This is my first time trying ProtonMail's "sign message" function;
>> assuming it works my ProtonMail key fingerprint is listed here:
>> https://www.asksteved.com/?page_id=2
>
> My mu4e tells me that your sig was verified.
>
> Best wishes,
> Arne


--
Unpolitisch sein
heißt politisch sein
ohne es zu merken


signature.asc
Description: PGP signature

Re: final test release of 1481

[Arne Babenhauserheide]

Steve Dougherty  writes:
> Hooray! I was able to verify this build on my Debian Jessie box:
Nice! Thank you for checking!

> Thank you for your work, both of you! :)

Thank you for verifying the build, and for your work on preparing the
new keys! There’s a lot of work which finally gets released in this build.

> - Steve
>
> PS: This is my first time trying ProtonMail's "sign message" function;
> assuming it works my ProtonMail key fingerprint is listed here:
> https://www.asksteved.com/?page_id=2

My mu4e tells me that your sig was verified.

Best wishes,
Arne
--
Unpolitisch sein
heißt politisch sein
ohne es zu merken


signature.asc
Description: PGP signature

Re: final test release of 1481

[Arne Babenhauserheide]

DC*  writes:

> Great news, I'm testing this get I get home (I was running a node from 1481 
> for a couple of days without issues).

Thank you!

Best wishes,
Arne
-- 
Unpolitisch sein
heißt politisch sein
ohne es zu merken


signature.asc
Description: PGP signature

final test release of 1481

[Arne Babenhauserheide]

Hi,


I’m now running Freenet 1481, and it works!
But that’s just my box. It needs your testing!


Please give the Installer testing!

https://github.com/freenet/fred/releases/tag/build01481

https://github.com/freenet/fred/releases/download/build01481/new_installer_offline_1481.jar
https://github.com/freenet/fred/releases/download/build01481/new_installer_offline_1481.jar.sig
https://github.com/freenet/fred/releases/download/build01481/FreenetInstaller-1481.exe
https://github.com/freenet/fred/releases/download/build01481/FreenetInstaller-1481.exe.sig

(no OSX installer yet, sorry. That is being built my mrsteveman)


To help test the auto-updater, please go to the auto update settings at

http://127.0.0.1:/config/node.updater?fproxyAdvancedMode=2

and add the following key under "Where should Freenet look for updates?"

USK@YOeUMvHNyr2RY1dQB0-4cppO2Ip-8zKf7CaszRhPqU4,OaISGGFz52FaD98m2JZo-2gQ2XErr0pb3DPkpvDkKxs,AQACAAE/jar/1480

You might have to restart Freenet to get it to detect the new release
after adding the new key (I had to).


Testing release notes:

http://127.0.0.1:/freenet:SSK@YOeUMvHNyr2RY1dQB0-4cppO2Ip-8zKf7CaszRhPqU4,OaISGGFz52FaD98m2JZo-2gQ2XErr0pb3DPkpvDkKxs,AQACAAE/changelog-1481?type=text/plain

http://127.0.0.1:/freenet:SSK@YOeUMvHNyr2RY1dQB0-4cppO2Ip-8zKf7CaszRhPqU4,OaISGGFz52FaD98m2JZo-2gQ2XErr0pb3DPkpvDkKxs,AQACAAE/fullchangelog-1481?type=text/plain


If there are no new blockers, I’d like to release this to the actual
update key next week.

All there is to do is switching out the testing key for the real update
key and running the inserter. And then we’ll finally have a release from
the next branch after 18 months of work to get it ready!


Thank you all for your work to get it working!


Best wishes,
Arne
--
Unpolitisch sein
heißt politisch sein
ohne es zu merken


signature.asc
Description: PGP signature

Re: help in tracking down 1481 memory leak (with reproduction steps)

[Arne Babenhauserheide]

DC*  writes:
> Here are my logs (log.level DEBUG). My node restarted several times at
> 15m, 20m, 30m. The log named `check-alive.log` is the output from the
> gist (it's cut off ubut shows enough information).

Thank you! Yours is the first reproduction outside my own machines. I
was short of concluding that it’s just something borked here, but it
seems there’s an actual (and serious) problem with 1481.

> If there is anything else I could help with, let me know.

Do you have experience with profiling Java for memory leaks?

The only lead I have right now is that something with threading might go
wrong, since we now have native thread priorities and these might be
stalling something which would release references to objects.

Best wishes,
Arne
-- 
Unpolitisch sein
heißt politisch sein
ohne es zu merken


signature.asc
Description: PGP signature

Re: help in tracking down 1481 memory leak (with reproduction steps)

[Arne Babenhauserheide]

DC*  writes:
> Are there any debug/logging/stack trace setting we could enable to see where 
> it died?

You can set logging in wrapper.conf, see the wrapper.logfile.loglevel
and wrapper.console.loglevel lines.

> I'm gonna setup an container to try this out.

Thank you!

Best wishes,
Arne
-- 
Unpolitisch sein
heißt politisch sein
ohne es zu merken


signature.asc
Description: PGP signature