Re: Important Announcement: Freenet naming change

[Steve Dougherty]

Hi Ian,

I'm surprised. I'm not sure what to say, or what reaction you and the
rest of the board expected.

This is another demonstration of a complete disconnect between the board
of FPI, and the community around Freenet. After giving up initial plans
to name Locutus "Freenet 2" in the face of backlash, you and the rest of
the board appear to now want still more of Freenet's brand recognition.
The hope seems to be that the Freenet community, having not been
consulted, and reasonably assumed to disagree, will undertake the effort
to rename themselves the Freenet Classic community.

I don't think this will happen. It would require buy-in, and it has
none.

- Steve

Re: Remaining reviews needed to release Freenet 1495

[Steve Dougherty]

Agreed! A decade ago when IPv6 stacks were liable to be buggy, it was 
understandable, but by now enabling it by default seems more than reasonable.

On Tue, Dec 6, 2022 at 9:42 AM, s7r  wrote:

> Dr. Arne Babenhauserheide wrote:
>> Hi,
>>
>>
>> We’re getting ever closer to release. I merged the already reviewed
>> pull-requests, but some important PRs remain so we can release. Please
>> help getting these reviewed!
>>
>
> Thanks for the work!
>
> I would like to propose we change something that has been bothering me
> for years, and I have extensively tested it under Debian, FreeBSD and
> Windows during the last 4 Freenet releases and it does not cause any
> problems at all if we change it the way I suggest.
>
> In the default wrapper.conf file we ship with Freenet, there is this
> over a decade config line:
>
> # Needed for some linux distros? Shouldn't prevent using IPv6, just make
> it prefer IPv4?
> wrapper.java.additional.3=-Djava.net.preferIPv4Stack=true
>
> The thing is, it actually really prevents you from using IPv6! At least
> on Debian, Windows and FreeBSD (I am confident on every OS this is the
> case, because it's a Java thing more than an OS thing).
>
> With these lines in wrapper.conf we have the following problems:
>
> - node does not bind to IPv6 interfaces, only bind to IPv4 available
> addresses for both opennet and darknet;
>
> - It also does not connect to any IPv6 peers. If you remove it, even if
> node bind to and node opennet bind to is set to the `default` 0.0.0.0,
> it properly binds to *all* interfaces (IPv6 and IPv4).
>
> - it doesn't open the localhost FProxy except on 127.0.0.1, regardless
> the freenet.ini setting is to also bind to 0:0:0:0:0:0:0:1 -- with that
> line removed, FProxy successfully finds to 127.0.0.1 and [::1].
>
> *So there are no additional settings to do to make sure all goes well
> except as remove these two lines from wrapper.conf.*
>
> We should remove it entirely or comment it out, and also make sure it
> overwrites the `wrapper.conf` on disk for users that already have
> freenet installed and are upgrading automatically.
>
> This will add better IPv6 support, more reachable nodes in the Freenet
> network (IPv6 and NAT is much rarely used together) and it makes sense
> to do it finally, after 25 years since the IPv6 RFC :)
>
> I'll do a PR to update the seednodes for better bootstrap support to new
> connecting users, hopefully the windows installer will take them on in
> time. Monitoring service is running here:
>
> https://freenet.dotbit.zone/

Re: Please test the new Windows Installer

[Steve Dougherty]

In my testing, it successfully detects Java 8u333, which is what java.com 
offers for Windows.

- Steve

On Wed, Jun 15, 2022 at 4:10 AM, DC*  wrote:

> Hey,
>
> I'll do my best to test the windows installer today. I'll report finders
> over IRC.
>
> Best regards
>
> On 2022-06-13 20:59, Dr. Arne Babenhauserheide wrote:
>> Hi,
>>
>> If you run Windows, could you try the new Freenet installer with the
>> wintray-improvements from naejadu?
>>
>> - Does it install Freenet correctly?
>> - Does in install Java?
>> - Does the tray detect an existing or newly installed Java?
>>
>> https://github.com/freenet/wininstaller-innosetup/releases/download/build01493-new-installer-test-2/FreenetInstaller-1493-new-installer-2.exe
>>
>> Sources and changes: https://github.com/freenet/wintray/commits/master
>>
>> Best wishes,
>> Arne
>>
>>
>> "Dr. Arne Babenhauserheide"  writes:
>>
>>> [[PGP Signed Part:Good signature from DCCF0DB30BC10548 Arne 
>>> Babenhauserheide (Physikliebhaber, Hobbysänger und Ideenspringquell) 
>>>  (trust ultimate) created at 2022-06-12T01:20:19+0200 
>>> using RSA
>>> Good signature from 13EF8D452403C3EB Arne Babenhauserheide (Drak) 
>>>  (trust ultimate) created at 2022-06-12T01:20:19+0200 
>>> using RSA]]
>>> Hi,
>>>
>>>
>>> There is already a pretty nice collection of changes in the pipeline for
>>> 1494 (see https://github.com/freenet/fred/pulls ), but four of the
>>> pull-requests still need a review to be able to release:
>>>
>>>
>>> - randomize pitch black defense times
>>> https://github.com/freenet/fred/pull/747
>>> (this one is important for the long-term viability of Freenet!)
>>>
>>> - m3u-player: more robust sizes, do not use overlay for audio.
>>> https://github.com/freenet/fred/pull/768
>>> (this enables *convenient* samizdat radio on Freesites!)
>>>
>>> - add opens jvmargs when building on java 17
>>> https://github.com/freenet/fred/pull/769
>>> (important to have an easier start for new contributors)
>>>
>>> - remove old unconditional logging line
>>> https://github.com/freenet/fred/pull/770
>>> (that’s a simple cleanup)
>>>
>>>
>>> Please look into them — I cannot review them myself, because I added
>>> them, and we need at least four eyes on every change for basic safety.
>>>
>>>
>>> Also if you have some knowledge about our RequestStarter logic, please
>>> have a look at https://github.com/freenet/fred/pull/777/files
>>>
>>> According to Trivuele that improves throttling of local requests
>>> significantly, because the existing logic was pretty inconsistent over
>>> time, but I don’t understand the old logic well enough to see whether
>>> the old behavior was a bug or whether there was a point to it.
>>>
>>>
>>> Best wishes,
>>> Arne

Re: New test-release for 1493, with new testing key

[Steve Dougherty]

--- Original Message ---
On Saturday, April 2nd, 2022 at 7:09 PM, Dr. Arne Bab.  wrote:
...
> -- Draft for Announcement --
>
> Freenet 0.7.5 build 1493 is now available. [overview]

I'd suggest removing "[overview]". When I wrote the template I intended it as a 
placeholder, not a section header.

>
> This build provides four core improvements:

Nice! This release looks like a good collection of changes. :)

...

> now provides all the tools for selfpublishing, not only in the

I'd suggest "self-publishing"

...

> transifex updated enough of the the German, Persian, Finnish,

Is it worth capitalizing Transifex? It seems to be how they style it themselves.

I don't notice anything else I'd suggest changing in this announcement. Thanks 
for getting this release together!

- Steve

Re: Linux installer as jar?

[Steve Dougherty]

‐‐‐ Original Message ‐‐‐
On Saturday, June 27, 2020 10:05 PM, DC*  wrote:

> On 2019-04-13 21:47, Steve Dougherty wrote:
>
> > My impulse would be to decide which distros we want to officially
> > support, and provide packages for them. Perhaps Arch, Debian, and
> > Ubuntu? Both installers for Linux applications and compiling Java to
> > native code strike me as odd approaches that go against the grain of
> > usual software installation, and while I'm not opposed to having them
> > as options for distros we don't have packages for, it does seem liable
> > to increase our support load.
> > Providing packages would allow giving upgrades some nice properties as
> > well - instead of having to write upgrade logic ourselves, the package
> > manager can do it. We need only (expose and) add a package repo like
> > the Google Chrome package does by default. A tool to mirror a USK to
> > disk would be useful here; if memory serves I've written up ideas
> > about this in the past.
> > ‐‐‐ Original Message ‐‐‐
> > On Friday, April 12, 2019 4:31 PM, Arne Babenhauserheide
> > arne_...@web.de wrote:
> >
> > > Hi,
> > > With Java 11 Webstart is no longer part of the official
> > > distribution. JNLP files no longer start by default.
> > > What do you think about just providing the jar?
> > > Or should we try whether we can get the installer compiled with Graal?
> > > https://www.graalvm.org/docs/getting-started/#native-images
> > > Best wishes,
> > > Arne
> > >
> > > Unpolitisch sein
> > > heißt politisch sein
> > > ohne es zu merken
>
> What abouthttps://github.com/freenet/debian? With a Debian package you
> cover all Debian-based distros, including Ubuntu and derivatives, adding
> CentOS/Fedora you cover most OSes. I'm not taking into account MacOS or
> Windows.
>
> What needs to be done to move it forward?
>
> Best regards,

I can't speak for Arne but as far as I'm aware the things I mentioned
in my quoted message still apply: we'd need to write a way for the
package to update itself over Freenet. (And for the release scripts to
support building and releasing the package, but that's probably the
easier part of the problem.)

If we write a plugin that watches a USK and writes the contents of the
latest edition to disk, then the package can set the package manager
(so, apt, in this case) to watch that directory for updates. At least
if I were still release manager I'd want it to be enabled and
configured by default when Freenet is installed via this package,
possibly also shipping with default apt-source content if apt yells
when pointed at an empty directory. (But as long as it doesn't error
out, it'd be acceptable not to do this.)

Re: [WEBCHAT/IRC] Accessibility for noobs and devs who don't want to authnticate

[Steve Dougherty]

My concern would be that although at any given time there may not be a spam 
campaign that we notice, it would require keeping a close eye on IRC lest it be 
flooded when no one with the power to stop it is around. I know when we enabled 
the option to require registration, Freenode was having a huge spam attack.

I've disabled the need to register for now and will keep an eye on whether 
we're buried in spam.

- Steve


‐‐‐ Original Message ‐‐‐
On Sunday, June 2, 2019 4:30 PM, Arne Babenhauserheide  wrote:

>
>
> Nicolas hernandeznicolas.hernan...@aleph-networks.com writes:
>
> > at one time there was a simple support channel and 'real time' for novice 
> > users who are accessing Freenet for the first time.
> > Alas, today, apparently, the possibility of webchat via irc is no longer 
> > possible, in any case, it now faces an authentication request that makes 
> > the operation more complex and may be unsuitable (authentication). I think 
> > the Freenet community is losing a lot by abandoning this type of support 
> > channel
>
> We disabled access without authentication due to too much spam — is that
> still necessary? Could we disable the need to be authenticated?
>
> Liebe Grüße,
> Arne
>
> --
>
> Unpolitisch sein
> heißt politisch sein
> ohne es zu merken

Numbered List of Freenet Project Ideas

[Steve Dougherty]

Hi there. Wall of text incoming.

Here are some projects which I think would take Freenet in some interesting 
directions:

Capabilities / APIs
---

1.  Introduce a restricted plugin API: nextgens has had this idea for a while - 
only give plugins a plugin API object instead of a full classloader with access 
to the entire Node. If plugins can only access Fred functions explicitly 
intended for plugin use, it should be way easier to figure out how plugins are 
intended to do things, way easier to document and find documentation for 
because it’s all in one area, and it could also have better security 
characteristics with more work - like a system for plugins to be granted and 
restricted from various capabilities, both within Freenet’s API and on the 
system. It’d be better for backwards compatibility going forward because now 
it’s defined instead of plugins reaching into the Node object and poking at 
whatever they found to make things work.

2.  Make FCP into a plugin: bonus points if it uses the restricted plugin API. 
It’d be a good way to test the plugin API and ensure it covers a good amount of 
functionality. This would separate an important function from core Fred code. 
(Side note: FCP really should require two-sided user interaction like KeepassXC 
and its browser companion plugins, or an API key, instead of giving access to 
whatever plugin can connect to its port.) The plugin might also be able to be 
run in a passive mode in a transition phase, like GitHub can do with changes it 
makes, where its answer to a query is compared to that of the integrated FCP. 
(This’d have to be for some subset of queries that doesn’t change the state of 
things - are there many/any of those? Maybe fall back to integrated FCP for 
things not implemented by the plugin?)

3.  Supersede FCP with Protocol Buffers and gRPC: it may have made sense at the 
time, but now there are well-established methods of defining network protocols 
and RPCs, and we’re really not doing ourselves favors by continuing to roll our 
own. Doing something like this would make it easier to build applications that 
use Freenet, like a mobile app that connects to a node.

4.  Transport plugins: we need more things Freenet traffic can look like and 
more ways for it to move around, and as a bonus doing this will likely continue 
to turn up bugs in various places. There’s a PR for this from GSoC but it has 
long since stalled. https://github.com/ValveSoftware/GameNetworkingSockets 
would be very cool to layer Freenet on top of. Not to mention a Tor Hidden 
Service transport plugin - listen as a hidden service, and connect to other 
nodes so listening.

5.  Protocol Buffers for network communication: similar thoughts to FCP using 
protocol buffers for local node control. It’d remove weird custom code and make 
alternate implementations easier. (There’s still problem of using Reijendal but 
that’s separate and seems more manageable.)

6.  Can we adapt existing applications?: forgetting for a moment how JavaScript 
adverse much of our userbase is, can those who are willing to run it (not from 
Freesites but from local applications) be served by writing a backend powered 
by Freenet for an existing forum or wiki? How practical would that be to do? 
https://github.com/Requarks/wiki  https://github.com/discourse/discourse I feel 
like we’re spending a lot of effort trying to write these applications from the 
ground up, and while that does have some desirable properties it’s also more 
work for fewer features.


Packaging
-

1.  First party distro packages: this may be easier once we’re finally done 
splitting freenet-ext. I’d been working on it but didn’t manage to finish so 
far. https://github.com/Thynix/fred-staging/tree/remove-freenet-ext I’m not 
opposed to standalone packaging in principle, but using package managers would 
probably both remove the need to do a bunch of careful update work ourselves 
and allow better distro-specific integration and adaptation.

2.  Better support for package repositories in Freenet: I think this has been 
discussed previously, and the Mempo folks ran up against the lack of this 
pretty hard, but one way to do it would be to have a MirrorUSK plugin that can 
mirror the contents of a USK/manifest to disk. Then, distro packages can 
install Fred with this MirrorUSK plugin already installed and configured to 
mirror their repo, and point the package manager at the directory on disk 
unless requested not to. Tada! Distro-specific updates over Freenet.

- Steve

Re: Partial restructuring of Freenet's code

[Steve Dougherty]

Thanks for writing this! Your approaches seem reasonable to me.

Yes, mocking time will be helpful. It’s not  clear to me how many places that 
will be of use, or whether mocking would still be viable in integration tests 
instead of just unit tests, but it’s definitely a good tool to have. Do you 
know if JUnit has anything that can help with that? It seems like a common 
enough need that it might.

Testing concurrent things may require more Conditions for threads to wait on. 
It’s not clear to me how much effort that will require to be viable, or how 
best to expose them.

- Steve

On Fri, Apr 26, 2019 at 6:34 AM, Martin Byrenheid 
 wrote:

> Hello everyone,
>
> I've sent this mail at the end of last year to this list but it seems
> that it never made it to its subscribers. Thus, I'm trying again:
>
> I started to refactor several parts of the Freenet Code to make the it
> easier to test and understand the different parts of it in isolation.
> Before I continue doing so, I would like to know your thoughts on my
> approach and whether you would actually welcome these changes. You can
> find the latest version of the partially refactored code on Github [1].
>
> Essentially, I did the following three changes to the Node-,
> NodeCrypto-,PeerManager-,UdpSocketHandler-,NodeIPPortDetector- and
> IPAddressDetector-class:
>
> 1. Create corresponding Interfaces for each class. This allows us to
> replace actual class instances (e.g. of the Node class) with a
> test-specific dummy implementation. This dummy can then be given as
> parameter to a constructor.
>
> 2. Encapsulate instantiation of class members within protected methods.
> By overriding these protected methods, we can replace class members with
> test-specific dummy implementations.
>
> 3. Create getter-Methods to access class members. Many classes in
> Freenet hold a reference to a Node-instance and some directly access its
> members. Besides the fact that this is not a good practice, it kept me
> from creating an interface for the node class.
>
> One obstacle with point (1) was that there are several cases where a
> class calls a non-public method from another class in the same package.
> To illustrate my changes, consider the following three example classes:
>
> package example.A;
> class MyClass {
>
> boolean getBool() { ... }
>
> public String getString() { ... }
>
> }
>
> package example.A;
> class SamePackageClass {
>   public SamePackageClass(MyClass ref) {
>
> if (ref.getBool()) ...
>
>   }
>
> }
>
> package example.B;
> class OtherPackageClass {
>
>   public OtherPackageClass(MyClass ref) {
>
> process(ref.getString());
>
>   }
>
> }
>
> Because SamePackageClass is within the same package as MyClass, the
> getBool-method is visible to the former wheras only getString() is
> visible for the OtherPackageClass. After my refactoring, we now have the
> following 2 interfaces:
>
> package example.A;
> public interface MyClass {
>
> String getString();
>
> }
>
> package example.A;
> interface ProtectedMyClass extends MyClass {
>
> boolean getBool();
>
> }
>
> Please note that the first interface is a public interface while the
> second interface is package-local. The three example classes now look as
> follows:
>
> package example.A;
> class MyClassImpl implements ProtectedMyClass {
>
> public boolean getBool() { ... }
>
> public String getString() { ... }
>
> }
>
> package example.A;
> class SamePackageClass {
>   public SamePackageClass(ProtectedMyClass ref) {
>
> if (ref.getBool()) ...
>
>   }
>
> }
>
> package example.B;
> class OtherPackageClass {
>
>   public OtherPackageClass(MyClass ref) {
>
> process(ref.getString());
>
>   }
>
> }
>
> The getBool-Method of the MyClassImpl-class is now public. However, if
> instances of this class are only accessed via the interfaces it is only
> visible to classes that use the ProtectedMyClass interface. This way, we
> maintain the package-local view for the different methods. What do you
> think about this solution?
>
> Given the above classes, an example for a point (2)-refactoring is as
> follows:
>
> class AnotherClass {
>
> MyClass ref;
>
> public AnotherClass(int param) {
>
>   ref = newMyClass(param);
>
> }
>
> protected MyClass newMyClass(int param) {
>
> return new MyClassImpl(param);
>
> }
>
> }
>
> Instead of calling "new MyClassImpl(param)" directly in the constructor,
> I use a protected method newMyClass. When writing a test case, I can now
> easily test AnotherClass without needing an instance of MyClassImpl. To
> do so, I create a minimal class MyClassStub that implements the
> MyClass-interface and derive the following class:
>
> class InstrumentedAnotherClass extends AnotherClass {
>
> public InstrumentedAnotherClass(int param) {
>   super(param);
> }
>
> @Override
> protected MyClass newMyClass(int param) {
>
>   return new MyClassStub();
>
> }
>
> }
>
> As a proof of concept for this 

Re: Linux installer as jar?

[Steve Dougherty]

My impulse would be to decide which distros we want to officially support, and 
provide packages for them. Perhaps Arch, Debian, and Ubuntu? Both installers 
for Linux applications and compiling Java to native code strike me as odd 
approaches that go against the grain of usual software installation, and while 
I'm not opposed to having them as options for distros we don't have packages 
for, it does seem liable to increase our support load.

Providing packages would allow giving upgrades some nice properties as well - 
instead of having to write upgrade logic ourselves, the package manager can do 
it. We need only (expose and) add a package repo like the Google Chrome package 
does by default. A tool to mirror a USK to disk would be useful here; if memory 
serves I've written up ideas about this in the past.


‐‐‐ Original Message ‐‐‐
On Friday, April 12, 2019 4:31 PM, Arne Babenhauserheide  
wrote:

> Hi,
>
> With Java 11 Webstart is no longer part of the official
> distribution. JNLP files no longer start by default.
>
> What do you think about just providing the jar?
>
> Or should we try whether we can get the installer compiled with Graal?
> https://www.graalvm.org/docs/getting-started/#native-images
>
> Best wishes,
> Arne
>
> --
>
> Unpolitisch sein
> heißt politisch sein
> ohne es zu merken

Re: Question regarding automatic IP detection

[Steve Dougherty]

I agree that does look for all the world like a missing negation in the opennet 
case. Nice find! What looks like the previous implementation of that decision 
which that commit replaces (in detectPrimaryIPAddress) appears to have no such 
distinction, but looks questionable itself as well due to the duplicate 
“dontDetect = true”s.

- Steve

Typed on a mobile keyboard

On Wed, Dec 12, 2018 at 12:12 PM, Martin Byrenheid 
 wrote:

> Hi,
>
> while reading the code on automatic IP detection, I noticed that the
> dontDetect-Method in the Node-class returns false if our Darknet IP is
> not a real internet address or if our Opennet IP IS a real Internet
> address. Shouldn't the detection actually be triggered if our Opennet IP
> is not a real internet address?
>
> I looked up the message for the commit when the dontDetect-Method was
> introduced[0] but did not find an explanation.
>
> Best regards,
> Martin
>
> [0]
> https://github.com/freenet/fred/commit/470552475ee10c8dd1482a916c6409b3feba39c5
>
> --
> Martin Byrenheid
> Scientific Assistant
>
> Technische Universität Dresden
> Faculty of Computer Science
> Institute of System Architecture
> Chair of Privacy and Data Security
> 01062 Dresden
>
> Tel.: +49 351 463 38235
> GPG : F144 FBCD F0C2 257A 87ED
> CFDE 24EB E684 D0BE E785

Re: Freenet's Hackathon (second edition)

[Steve Dougherty]

Translating is primarily thorough https://www.transifex.com/otf/freenet/ and we 
have scripts to pull the changes into the repos before deploying.

Typed on a mobile keyboard

On Wed, Nov 14, 2018 at 10:12 AM,  wrote:

> I'm sorry, but I've tried a fork of freenet for adding hackathon 
> announcement, but I don't understand the traduction system of freenet static 
> website (if I could ask for help just here : 
> https://github.com/darcosion/website)
>
> Regards, Darcosion.
>
> ‐‐‐ Original Message ‐‐‐
> Le lundi 12 novembre 2018 21:28, Arne Babenhauserheide  a 
> écrit :
>
>>
>>
>> darcos...@protonmail.com writes:
>>
>> > Le dimanche 11 novembre 2018 23:30, Mar Arribas Ortolà 
>> > marri...@protonmail.com a écrit:
>> >
>> > > If it's a need, I can do translations english-spanish (And, if we're
>> > > really bored, catalan).
>> > > I can do the same things in french.
>>
>> That sounds great!
>>
>> Thank you!
>>
>> Best wishes,
>> Arne
>>
>> 
>>
>> Unpolitisch sein
>> heißt politisch sein
>> ohne es zu merken

Re: final final test release of 1481

[Steve Dougherty]

I haven't tested beyond running the build that was originally tagged 1481, (so 
c4b1caa16819937bc7c368f74e7deea16cc9b263 I think?) and have no reasons to 
suggest the release be further delayed.

I was able to verify the build on an updated Debian Jessie VM, and set up doing 
the same with a Docker build, inspired by how Signal does it. It has to run sed 
to disable ECDSA or the TLS connection to download the Gradle wrapper will fail 
due to a Java bug apparently. The command Docker runs could be `./gradlew jar` 
were it not for that. The rest of my message is a log of doing so (the weird 
syntax for pwd is because of Fish shell):

steve@monolith /tmp> git clone ~/Documents/Coding/freenet/fred
steve@monolith /tmp> cd fred
steve@monolith /t/fred (master)> wget 
https://gist.github.com/Thynix/f02f9ba33e296d037defd60972dd39fd/raw/55996e4ba863ba568efdc5d53d7a7bb3086a1723/build.sh
...
steve@monolith /t/fred (master)> sudo docker run --rm --volume (pwd):/project 
--workdir "/project" openjdk:7-jdk bash build.sh
Downloading https://services.gradle.org/distributions/gradle-4.2.1-bin.zip
..
Unzipping 
/root/.gradle/wrapper/dists/gradle-4.2.1-bin/dajvke9o8kmaxbu0kc5gcgeju/gradle-4.2.1-bin.zip
 to /root/.gradle/wrapper/dists/gradle-4.2.1-bin/dajvke9o8kmaxbu0kc5gcgeju
Set executable permissions for: 
/root/.gradle/wrapper/dists/gradle-4.2.1-bin/dajvke9o8kmaxbu0kc5gcgeju/gradle-4.2.1/bin/gradle
Starting a Gradle Daemon (subsequent 

Re: Freenet's Hackathon (second edition)

[Steve Dougherty]

I’m planning to look into refreshing the branch of Floghelper with CommonMark 
support I had a while back. Maybe also a gRPC plugin (so FCP but actually 
supported) or something.

- Steve

Typed on a mobile keyboard

On Thu, Oct 25, 2018 at 1:04 AM, DC*  wrote:

> Hello all,
>
> Around mid-november sounds great to me. It's a bit close but we can make
> it.
> So *November 17* is a tentative date for the Hackathon.
>
> I'll prepare a list of tasks to work on (suggested but not required)
> from [1].
>
> Please do propose any task/project that you know you want to tackle
> and/or need help with.
>
> Ideal tasks for the hackathon are:
>
> - Web interface changes (translations, enhancements, bug fixes)
> - Installers bug fixes
> - Website translations and visual enhancements
> - Testing, documentation and code reviews
>
> @Arne Do you have a list of tasks you'll like to see included?
>
> Best regards,
>
> [1]:
> https://freenet.mantishub.io/view_all_bug_page.php?filter=5bd14e83cc743
>
> On 2018-10-23 12:47, Hunter Poe wrote:
>> Hi, I haven't contributed to Freenet before but am interested in doing
>> so and getting an opportunity to do a hackathon would be a great way
>> to get involved. I could probably do November 17th
>>
>> On Tue, Oct 23, 2018 at 7:11 AM Steve Dougherty 
>> wrote:
>>
>>> I’d be interested - I’m free the weekend of November 17th, as
>>> well as weekends in December.
>>>
>>> - Steve
>>>
>>> Typed on a mobile keyboard
>>>
>>> On Sat, Oct 13, 2018 at 4:01 PM, DC*  wrote:
>>>
>>>> Hello everyone!
>>>>
>>>> I've been looking around the issue tracker and found many stalled
>>>> projects and initiatives. I'm also a bit stuck on some
>>>> freenet-related
>>>> projects due to this slow pace.
>>>>
>>>> I was wondering if it'll be a good idea to bring back the Weekend
>>>> Of
>>>> Code Hackathon[1][2] as it brought good results [3].
>>>>
>>>> If it's OK we'll need to define:
>>>>
>>>> - Date and time
>>>> - Scope (tasks to work on)
>>>> - Team involved (to ask for advice, help)
>>>>
>>>> The idea is to quickstart some projects and get new people
>>>> involved.
>>>>
>>>> What do you think?
>>>>
>>>> Best regards!
>>>>
>>>> [1]:
>>>>
>>>
>> https://freenetproject.org/weekend-of-code-hackathon-announcement.html
>>>>
>>>> [2]:
>>>>
>>>
>> http://127.0.0.1:/Sone/viewPost.html?post=6acc3640-efe6-4ea3-9fec-258d3189d384
>>>>
>>>> [3]:
>>>> https://freenetproject.org/weekend-of-code-hackathon-results.html

Re: Freenet's Hackathon (second edition)

[Steve Dougherty]

I’d be interested - I’m free the weekend of November 17th, as well as weekends 
in December.

- Steve

Typed on a mobile keyboard

On Sat, Oct 13, 2018 at 4:01 PM, DC*  wrote:

> Hello everyone!
>
> I've been looking around the issue tracker and found many stalled
> projects and initiatives. I'm also a bit stuck on some freenet-related
> projects due to this slow pace.
>
> I was wondering if it'll be a good idea to bring back the Weekend Of
> Code Hackathon[1][2] as it brought good results [3].
>
> If it's OK we'll need to define:
>
> - Date and time
> - Scope (tasks to work on)
> - Team involved (to ask for advice, help)
>
> The idea is to quickstart some projects and get new people involved.
>
> What do you think?
>
> Best regards!
>
> [1]:
> https://freenetproject.org/weekend-of-code-hackathon-announcement.html
> [2]:
> http://127.0.0.1:/Sone/viewPost.html?post=6acc3640-efe6-4ea3-9fec-258d3189d384
> [3]: https://freenetproject.org/weekend-of-code-hackathon-results.html

Re: final test release of 1481

[Steve Dougherty]

‐‐‐ Original Message ‐‐‐
On Thursday, October 18, 2018 7:55 PM, DC*  wrote:

> Seems auto-update key works flawlessly. Attached relevant logs.

Hooray! I was able to verify this build on my Debian Jessie box:

```
steve@debian:~/local_freenet/fred$ cat /etc/debian_version 

8.11
steve@debian:~/local_freenet/fred$ uname -a
Linux debian 3.16.0-7-amd64 #1 SMP Debian 3.16.59-1 (2018-10-03) x86_64 
GNU/Linux
steve@debian:~/local_freenet/fred$ java -version
java version "1.7.0_181"
OpenJDK Runtime Environment (IcedTea 2.6.14) (7u181-2.6.14-1~deb8u1)
OpenJDK 64-Bit Server VM (build 24.181-b01, mixed mode)
steve@debian:~/local_freenet/fred$ ./gradlew jar
...
BUILD SUCCESSFUL in 11s
4 actionable tasks: 4 executed
SHA-256 of freenet.jar: 
5efa9c4184cc02316b9faa1c8ce32bda78f5885c3a0703f684e0a08bdf3ffc8b
steve@debian:~/local_freenet/fred$ sha256sum freenet-build01481.jar
5efa9c4184cc02316b9faa1c8ce32bda78f5885c3a0703f684e0a08bdf3ffc8b  
freenet-build01481.jar
steve@debian:~/local_freenet/fred$ cmp freenet-build01481.jar 
build/libs/freenet.jar
steve@debian:~/local_freenet/fred$ echo $?
0
```

I'm now running 1481.

In case others want to go the same route, specifically, because I wasn't
able to get the jar to fetch from the test key (RecentlyFailed), I
fetched the dependency changes - upgraded Bouncy Castle, introducing jna
and jna-platform:

```
> git diff build01480..build01481 -- dependencies.properties 

diff --git a/dependencies.properties b/dependencies.properties
index 0c919f8c57..d89a1fe3f9 100644
--- a/dependencies.properties
+++ b/dependencies.properties
@@ -6,14 +6,30 @@ 
contrib.key=CHK@6xW9CyMrm9fVoHfQL4j8~O2BBNzJt0N3HywffP2O1t4,ozsCsUld9z~EUh5NFkZr
 contrib.size=4685193
 contrib.type=CLASSPATH
 contrib.order=1
-bouncycastle.version=1.54.0
-bouncycastle.filename=bcprov-jdk15on-154.jar
-bouncycastle.sha256=d0ae14598f9c528d2ab7bb8ed00e785a5440f692712cd362d69328aba25efb57
+bouncycastle.version=1.59.0
+bouncycastle.filename=bcprov-jdk15on-1.59.jar
+bouncycastle.sha256=1c31e44e331d25e46d293b3e8ee2d07028a67db011e74cb2443285aed1d59c85
 bouncycastle.filename-regex=bcprov-jdk.*.jar
-bouncycastle.key=CHK@3Ra2Gbc7li7CGAKMOlZsrjC4HDkDdmyZoMb37rJq6F8,p8HhYtEegEWaCvFfTb-Heh3OIqqRq~w6wcbQrKsPShg,AAMC--8/bcprov-jdk15on-154.jar
-bouncycastle.size=3277268
+bouncycastle.key=CHK@tQXPsjTMsS9Nj60y3qglLKoPzxSqU~6GvfF~d06yyoo,59eHcQAcoxtlZvempONC80Motcasm9NK9294RC8tXtE,AAMC--8/bcprov-jdk15on-1.59.jar
+bouncycastle.size=4092400
 bouncycastle.type=CLASSPATH
 bouncycastle.order=-1
+jna.version=4.2.2
+jna.filename=jna-4.2.2.jar
+jna.sha256=1f38af54e06c6e6f6dbf39ba2c052b952dea5dddb4871127b34639ddeb11bdbe
+jna.filename-regex=jna-*.jar
+jna.key=CHK@0qI6PqVBf2aGVFt6VOFqpBkglZWg0ulrqu4ZPIsKcoA,IXD2eKM-LV81yX-kZkwQBd9~yJJO2J44hxVi87ycs74,AAMC--8/jna-4.2.2.jar
+jna.size=1137286
+jna.type=CLASSPATH
+jna.order=2
+jna-platform.version=4.2.2
+jna-platform.filename=jna-platform-4.2.2.jar
+jna-platform.sha256=32aca873a4cb14721d939bbc8287a828919c05e8e1040b3fe8290f6128cdecca
+jna-platform.filename-regex=jna-platform*.jar
+jna-platform.key=CHK@7VdTmbaWq5RkqDRoTxxbRcNa4DMNSF0pENCyHPH0QHw,0on2uxMOaThYWQ~z4UnHpLtmqpFjfaDha6Fu51I3xvo,AAMC--8/jna-platform-4.2.2.jar
+jna-platform.size=1856200
+jna-platform.type=CLASSPATH
+jna-platform.order=3
 update-sh.version=2
 update-sh.filename=update.sh
 update-sh.type=OPTIONAL_PRELOAD
```

then updated my wrapper.properties accordingly and restarted the node.
For now it's running; we'll see how it goes!

Thank you for your work, both of you! :)

- Steve

PS: This is my first time trying ProtonMail's "sign message" function;
assuming it works my ProtonMail key fingerprint is listed here:
https://www.asksteved.com/?page_id=2

> On 2018-10-18 19:33, Arne Babenhauserheide wrote:
> 

> > DC* d...@riseup.net writes:
> > 

> > > Great news, I'm testing this get I get home (I was running a node from 
> > > 1481 for a couple of days without issues).
> > 

> > Thank you!
> > Best wishes,
> > Arne



signature.asc
Description: OpenPGP digital signature

Re: 1481 release preparation back on track

[Steve Dougherty]

Thank you! Looking forward to the release!


​​

‐‐‐ Original Message ‐‐‐

On July 6, 2018 10:35 PM, Arne Babenhauserheide  wrote:

> ​​
> 
> Hi,
> 
> I finally got the SunEC breakage in Java 7u181 fixed,[1]
> 
> so the release is moving forward again.
> 
> I also added some of the recent small but significant bug-fixes.
> 
> To ease review, I created a tracking pull-request:
> 
> https://github.com/freenet/fred/pull/637
> 
> Best wishes,
> 
> Arne
> 
> [1]: https://freenet.mantishub.io/view.php?id=7023
> 
> 
> --
> 
> Unpolitisch sein
> 
> heißt politisch sein
> 
> ohne es zu merken

Re: Freenet 0.7.5 build 1480 is now available.

[Steve Dougherty]

IIRC the bundled installer is still 32-bit.

Sent from ProtonMail Mobile

On Wed, Feb 21, 2018 at 10:11 PM,  wrote:

> On Saturday, January 20, 2018 10:02:15 PM Arne Babenhauserheide wrote: > 
> Freenet 0.7.5 build 1480 is now available. [overview] > > - Ship new Windows 
> Installer and Tray Now that it has been deployed to the website here's a 
> glitch I found in it: https://freenetproject.org/pages/download.html still 
> says: > On 64-bit Windows, we will install a 32-bit Java Virtual Machine 
> because of > limitations of the Java Service Wrapper. That should be removed.

Freenet on Embedded Systems

[Steve Dougherty]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Hi everyone,

A few years ago Allan (comradekingu) had an idea about selling small 
pre-configured Freenet systems. While I think we're still probably 
underresourced to support such an undertaking, I did have ideas about what one 
might look like.

If you're not familiar with the Chromecast setup process: a Chromecast fresh 
out of packaging is to be connected to a display and a power source. It then 
becomes a WiFi access point, and Chromecast mobile apps connect to it and allow 
configuring the Chromecast and giving it the WiFi password. Then the AP turns 
off, the Chromecast connects to the normal WiFi, and is accessible over the 
network. An embedded Freenet system could do something similar: offer an AP 
which captive-portals Fred's first run setup. (Along with prompts for WiFi 
access, or an Ethernet connection. We'd want 
https://github.com/freenet/plugin-UPnP2 too.)

To run Freenet it'd need robust storage and a fair amount of RAM; when I ran a 
Freenet node on a Raspberry Pi 2 (1 GiB RAM; MicroSD card rootfs and USB ports) 
with Freenet installed to a USB hard drive, the USB drive kept disconnecting 
(maybe due to flakiness under load?), causing filesystem corruption and kernel 
panics. When I moved the Freenet installation to the MicroSD card, not long 
after the filesystem started to, if memory serves, refuse to accept writes. So 
whatever this does use it'll need good storage one way or another. I had some 
flavor of https://nextthing.co/pages/chip in mind, but haven't tested running 
Freenet on such a system yet. Either way it couldn't handle something 
memory-heavy like Sone, and maybe not WoT either. (For reference my Freenet 
node with both of those is currently sitting at about 2 GiB resident.) 
Hopefully a base node would work.

Thoughts?

- - Steve
-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEEy18byrtUVJwwR9o9Isk/X0qqYW4FAlmdSMEACgkQIsk/X0qq
YW7vlw/+PepolRIgSLH8PYxaD7QQ9t6iNZiOuQ2oNZvYPl1d6XOsajesitWJalox
OsstZe1OY6uLYoIAJApDdDZMlbGyyJSrsjirIcGkYIHlWvSUX9d+qIv/o81eo7+C
EL6Xas4UtaWxVPmVrMjYw6CAuUxiZygzfrwWR11DwjU5Mcja+KXO+YwFLKt2S/UV
2P0UTncjpyzm/r9d9Foy8+YImel7xuPYemTJyBolYp9Vbj7mzLjdK475/EHSkHYD
n7zVt6p2XKEBWzO1pYE2Te8L9ryFvDKWjablHLoX1PYQwYIfTApy+e5KON9/ih9v
7EL0P8d6hCCaep3wBaoSEB4uu3XzhxnzgxvI1AzcS7brQYforP52EMPezga12LJY
RChMQ/Tprk5/uUfaACEWr+8iyIthnFxeDpvMSq6txBIW9+pg+0Tf5pGWvkdlG50o
OxETKXAjlpEXyb8pvi/BECl+3dwQCKhwogtRzuQXjEPEIBMWJGoUaxkUkU3lctcx
aSWU5fkeanauvzsQSrujx8kvo0KRzm8t1fF0W8fxx9lxe2mPXvAGHwDgAqwI4LEO
6y/OjDPFNREOMNJQZRL176GUDp8lNKVKbGat5hZwHOAP1o5gLjJ0J9tJ7BGEeGvy
aqpbj8sX0vKaSUaUsNB7144dnLT+xQ5GcrUH0fmF002SUtgfnUA=
=a+VR
-END PGP SIGNATURE-

FPI joining Battle for the Net?

[Steve Dougherty]

Are we interested in joining the net neutrality protest on July 12th? 
https://www.battleforthenet.com/july12/

- Steve

Re: DDG Tasks Bug Bounty Proposal

[Steve Dougherty]

I don't think anyone is proposing that new developers get push access or bypass 
review by existing developers. We're all in agreement that it would not be 
acceptable. Matthew's question of how to avoid long review delays doesn't have 
a great answer; I can't think of anything beyond keeping the tasks much smaller 
than purge-db4o was.

Sent from ProtonMail mobile

 Original Message 
On May 9, 2017, 3:21 AM, wrote:
On Tuesday, May 09, 2017 09:12:21 AM x...@freenetproject.org wrote:
> On Monday, May 08, 2017 04:57:10 PM Ian wrote:
> > There is also a trust issue, since we would probably need to give them
> > access to source repos and other things - and it would be irresponsible to
> > do that with someone we know nothing about.
>
> For security reasons I don't think any of the core contributors will accept
> giving direct push and/or release privileges to someone who hasn't been on
> the project for years, me included.
>
> If we hire a stranger they will have to commit to their own repository and
> send pull requests just like any other unknown new contributor.
>
> Further, for code quality reasons, payment should only be sent once their
> code has been reviewed and accepted by the core team.
> Freenet is a complex project, we cannot blindly merge code from someone who
> hasn't proven to be familiar with the codebase yet. Proving this takes
> years.

I'm sorry, I wasn't clear enough:

You seemed to say that hiring a non-anonymous person would solve this problem.

I meant to reply that knowing their real name does *not* solve it:
Any new contributor will have to prove their skill by sending PRs for a long
time, anonymous or non-anonymous. Direct push/release access and payment is
not an option IMHO.

Re: DDG Tasks Bug Bounty Proposal

[Steve Dougherty]

 Original Message 
Subject: Re: DDG Tasks Bug Bounty Proposal
Local Time: May 8, 2017 1:09 PM
UTC Time: May 8, 2017 5:09 PM
From: free...@nullvoid.me
To: devl@freenetproject.org

Can you provide the minimum identification requirements to be able to
get a bug bounty from FPI? If you have to report to the IRS does that
mean only citizens of the United States are eligible to work on Freenet
for pay?

As for access to the source code, is it not open source? If you mean
push access to the repo, I thought most of the bug bounties are to fix
bugs and submit code, not review and merge code. There is no security
concern regarding anonymous vs known developers submitting code. At the
end of the day the code should be reviewed line for line, whether it's
by a "trusted" name or not.

Right - I propose paying someone to write code which is then reviewed and 
merged by existing community members with push access.

Re: manifest files and forwarding

[Steve Dougherty]

 Original Message 
On May 3, 2017, 3:16 AM, Arne Babenhauserheide < arne_...@web.de> wrote:

Stefanie Roos  writes:

> Thanks.
>
> Sorry, bit late in answering

I documented an easier to implement version of your idea as note in

https://freenet.mantishub.io/view.php?id=3640#c12321
(0003640: Bundles (unencrypted tunnels))

The difference is that it bundles based on the source peer and mixes in
local requests (routing by peer only uses information we have at
routing time).

This is the note I added — does it fit your proposal well enough?

- For each source peer for which we do not decrement HTL18, select a target 
peer at random to whom we forward all HTL18 requests of the source peer.
- Mix all our local requests with those of one of the source peers, selected at 
random.

This approach should defeat attacks based on the distribution of requests for 
chunks from known files in the requests of a given node.

If looking only at request distribution, yes, but there are still request rates 
to consider. Files that aren't all routed to a single peer have higher request 
rates because the node can use all its peers. (We'd also need to make sure to 
have rate limits to impair distinguishing a bundle-receiver from a non-bundling 
requester through request rate. Which is another performance hit.) It 
introduces a new vulnerability as well: the only time an attacker can expect to 
receive a bundle - requests for all blocks in a large file - is when connected 
to the source of the request, and that gives all-but-certainty that the 
connected node is the requester.

I guess this ends up being a numbers game? Currently I think long links are 
more liable to exceed a uniform share because they cover more of the location 
space, and those are 30% of the links. [0] This would maintain that problem, 
but for 50% of files (or whatever it ends up being) one peer has the potential 
to gain all-but-certain knowledge of what is being fetched. This means attacker 
certainty for 1/(peer count) for half the files fetched. Is that an improvement 
for the alternative of 30% of connections suspicion for all files that still 
applies when not bundling?

[0] 
https://github.com/freenet/fred/blob/build01478/src/freenet/node/OpennetManager.java#L98

possible drawbacks:

- disconnecting during the fetch would restart all the non-finished blocks on 
another peer. Therefore local requests would have increased latency, and 
strongly increased jitter in latency (losing the wrong peer during transfer 
would require restarting all non-finished requests)

- The anonymity set *with complete knowledge* (which might be attainable via 
timing attacks by selective DoSing of your peers, one by one or grouped) is 
just about 2-3 against one of the nodes (the number of HTL18 hops). There is 
one node for which capturing packets from you means, that there’s a 30-50% 
probability that you’re the originator. However for all other nodes none of 
your traffic goes through them — you’re merely forwarding. So the actual 
probability that you’re the originator of any captured stream of randomly 
sorted request keys is only 6-10% (with 5 peers for whom you do not decrement 
HTL).

- A small subset of these bundles might propagate very far (in a network of 
1000 nodes, the average result for the longest forwarding should be 10 hops, in 
a network of 16000 14 hops, and so on as log2(N)), so peers might have to 
replace a target if the latency for the bundled requests is very high (this 
will limit the maximum length of the forwarding). I’m not sure if our existing 
connection dropping conditions will fire here (due to timeouts or a too small 
success rate). Churn should also limit the length of the tunnels: If the 
average session uptime of a peer is 2 hours, a 10 hops forwarding should 
typically be broken within 12 minutes while a 2 hops forwarking should live for 
one hour.

Best wishes,
Arne
--
Unpolitisch sein
heißt politisch sein
ohne es zu merken

Re: DDG Tasks Bug Bounty Proposal

[Steve Dougherty]

Is your understanding consistent with Matthew's that FPI cannot pay a developer 
who remains anonymous to FPI?

Are you willing to have FPI offer bug bounties? If so, I can put out the call. 
Would you rather that we engage individual non-proven developers one at a time 
and offer them lump sums for merged code instead? That would make setting a 
deadline reasonable, at least, which would be nice.

 Original Message 
Subject: Re: DDG Tasks Bug Bounty Proposal
Local Time: May 6, 2017 3:46 PM
UTC Time: May 6, 2017 7:46 PM
From: i...@locut.us
To: devl@freenetproject.org

Interesting idea, but isn't there a danger of duplicated effort with this 
approach?

It would be annoying to put a bunch of work into something only to be beaten to 
the finish line by someone else. From a developer's perspective that would add 
to the risk and may be a disincentive to try.

On Sat, May 6, 2017, 4:53 AM Steve Dougherty <st...@asksteved.com> wrote:
Hi everyone,

To my understanding, at least currently xor does not want FPI to pay him for 
his work. Some developers on FMS have proposed bug bounties - say, $1000 - for 
completing a task like "fix Windows tray / installer to work with 64-bit Java." 
This would be in a "first to get reviewed and merged gets paid" fashion, the 
idea being we can pay people not yet familiar with the project to familiarize 
themselves and not have to commit to paying an unknown developer hourly. At 
least one developer has asked that payment be available in crypto currency; 
this seems reasonable to me.

Thoughts?

- Steve
--

Stacks
http://trystacks.com/ - Our AI will save you money

Re: DDG Tasks Bug Bounty Proposal

[Steve Dougherty]

That is a general disadvantage to bounties, yes, but we are not in a situation 
where there are known-qualified developers with time available to be paid 
hourly for these things.

 Original Message 
Subject: Re: DDG Tasks Bug Bounty Proposal
Local Time: May 6, 2017 3:46 PM
UTC Time: May 6, 2017 7:46 PM
From: i...@locut.us
To: devl@freenetproject.org

Interesting idea, but isn't there a danger of duplicated effort with this 
approach?

It would be annoying to put a bunch of work into something only to be beaten to 
the finish line by someone else. From a developer's perspective that would add 
to the risk and may be a disincentive to try.

On Sat, May 6, 2017, 4:53 AM Steve Dougherty <st...@asksteved.com> wrote:
Hi everyone,

To my understanding, at least currently xor does not want FPI to pay him for 
his work. Some developers on FMS have proposed bug bounties - say, $1000 - for 
completing a task like "fix Windows tray / installer to work with 64-bit Java." 
This would be in a "first to get reviewed and merged gets paid" fashion, the 
idea being we can pay people not yet familiar with the project to familiarize 
themselves and not have to commit to paying an unknown developer hourly. At 
least one developer has asked that payment be available in crypto currency; 
this seems reasonable to me.

Thoughts?

- Steve
--

Stacks
http://trystacks.com/ - Our AI will save you money

DDG Tasks Bug Bounty Proposal

[Steve Dougherty]

Hi everyone,

To my understanding, at least currently xor does not want FPI to pay him for 
his work. Some developers on FMS have proposed bug bounties - say, $1000 - for 
completing a task like "fix Windows tray / installer to work with 64-bit Java." 
This would be in a "first to get reviewed and merged gets paid" fashion, the 
idea being we can pay people not yet familiar with the project to familiarize 
themselves and not have to commit to paying an unknown developer hourly. At 
least one developer has asked that payment be available in crypto currency; 
this seems reasonable to me.

Thoughts?

- Steve

Re: Questions on Freenet - Second Try

[Steve Dougherty]

Sorry; I managed to send this message before I was done with it.

 Original Message 
Subject: Re: Questions on Freenet - Second Try
Local Time: May 1, 2017 7:43 PM
UTC Time: May 1, 2017 11:43 PM
From: st...@asksteved.com
To: Discussion of development issues , 
philipp.spei...@uni-ulm.de 

I'm not confident in my answers; I will provide guesses where I have them. For 
better results you'll either have to hope someone more knowledgeable than I 
answers you, or read the source code. https://github.com/freenet/fred

 Original Message 
Subject: Questions on Freenet - Second Try
Local Time: April 25, 2017 8:14 AM
UTC Time: April 25, 2017 12:14 PM
From: philipp.spei...@uni-ulm.de
To: Support 
Devl@freenetproject.org

Hello

Unfortunately, my previously transmitted questions have not been
answered so far. Maybe the large amount of questions was daunting. I
have reduced it to a few questions which can be answered, hopefully,
in a straightforward fashion.

Path Folding and Connection Managment:

- Is it required that the data source actually starts to send a "path
folding" offer back along the path or might any node on the path
simply decide to send its node reference back along the path, hoping
to get new connections?

It is my guess that a path folding offer can come from any node along the path.

- Does the data source always send the "path folding" offer back or is
it possible to omit this. If the latter is the case, does this imply
that there is no chance for creating new connections on this
particular path?

I think it can be omitted.

- If one node answers the "path folding" offer and a new connection is
created, is this "path folding" offer then passed back further along
the path or does it stop at that node?

I don't know.

- When connecting to a new node, how is the Friend-of-a-Friend
information (i.e. the locations of the node's neighbors) exchanged?

The only message type I've noticed that looks relevant is this one: 
https://github.com/freenet/fred/blob/build01478/src/freenet/io/comm/DMT.java#L1345

I have not verified it's actually in use as such.

- Churn leads to frequent changes in the neighborhood of a node. How
is the Friend-of-a-Friend information maintained to keep the
maintenance overhead small?

You mean in terms of transfer of that information?

Freenet's Load Balancing:

- Relaying a request requires to keep track of it, i.e. the node needs
to store information to be able to return the corresponding response
at a later time. Due to resource limitations, a node cannot accept
arbitrary requests and maintain state for them.

-> So, requests can actually decide to reject a request depending on
their current load. The corresponding connection is marked as "backed
off", i.e. an exponential growing backoff time is determined to pause
the connection. No requests are sent to the node during the backoff
time to prevent putting further load on it.
-> However, Matthew Toseland writes in his work
http://www.toselandcs.co.uk/flogmirror/mjt92-diss-final.pdf that also
a message is sent back to the request initiator in this case.
=> I would like to know, what is the purpose of this message?

https://github.com/freenet/fred/blob/build01478/src/freenet/io/comm/DMT.java#L473
 ?

My expectation is to have an explicit feedback mechanism instead of an implicit 
one based on lack of results.

=> Does the request initiator react in some way in this situation?

I'm not certain about that either. I would expect it prompts backoff; there are 
probes for RejectedOverload percentages.

Re: Questions on Freenet - Second Try

[Steve Dougherty]

I'm not confident in my answers; I will provide guesses where I have them. For 
better results you'll either have to hope someone more knowledgeable than I 
answers you, or read the source code. https://github.com/freenet/fred

 Original Message 
Subject: Questions on Freenet - Second Try
Local Time: April 25, 2017 8:14 AM
UTC Time: April 25, 2017 12:14 PM
From: philipp.spei...@uni-ulm.de
To: Support 
Devl@freenetproject.org

Hello

Unfortunately, my previously transmitted questions have not been
answered so far. Maybe the large amount of questions was daunting. I
have reduced it to a few questions which can be answered, hopefully,
in a straightforward fashion.

Path Folding and Connection Managment:

- Is it required that the data source actually starts to send a "path
folding" offer back along the path or might any node on the path
simply decide to send its node reference back along the path, hoping
to get new connections?

It is my guess that a path folding offer can come from any node along the path.

- Does the data source always send the "path folding" offer back or is
it possible to omit this. If the latter is the case, does this imply
that there is no chance for creating new connections on this
particular path?

I think it can be omitted.

- If one node answers the "path folding" offer and a new connection is
created, is this "path folding" offer then passed back further along
the path or does it stop at that node?

I don't know.

- When connecting to a new node, how is the Friend-of-a-Friend
information (i.e. the locations of the node's neighbors) exchanged?

- Churn leads to frequent changes in the neighborhood of a node. How
is the Friend-of-a-Friend information maintained to keep the
maintenance overhead small?

Freenet's Load Balancing:

- Relaying a request requires to keep track of it, i.e. the node needs
to store information to be able to return the corresponding response
at a later time. Due to resource limitations, a node cannot accept
arbitrary requests and maintain state for them.

-> So, requests can actually decide to reject a request depending on
their current load. The corresponding connection is marked as "backed
off", i.e. an exponential growing backoff time is determined to pause
the connection. No requests are sent to the node during the backoff
time to prevent putting further load on it.
-> However, Matthew Toseland writes in his work
http://www.toselandcs.co.uk/flogmirror/mjt92-diss-final.pdf that also
a message is sent back to the request initiator in this case.
=> I would like to know, what is the purpose of this message?
=> Does the request initiator react in some way in this situation?

Best regards,
Philipp

Re: Questions on Freenet - Second Try

[Steve Dougherty]

 Original Message 
Subject: Questions on Freenet - Second Try
Local Time: April 25, 2017 8:14 AM
UTC Time: April 25, 2017 12:14 PM
From: philipp.spei...@uni-ulm.de
To: Support 
Devl@freenetproject.org

Hello

Unfortunately, my previously transmitted questions have not been
answered so far. Maybe the large amount of questions was daunting. I
have reduced it to a few questions which can be answered, hopefully,
in a straightforward fashion.

Hi Phillip,

Sorry about that - my recollection was that someone had replied to your initial 
mail, but I can't find any evidence that actually happened. I think we were 
also having some configuration difficulties around the mailing list after 
transitioning from a VPS to AWS.

I don't have time right this second to reply to your questions, but if someone 
else doesn't in the next few days I expect to have enough time next week.

- Steve

Path Folding and Connection Managment:

- Is it required that the data source actually starts to send a "path
folding" offer back along the path or might any node on the path
simply decide to send its node reference back along the path, hoping
to get new connections?

- Does the data source always send the "path folding" offer back or is
it possible to omit this. If the latter is the case, does this imply
that there is no chance for creating new connections on this
particular path?

- If one node answers the "path folding" offer and a new connection is
created, is this "path folding" offer then passed back further along
the path or does it stop at that node?

- When connecting to a new node, how is the Friend-of-a-Friend
information (i.e. the locations of the node's neighbors) exchanged?

- Churn leads to frequent changes in the neighborhood of a node. How
is the Friend-of-a-Friend information maintained to keep the
maintenance overhead small?

Freenet's Load Balancing:

- Relaying a request requires to keep track of it, i.e. the node needs
to store information to be able to return the corresponding response
at a later time. Due to resource limitations, a node cannot accept
arbitrary requests and maintain state for them.

-> So, requests can actually decide to reject a request depending on
their current load. The corresponding connection is marked as "backed
off", i.e. an exponential growing backoff time is determined to pause
the connection. No requests are sent to the node during the backoff
time to prevent putting further load on it.
-> However, Matthew Toseland writes in his work
http://www.toselandcs.co.uk/flogmirror/mjt92-diss-final.pdf that also
a message is sent back to the request initiator in this case.
=> I would like to know, what is the purpose of this message?
=> Does the request initiator react in some way in this situation?

Best regards,
Philipp

Re: manifest files and forwarding

[Steve Dougherty]

New information on the law enforcement attack is now public record: 
https://www.reddit.com/r/Freenet/comments/66f0n3/missouri_law_enforcements_freenet_attack_now/

 Original Message 
Subject: Re: manifest files and forwarding
Local Time: April 12, 2017 11:48 PM
UTC Time: April 13, 2017 3:48 AM
From: st...@asksteved.com
To: devl@freenetproject.org

Sorry for the top reply; my mobile email client's capabilities are lacking.

Yes. This category of attack is a thing. It sounds similar to a (flawed) law 
enforcement attack described in a paper dated 2013 that leaked a while back: 
https://www.reddit.com/r/Freenet/comments/4ebw9w/more_information_on_law_enforcements_freenet/
 The site providing it has since been password protected, but the reaction 
remains.

Do I understand your countermeasure proposal correctly: for each file, 
probabilistically choose a peer to route all requests for it? Interesting! It 
would of course worsen routing, but maybe not too much. IIRC routing is more a 
function of link length distribution than individual misrouting. I worry that 
because a single node cannot accept as many requests files could alternate 
between current and worse performance. The temptation would be to hide it 
behind some higher network security level, but this kind of thing is only 
useful if it's the default. Do we know whether a peer can evaluate HTL 
distribution, or location distribution of blocks known to be in a file, or 
something to guess whether probabilistic decrement is in use? That would be my 
concern about tying it to the same decision.

Other than that I like this proposal!
 Original Message 
On Apr 12, 2017, 12:25 PM, Stefanie Roos < stefanie.r...@uwaterloo.ca> wrote:

> Hi,
>
> we are currently looking into different methods for censorship-resistant
> publication in distributed systems using different replication techniques.
>
> I have a question regarding the anonymity of downloaded a file that is
> split in a reasonable large number of blocks. Are the requests for all
> blocks forwarded independently using FoF routing (or the hill-climbing
> algorithm if FoF is disabled).
>
> If so, doesn't that enable the following attack: Assume an adversary
> wants to find out if one of her peers is downloading the file. She can
> obtain the manifest file and thus the CHK keys of all blocks. Someone
> downloading the file will request all blocks, forwarding the requests to
> different peers. These will forward the request to their peers. So
> likely their peers will receive more block requests than non-peers. So,
> if the adversary wants to find out if she is connected to the requester,
> shouldn't receiving a high number of requests for the different blocks
> of the same file be a really good indicator that this peer is the actual
> requester and not only forwarding? The math is a bit more complicated,
> as the the number of files per peer will not be uniform. Nodes have few
> peers at a large distance and those have a higher chance of being the
> closest peer to a CHK block (or have the closest peer to a key if FoF
> routing is enabled). Nevertheless, I think this is clearly a serious
> problem, if I understand what is happening correctly.
>
> Wouldn't it be better to add the possibility of forwarding all block
> requests along the same link initially? It could be tied to the
> probabilistic HTL decrease: Initiator/forwarder with HTL=18 of a request
> uses random peer. If HTLDecrement==false is set for that connection, all
> block requests are forwarded to that peer (or rather one request
> including the manifest file), otherwise all of them are routed
> individually as it is now (if that is what is happening now). Now, the
> adversary can use the above attack to tell which peer started routing
> rather than random forwarding but that might not be the requester.
>
> Any thoughts on that?
>
> Thanks,
>
> Stef
>

--
Stefanie Roos
Postdoctoral Fellow
CrySP, University of Waterloo
https://cs.uwaterloo.ca/~sroos/

Re: Tried to deploy a change to the site

[Steve Dougherty]

I see the change on the website now; it just took a while.

If I'm reading these timestamps correctly, and I'm not sure that I am, it looks 
there were five minutes before it started the build. The build then took 4 
minutes 11 seconds. I do not have information to speak to whether there were 
additional delays after the build completed.

commit 10:24 AM EDT
build started 14:29:41Z -- 
https://travis-ci.org/freenet/website/builds/224916100

 Original Message 
Subject: Tried to deploy a change to the site
Local Time: April 23, 2017 10:27 AM
UTC Time: April 23, 2017 2:27 PM
From: i...@freenetproject.org
To: devl@freenetproject.org

A few minutes ago I made the following minor change to the site (pushed to the 
2016-redesign branch).

https://github.com/freenet/website/commit/5dd149b5b04535d6253b44817e5c44be98865de0

A few minutes later I'm still not seeing the change live on the site, did I 
miss a step?

Ian.

Ian Clarke
Founder, The Freenet Project
Email: i...@freenetproject.org

Re: manifest files and forwarding

[Steve Dougherty]

Sorry for the top reply; my mobile email client's capabilities are lacking.

Yes. This category of attack is a thing. It sounds similar to a (flawed) law 
enforcement attack described in a paper dated 2013 that leaked a while back: 
https://www.reddit.com/r/Freenet/comments/4ebw9w/more_information_on_law_enforcements_freenet/
 The site providing it has since been password protected, but the reaction 
remains.

Do I understand your countermeasure proposal correctly: for each file, 
probabilistically choose a peer to route all requests for it? Interesting! It 
would of course worsen routing, but maybe not too much. IIRC routing is more a 
function of link length distribution than individual misrouting. I worry that 
because a single node cannot accept as many requests files could alternate 
between current and worse performance. The temptation would be to hide it 
behind some higher network security level, but this kind of thing is only 
useful if it's the default. Do we know whether a peer can evaluate HTL 
distribution, or location distribution of blocks known to be in a file, or 
something to guess whether probabilistic decrement is in use? That would be my 
concern about tying it to the same decision.

Other than that I like this proposal!
 Original Message 
On Apr 12, 2017, 12:25 PM, Stefanie Roos wrote:

> Hi,
>
> we are currently looking into different methods for censorship-resistant
> publication in distributed systems using different replication techniques.
>
> I have a question regarding the anonymity of downloaded a file that is
> split in a reasonable large number of blocks. Are the requests for all
> blocks forwarded independently using FoF routing (or the hill-climbing
> algorithm if FoF is disabled).
>
> If so, doesn't that enable the following attack: Assume an adversary
> wants to find out if one of her peers is downloading the file. She can
> obtain the manifest file and thus the CHK keys of all blocks. Someone
> downloading the file will request all blocks, forwarding the requests to
> different peers. These will forward the request to their peers. So
> likely their peers will receive more block requests than non-peers. So,
> if the adversary wants to find out if she is connected to the requester,
> shouldn't receiving a high number of requests for the different blocks
> of the same file be a really good indicator that this peer is the actual
> requester and not only forwarding? The math is a bit more complicated,
> as the the number of files per peer will not be uniform. Nodes have few
> peers at a large distance and those have a higher chance of being the
> closest peer to a CHK block (or have the closest peer to a key if FoF
> routing is enabled). Nevertheless, I think this is clearly a serious
> problem, if I understand what is happening correctly.
>
> Wouldn't it be better to add the possibility of forwarding all block
> requests along the same link initially? It could be tied to the
> probabilistic HTL decrease: Initiator/forwarder with HTL=18 of a request
> uses random peer. If HTLDecrement==false is set for that connection, all
> block requests are forwarded to that peer (or rather one request
> including the manifest file), otherwise all of them are routed
> individually as it is now (if that is what is happening now). Now, the
> adversary can use the above attack to tell which peer started routing
> rather than random forwarding but that might not be the requester.
>
> Any thoughts on that?
>
> Thanks,
>
> Stef
>

--
Stefanie Roos
Postdoctoral Fellow
CrySP, University of Waterloo
https://cs.uwaterloo.ca/~sroos/

Re: [freenet-dev] Freenet 0.7.5 build 1476 is now available

[Steve Dougherty]

 Original Message 
Subject: [freenet-dev] Freenet 0.7.5 build 1476 is now available
Local Time: March 1, 2017 7:29 PM
UTC Time: March 2, 2017 12:29 AM
From: arne_...@web.de
To: Discussion of development issues 

Freenet 0.7.5 build 1476 is now available.

Congratulations on your first release!
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] preserving the links to the wiki

[Steve Dougherty]

Apologies for the top reply; ProtonMail's clients need some work and inline 
replying appears effectively impossible currently, at least on mobile.

Okay, I misinterpreted the primacy of your citing the Google trend. If Mantis 
further decays we may find ourselves reevaluating this decision. I do like that 
GitHub has an API, and agree that something free would be preferable if it met 
our needs, but in the case of GitHub losing field separation in the migration 
wouldn't be great, nor would breaking links.

Ah okay, I misunderstood your point about people switching to GitHub accounts 
to continue participating to mean that users would be expected to migrate their 
own issues.






 Original Message 
On Feb 21, 2017, 11:38 AM, Ian Clarke wrote:



On Tue, Feb 21, 2017 9:51 AM, Steve Dougherty  st...@asksteved.com wrote:



Ian, the thing I find frustrating with your approach is that we'd regularly be 
moving to something new based on what's literally trending.


That's a caricature of what I've said. My main point is that we should not be 
administering our own server when there are good free 3rd-party hosted 
alternatives for everything we need to do.

My secondary point is that Mantis is a dying piece of software, and it has been 
dying for years, but if you are all really that attached to it then we should 
find a reliable and cost-effective 3rd-party hosted solution, which the project 
can pay for.


Unlike GitHub's wiki, I do not see a (semi-)automated way to export GitHub 
issues into another system

Github Issues has a simple and comprehensive API which makes it just as easy to 
export data from it as from anything else, moreso given that it's likely to be 
much better supported than Mantis going forward.


, and I really don't want to put our issues in something we can't later move 
them from. (I do see some extraction scripts using the API but they seem to 
output just HTML; I do suppose that's solvable but would mean additional work.)

You don't even know what future issue tracker we'd want to export to, so it's 
hardly surprising that a script for it doesn't yet exist. I would estimate just 
a few hours of dev work to export from Github Issues to any other reasonable 
issue tracker.


I do agree there's a big backlog of issues that are probably not going to be 
addressed anytime soon, but that's hardly unique for a long-running project. 
Manual migration is not a viable way forward for the bug tracker.

Nobody is advocating that.

Ian.
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] 5 weeks till our SSL certificate expires

[Steve Dougherty]

Sure, I'll discuss this with nextgens.






 Original Message 
On Feb 21, 2017, 11:42 AM, Ian wrote:



Steve, are you in a position to take ownership of this task (renewing our cert 
and migrating to Let's Encrypt)?

What about using AWS, don't they do free certs now? It seems like Florent is 
keen on migrating everything to AWS (except for what's on Github), if so it 
might be nice to have the cert through AWS too (and AWS has good multi-user 
functionality).

Ian.








On Tue, Feb 21, 2017 9:31 AM, Steve Dougherty  st...@asksteved.com wrote:

 Original Message 




Subject: Re: [freenet-dev] 5 weeks till our SSL certificate expires

Local Time: February 21, 2017 8:07 AM

UTC Time: February 21, 2017 1:07 PM

From: i...@locut.us

To: Discussion of development issues <devl@freenetproject.org>, Florent 
Daignière <nextg...@freenetproject.org>




Did we migrate over to AWS for SSL? I'm not at all familiar with how this is

set up - who is? Florent?




We bought an SSL cert from Alpha SSL and use it with Apache on osprey. My 
inclination would be to move to Let's Encrypt.

___

Devl mailing list

Devl@freenetproject.org

https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] preserving the links to the wiki

[Steve Dougherty]

Okay, xor and I will handle it.






 Original Message 
On Feb 21, 2017, 2:00 PM, Ian Clarke wrote:

It's ok, the project can pay for it if everyone is in agreement, and if
someone is willing to handle the migration.





On Tue, Feb 21, 2017 12:30 PM, x...@freenetproject.org wrote:
On Tuesday, February 21, 2017 01:24:50 PM Steve Dougherty wrote:

> We're at the point where I would repeat myself. For reasons already stated,

> I'd like to continue using Mantis. I am willing to pay the hosting costs.

> There are more than directly financial costs in migrating to a new

> platform.




Great, I'd suggest you then pay only half, and I pay the other half :)




As an only exception I would propose that FPI pays the $200 one-time migration

fee as that is something completely independent of which bugtracker we use.

And $200 being a wage for one person day is appropriate - it will probably be

a week of work to migrate any bugtracker for us being untrained with that, so

a day is cheap.___

Devl mailing list

Devl@freenetproject.org

https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl



Ian ClarkeStacks - Our AI will save your moneyhttp://trystacks.com/
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] preserving the links to the wiki

[Steve Dougherty]

We're at the point where I would repeat myself. For reasons already stated, I'd 
like to continue using Mantis. I am willing to pay the hosting costs. There are 
more than directly financial costs in migrating to a new platform.






 Original Message 
On Feb 21, 2017, 1:05 PM, Ian Clarke wrote:

$23/month is expensive for what this is (considering that Github is free for
open source projects and does a lot more) :-/
Ian.





On Tue, Feb 21, 2017 11:58 AM, x...@freenetproject.org wrote:
On Tuesday, February 21, 2017 06:02:25 PM x...@freenetproject.org wrote:

> > What company can we use for Mantis hosting?

>

> I will allocate a day for googling all of them ASAP, I'll try to do it

> within a week.




Actually, the decision which company to ask first can be solved pretty

naturally - Mantis has a recommendation linked from the frontpage of their

website, if they recommend it the company ought to work somehow:

https://www.mantisbt.org/hosting.php




They have a $22.92/month plan which would likely suit us if there wasn't the

very low user limit of 15 - we have 1200.

However I've calculated our daily average users to be 0.3!




I've sent them a mail which explains that we're a non-profit and thus have

high user churn with low activity, and asked them nicely to make an exception

& give us an offer.




I'll let you know their answer.



Ian Clarke
Founder, The Freenet Project
Email: i...@freenetproject.org
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] preserving the links to the wiki

[Steve Dougherty]

Ian, the thing I find frustrating with your approach is that we'd regularly be 
moving to something new based on what's literally trending. I'd be much happier 
with paying for Mantis hosting than spending effort, breaking links, forcing 
users to mess with accounts if they still want to work on issues, and losing 
functionality moving to GitHub's issue tracking. (Issue relationship fields are 
an example of something we use and would lose.) We're in agreement that server 
administration is annoying, and I'd much rather continue using Mantis in a way 
that doesn't put server administration on us. Unlike GitHub's wiki, I do not 
see a (semi-)automated way to export GitHub issues into another system, and I 
really don't want to put our issues in something we can't later move them from. 
(I do see some extraction scripts using the API but they seem to output just 
HTML; I do suppose that's solvable but would mean additional work.)


I'd be fine with moving to GitHub's wiki, provided we also have something in 
place to ensure old links continue working. because Cool URIs Don't Change: 
https://www.w3.org/Provider/Style/URI.html We can download and modify it as a 
Git repo, Markdown is better than MediaWiki's markup, and I found a tool for 
semi-automatic conversion: 
https://github.com/philipashlock/mediawiki-to-markdown

I do agree there's a big backlog of issues that are probably not going to be 
addressed anytime soon, but that's hardly unique for a long-running project. 
Manual migration is not a viable way forward for the bug tracker.


 Original Message 
Subject: Re: [freenet-dev] preserving the links to the wiki
Local Time: February 21, 2017 9:43 AM
UTC Time: February 21, 2017 2:43 PM
From: i...@freenetproject.org
To: x...@freenetproject.org
Discussion of development issues 

On Tue, Feb 21, 2017 8:15 AM, x...@freenetproject.org wrote:
On Tuesday, February 21, 2017 02:01:02 PM Ian Clarke wrote:

> If necessary we can continue to pay for our own server, however I think it

> would be better for everyone if we could migrate over to solutions that

> don't require that we manage our own servers, such as Github Issues for

> bugtracking.




I've looked at GitHub issues for bugtracking, they are not an option:




The most simple issue with it would be that it would require us to ask every

pre-existing bug reporter to allow us acccess to their GitHub account so we

can link their issues against their account. We have 1158 user accounts, so
this isn't going to happen.




We wouldn't have to do that, we could add a note/tag to each issue with the
original reporter and those that are still active in the project can change the
ownership of their issues to themselves.
Also, your argument could be used to prevent us from ever moving away from
Mantis as our bugtracker. Looking at Google Trends, Mantis has been steadily
declining in popularity for at least the last 5 years. Our dependence on it
will become more and more of a headache with time, even if we find a free hosted
solution for it.


Also consider that we're a paranoia focused project, so even our most active
contributors might not grant access.




As mentioned, there is no requirement for anyone to grant anything for us to
migrate our issues to Github or another solution.


As a paranoia-focussed project, the fact that we are maintaining our own server
without the resources to maintain it properly (including security) should be a
much greater concern than it appears to be.


It also is very unlikely that GitHub can provide a 1:1 mapping of the

datamodel of Mantis, so we would lose lots of critical information.




Such as?


Given that us trying to migrate a Wiki resulted in 4 Wikis, we should probably

quit trying to pretend we have the resources to migrate things to different

software and keep using the one we're familiar with.




We should quit trying to pretend we have the resources to manage our own server,
and acknowledge that sooner or later (preferably sooner) we'll be forced to bite
the bullet and switch to a modern hosted bugtracker. It's not a question of
"if", but "when" and "how".


I cannot name a single critical feature which Mantis is lacking for our
purposes anyway, and I am probably the one who currently uses our Mantis the

most.




The most critical feature it's lacking is that someone else administers the
server it runs on. The fact that it has been declining steadily in popularity
for at least 5 years is another serious concern.
The security impact can be lessened by frequent backup (I can offer that as

well) and hosting our actual website + binaries elsewhere, which I am fine

with.




Frequent backups won't help us if the server is compromised.
I have been running my own server with a dozen of services for like a decade,
I'm not new to that. I even wrote a 90 page documentation of its settings :D




Even if you can completely replace what Florent has been doing, being solely

Re: [freenet-dev] Website Redesign Pre-pre-alpha

[Steve Dougherty]

On Sun, Jan 29, 2017, 6:39 AM Arne Babenhauserheide  wrote:

>
> Dan Roberts  writes:
> > I've hosted the current state of the redesign here for now:
> > https://ademan-laptop.github.io/freenet-website-redesign-pelican/
>
> Wow, looks good.
>

It sure does! Thank you for making this!

A random thought (no requirement): It would be cool if we could show
> some content from Freenet within the rabbit shape. Maybe adding a
> twinkling eye to the rabbit, followed by short flashes of screenshots.
>

I disagree. Having open space and leaving the logo uncluttered seems
important. I agree screenshots would be good; we had some before the last
redesign, so we don't necessarily need new ones. I'm not sure where to put
them though.

More importantly: However they are shown: We are lacking screenshots.
>
> About the content: The tagline ("browse ... ") sounds weak and does not
> make it clear that you can only access content within Freenet. That is
> stronger on our current site, though still not perfectly clear that this
> is only for sites in Freenet:
>
> > Leap over censorship
> > Escape total surveillance
>
> > Freenet is a peer-to-peer platform for censorship-resistant
> > communication and publishing.  Browse websites, post on forums, and
> > publish files within Freenet with strong privacy protections.
>
> The missing tagline ("Leap ...") makes this pretty weak.
>
>
> For *testimonials* you can use some of the quotes from the (removed)
> carousel:
> https://github.com/freenet/website/commit/05de6ca1271b2916eacfdbbfc75f1e5ecd22f00a#diff-39f50d8311a16c223941b20dd00f12e4L26
>
> 'Now the Mempo repository can not be censored, DDoSed or taken offline,
> despite having just one tiny server.'* — rfree in [apt-get over
> Freenet](news.html#20150105)
>
> 'A decentralized anonymous datastore with real censorship resistance, no
> central authority and long lifetime only for information which people
> actually use.'* — [The forgotten Cryptopunk Paradise](
> http://draketo.de/english/freenet/forgotten-cryptopunk-paradise)
>
> “After running the Tor services for years it was a big relief to just
> shut down the services for good and say ’fuck it’. I never again
> had to worry no more about security. With Freenet I am Free, it
> suites the name pretty well if you ask me.”
> — Unkwon
>

Even if it is quoting someone else I'd lean against cursing, especially on
the front page.

Best wishes,
> Arne
>
> > Ah great, I was unaware we had an official facebook page. I think it
> would
> > be great to at least mirror some of our most recent news items to it for
> > content. Facebook and Twitter are the two most important social media
> > accounts in my estimation, but I no longer follow these sort of things
> > closely.
> >
> >
> > There are still known issues, but I've enabled github issues on the
> > project. Please feel free to report issues and comments/criticism as you
> > come across them. I plan to spend some time tomorrow squashing more bugs
> > that resulted from the port to pelican.
> >
> > Thanks,
> > Dan
> >
> >
> >
> > On Sat, Jan 28, 2017 at 5:23 PM, Ian Clarke  wrote:
> >
> >> I use FB, and we already have a Freenet page -
> >> https://www.facebook.com/freenetp2p/
> >> It's not well maintained, but it is getting about 15 likes per week or
> >> so.  If
> >> anyone would like to assist with it let me know.
> >>
> >>
> >>
> >>
> >>
> >> On Sat, Jan 28, 2017 4:07 PM, Arne Babenhauserheide arne_...@web.de
> >> wrote:
> >> Hi,
> >>
> >>
> >>
> >>
> >> Dan Roberts  writes:
> >>
> >> > Ian: Are you comfortable with creating social media accounts for
> Freenet?
> >>
> >> > Our design assumes their existence. I think a Facebook account is
> >>
> >> > worthwhile in any case.
> >>
> >>
> >>
> >>
> >> As far as I know we have a twitter account. Does anyone among us use
> >>
> >> Facebook (so is there someone who could routinely monitor the account)?
> >>
> >>
> >>
> >>
> >> Best wishes,
> >>
> >> Arne
> >>
> >> --
> >>
> >> Unpolitisch sein
> >>
> >> heißt politisch sein
> >>
> >> ohne es zu merken
> >>
> >> ___
> >>
> >> Devl mailing list
> >>
> >> Devl@freenetproject.org
> >>
> >> https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
> >>
> >>
> >>
> >> Ian ClarkeStacks - Our AI will save your moneyhttp://trystacks.com/
> >> ___
> >> Devl mailing list
> >> Devl@freenetproject.org
> >> https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
> >>
> > ___
> > Devl mailing list
> > Devl@freenetproject.org
> > https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
>
>
> --
> Unpolitisch sein
> heißt politisch sein
> ohne es zu merken
> ___
> Devl mailing list
> Devl@freenetproject.org
> https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Status of web redesign?

[Steve Dougherty]

Thanks for the update!

On Fri, Dec 30, 2016, 5:34 PM Dan Roberts  wrote:

> Unfortunately I didn't find much time between work and three different sets
> of family, but I believe I can carve out time this weekend. I expect a very
> low key new years. I have a prospective solution to my biggest pelican
> concern that I'm very happy with, I'll try to update again this weekend.
>
> Thanks,
> Dan
>
> On Dec 25, 2016 3:24 PM, "Ian Clarke"  wrote:
>
> > Thanks for the update Dan, merry xmas.
> >
> > Ian Clarke
> > Founder, The Freenet Project
> > Email: i...@freenetproject.org
> >
> >
> >
> > On Sun, Dec 25, 2016 5:02 PM, Dan Roberts ademan...@gmail.com wrote:
> >
> >> I'm trying to find some time to fully exercise the parts of pelican we
> >> need. I still have some concerns and issues I ran into last weekend in
> my
> >> initial exploration, but I'm hopeful they're not showstoppers.
> >>
> >> Thanks,
> >> Dan
> >>
> >> On Dec 23, 2016 11:34 AM, "Ian Clarke"  wrote:
> >>
> >> Hey guys, this conversation seems to have died.
> >>
> >> Florent/Dan, are you guys on the same page about how we should proceed?
> >>
> >> Ian.
> >>
> >> Ian Clarke
> >> Founder, The Freenet Project
> >> Email: i...@freenetproject.org
> >>
> >>
> >>
> >> On Sat, Dec 17, 2016 5:09 PM, Ian Clarke i...@freenetproject.org wrote:
> >>
> >> On Sat, Dec 17, 2016 4:18 PM, Florent Daigniere
> >> nextg...@freenetproject.org wrote:
> >>
> >> On Sat, 2016-12-17 at 10:44 -0800, Dan Roberts wrote:
> >>
> >> > It is my impression that retaining our transifex translations is a
> >>
> >> > requirement.
> >>
> >>
> >> I don't think so (we are supposed to re-write/de-clutter the content!);
> >>
> >>
> >> I agree, I the content on the main website must be simplified
> >> dramatically relative to what we have now, focussing on the needs of
> those
> >> interested in downloading and using Freenet, and donating to the
> project.
> >> This is a commonly used approach for consumer-facing open source
> software
> >> (eg. https://getfirefox.com/), and I think we should emulate it.
> >>
> >> "Deeper" content, more relevant to researchers, or developers, should be
> >> migrated to a separate wiki (perhaps hosted on Github) - although as an
> >> interim measure we can keep the old site around on a different URL.  Of
> >> course we will provide links to it where appropriate from the main site
> so
> >> it is findable.
> >>
> >> The perfect shouldn't be the enemy of the good.  My inclination is to
> get
> >> the new site up ASAP, translations and content can catch up (and will be
> >> much easier with a simplified website).  I think with a website that
> looks
> >> really good it will also be a good motivator for people to contribute to
> >> improve it.
> >>
> >> From a devops perspective, I think an ideal situation would be to have a
> >> limited number of people that can merge pull-requests for the site (but
> not
> >> so limited that it proves to be a bottleneck), and then a merge to
> master
> >> results in an automatic roll-out of the improved site.
> >>
> >> Ian.
> >>
> >> Ian Clarke
> >> Founder, The Freenet Project
> >> Email: i...@freenetproject.org
> >>
> >>
> >>
> >> Ian Clarke
> >> Founder, The Freenet Project
> >> Email: i...@freenetproject.org
> >>
> >>
> >
> > Ian Clarke
> > Founder, The Freenet Project
> > Email: i...@freenetproject.org
> >
> ___
> Devl mailing list
> Devl@freenetproject.org
> https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] About the project

[Steve Dougherty]

On 08/12/2016 04:00 PM, Florent Daigniere wrote:
> On Thu, 2016-08-11 at 14:28 +, Ian Clarke wrote:
>> Why don't you set a date since you're the one that would do it?
> 
> 
> I have created https://github.com/freenet/wiki/wiki ... and will remove
> the old wikis as soon as we deploy the new website design.

Huh? Why? There's a bunch of documentation on the wikis already - what's
the reasoning for

1. changing wiki platforms (making administration GitHub's problem and
responsibility?)
2. not transitioning existing documentation (licensing?)

This seems like discarding lots of work - especially about FCP and GSoC
projects.

>> Can you clarify what you are suggesting?
>>
>> I certainly don't think we should be constrained in any way by some
>> kind of hoarder-like desire to never throw anything away, especially
>> when everything is already archived by a 3rd party.
>>  
> 
> Great; may I suggest that we get rid of
> https://archives.freenetproject.org/ as well as all the old builds on 
> https://downloads.freenetproject.org/ too while we're at it?

That I would be okay with, but I'd ask that we have a published deadline
two weeks or so from its announcement so those who care can
mirror/archive before it goes offline.



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] About the project

[Steve Dougherty]

On 08/11/2016 12:01 PM, Dan Roberts wrote:
> All else being equal, I'm all for cutting costs, but things don't appear
> equal. Migrating the wiki to Github could be a massive undertaking. I
> participated in exactly this migration with the Namecoin project and it was
> a royal pain. Github's mediawiki syntax support was incomplete at the time,
> and pandoc failed to completely translate the pages, leaving heaps of
> manual work for us, even in Namecoin's small wiki.
> 
> How big is the maintenance burden? How much are these costs? When funds
> were nearly depleted, I recall someone mentioned server costs were low
> enough that we could operate effectively indefinitely on the remaining ~3k.
> If true, this sounds like a ton of work to increase our dependency and
> trust on/of third parties.
> 
> I am also quite opposed to further centralizing in Github, but that is
> mostly offset by the security concerns regarding running our own mediawiki.

Agreed.



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] 99designs contest is up

[Steve Dougherty]

The page mentions Tahrir in places; those should be "Freenet":

"Designers from around the world are submitting creative designs for tahrir
in web page design - gold."

"How tahrir started their web page design journey"

On Sat, Aug 13, 2016, 12:02 PM Ian Clarke  wrote:

> Here it is: http://99d.me/c/dvvv
> Just 4 submissions so-far, I can rate the designs, if anyone disagrees
> strongly
> with a rating or would like to communicate a comment to a designer please
> make
> your argument here and I'll try to incorporate people's feedback.
> Ian.
> Ian Clarke
> Founder, The Freenet Project
> Email: i...@freenetproject.org
> ___
> Devl mailing list
> Devl@freenetproject.org
> https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Porting website FAQ to the wiki

[Steve Dougherty]

I'm interested in implementing a site that works with
https://pontoon.mozilla.org/ so we can still offer translators a way to
translate in-place, but the site can remain functional without JavaScript.

On Thu, Aug 11, 2016, 8:24 AM Ian Clarke  wrote:

> We need to think about how we handle internationalization in the new site.
> One option would be to use something like http://www.localeplanet.com/ - a
> JavaScript localization library, although I don't have personal experience
> with
> it.
> This would have the disadvantage that it won't work if the website is
> inserted
> into Freenet, however I don't think that's an important requirement
> because the
> new website will be primarily aimed at non-Freenet users, the wiki content
> will
> be more important to mirror into Freenet.
> Thoughts?
> Ian.
>
>
>
>
>
> On Thu, Aug 11, 2016 6:26 AM, Bert Massop bert.mas...@gmail.com wrote:
> Op 7 aug. 2016 09:23 schreef "Arne Babenhauserheide" :
>
> >
>
> > Hi Stephen,
>
> >
>
> > Stephen Oliver writes:
>
> >
>
> > > Hi everyone,
>
> > >
>
> > > As discussed earlier on IRC, I have ported all of the FAQ content from
>
> the freenetproject.org website over to our wiki, merged with the existing
>
> FAQ page[1].
>
> >
>
> > Looks good! Thank you!
>
> >
>
> > To keep existing #faq links working, we could add the anchor to the Get
>
> > Support section. Here’s a patch which would do that and still ensure
>
> > that the section is visible when clicking the anchor, but it’s a bit
>
> > hacky:
>
> >
>
> > diff --git a/pages/help.py b/pages/help.py
>
> > --- a/pages/help.py
>
> > +++ b/pages/help.py
>
> > @@ -65,7 +65,7 @@ class SupportSection(Section):
>
> > def get_content(self):
>
> > # License: GFDL (from old freenetproject.org website)
>
> > return text(md(_("""
>
> > -If you need help installing Freenet for the first time, or have trouble
>
> using Freenet and can't find an answer to your problem in the
>
> [FAQ][faq_link] or in the [Knowledge Base][kb_link], please create a new
>
> discussion on our support forum.
>
> > + 
>
>
>
> As a general note here: please keep the translation units as free from HTML
>
> markup as possible. Having to change translations to keep the site
>
> functional is not fun ;-)
>
>
>
>
> Kind regards,
>
> Bert
>
> ___
>
> Devl mailing list
>
> Devl@freenetproject.org
>
> https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
>
>
>
> -- Ian Clarke Stacks - The AI CFO for your personal finances
> http://trystacks.com/
> ___
> Devl mailing list
> Devl@freenetproject.org
> https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Design brief for new website

[Steve Dougherty]

Why are we doing this? This mailing list has been a toxic environment full
of anger, hurt, and mockery.

On Thu, Aug 11, 2016, 8:10 AM Ian Clarke  wrote:

> On Thu, Aug 11, 2016 1:40 AM, Arne Babenhauserheide arne_...@web.de wrote:
>
> > The last paragraph positively enraged me and I withdrew from the
> >
> > process. It’s one thing to discuss openly but a completely different
> >
> > thing to officially hire someone external with self-derogatory wording.
> >
>
> Oh sorry, were we having a conversation that wasn't all about you?  Let's
> make the conversation about you, shall we?  Feel better now?  Good.
>
>
> Ian.
>
>
> --
> Ian Clarke
> Founder, The Freenet Project
> Email: i...@freenetproject.org
> ___
> Devl mailing list
> Devl@freenetproject.org
> https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Banner must be removed from website NOW

[Steve Dougherty]

On 07/13/2016 06:04 PM, Ryan Matthews wrote:
> This has been brought to my attention and I would like to get more
> information about what exactly you are looking for.
> I currently work, and sit, right next to Steve D at work which would make
> moving the process forward quicker if he can have ideas bounced off of him.

Being able to discuss in person seems like it would be very helpful in
communicating and refining ideas quickly.

> It is hard to give a quote without knowing everything you would like done.
> Based on the bullets I list below I would give an informal quote of $2500
> but that could change based on more information becoming available on what
> exact things you are hoping to achieve.

In general, a design that isn't cluttered or ideally resists becoming
cluttered somehow, because it's going to be subjected to the same forces
that resulted in this one becoming cluttered. Ian feels very strongly
[0] that this theme needs to be dark on light instead of the current
light on dark, which is fine by me. (Maybe a dark mode toggle too?) Ryan
and I have talked about how most English source strings should stay the
same to minimize additional translation work. We might have need for
another fundraising bar in the future, so putting one together now would
be good. I'd roughly rank the design priorities thusly:

1. Download
2. Overview-level what it does (or maybe why people might want it?)
3. User support
4. Further documentation on how to use it; what it does and how
5. How to contribute time or money

The current site has these pieces but they are not particularly
well-organized. Re-introducing screenshots to the homepage (which the
previous site had [1] but this redesign does not) seems good too. We've
gotten design feedback from Reddit already. [2][3]

> From what I have heard these are the items which are being sought out:
> * Theme overhaul moving to a lighter theme (keep it mobile friendly)
> * Integrate it into the current website engine (
> https://github.com/freenet/website/)

I'd be up to doing the integration work myself. How does that change the
quote?

> * Provide content suggestions to create a more appealing look
> 
> Some recent sites  have worked on are:
> http://www.mrrsmtechnologies.com/ (My business site)
> https://www.phikappaupsilon.org/
> 
> Please let me know if you would like to flush things out, get a formal
> quote, and proceed with a redesign.

I'm interested! Ian?

- Steve

[0] https://emu.freenetproject.org/pipermail/devl/2015-November/038584.html
[1] https://web.archive.org/web/20151015021753/https://freenetproject.org/
[2]
https://www.reddit.com/r/design_critiques/comments/4h9eg5/were_a_nonprofit_software_project_and_were/
[3]
https://www.reddit.com/r/design_critiques/comments/3ri38h/we_recently_redesigned_our_website_would_love/



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Planning process Step #3

[Steve Dougherty]

On 05/26/2016 08:16 PM, Ian Clarke wrote:
> Many people have now contributed to the list of tasks, thank you all for
> your
> contributions.
> If you have not yet contributed, please do-so in the next day or two, after
> which I will curate the tasks and transfer them into a suitable form for
> the
> next step, which will be effort estimation.

Sounds good! I don't see the link to the doc on FMS already, so I have
posted the link to FMS.



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] next step? was: Planning process step #1: Broad resource areas

[Steve Dougherty]

On 05/26/2016 10:02 AM, Ian Clarke wrote:
> On Thu, May 26, 2016 6:55 AM, Steve Dougherty st...@asksteved.com wrote:
> I can understand if you're upset that Arne does not agree with you, but
> I don't understand what you're doing here. Do you expect that if you
> 
> berate Arne he will come around?
> 
> 
> 
> 
> I expect that we can have a discussion based on facts and logic, during which 
> we
> can disagree without being disagreeable, and after that discussion arrive at a
> logical conclusion. This is how healthy teams operate.

That's not what was happening.

> You are being disrespectful. I'm not at
> all suggesting that you aren't allowed to disagree, or be honest, but
> 
> you seem to go about being honest by also being hurtful.
> 
> 
> 
> 
> I do not believe I have been disrespectful, I have stated where I disagree 
> with
> Arne and why. Arne began his email with an ultimatum that he would not use
> Google Docs to participate in the process I'm trying to create. Was that not
> disrespectful of my efforts to try to create a democratic process for
> prioritizing our roadmap?

> Am I not permitted to criticise Arne, but it is fine for him to nitpick
> relatively trivial aspects of what I'm trying to do?

Yes, this is what I mean. The critical distinction here is that between
Arne and Arne's ideas. Discussing the ideas is the goal. What you see as
Arne's failings as a person are not relevant to what I hope can be a
discussion, not a debate or argument.

> I feel like you are
> approaching this with the goal of shutting down those who disagree with
> 
> you, instead of collaborating and discussing with others to arrive at a
> 
> reasonable solution to a problem.
> 
> 
> 
> 
> I'm trying to create a democratic process for prioritizing our roadmap so that
> we do not squander this $25k donation. Arne appears intent on fighting me at
> every step of the way, his refusal to use Google Docs being just one example.
> We have now spent hours of our time debating the Google Docs issue with people
> instead of advancing the project, which must be really hilarious to any 
> opponent
> of our project that's watching us. It reminds me of the film “The Life of
> Brian”, in which the People's Front of Judea are so busy fighting with the
> Judean People's Front that they forget about the Romans who are supposed to be
> their common enemy.
> I also note Steve that you do not even try to address the substance of the
> disagreement, focusing exclusively on my tone. Do you agree with Arne that we
> shouldn't use Google Docs? If so, what are your reasons?

I don't want to elaborate on this here because it detracts from my
primary point of discussing discussion.

> Can we not have a debate based on facts and arrive at a logical conclusion at
> the end of that debate? That's how things used to work, and it worked pretty
> well.

This sounds good, and would work well if it was what happened. The mail
I responded to had a reasonable first paragraph discussing the idea at
hand, and then started accusations about Arne as a person.

On 05/26/2016 10:27 AM, Ian Clarke wrote:
> On Thu, May 26, 2016 at 9:12 AM, Florent Daigniere <
> nextg...@freenetproject.org> wrote:
>>
>> Btw,
>>
>> I also disagree with using google-docs; the reason being: it requires
>> registration to a 3rd party service whereas the alternatives (wiki or
>> piratepad) don't.
>>
>
> In that case you will be pleased to learn that Google Docs does not
> require that you sign in to a Google account unless you require this
> when you create the "share" link, which I did not.
>
>
> (Did I deliver that disagreement too harshly?).

I have no objections to the tone or content of this. It discusses only
the idea and does not get into how having the idea might reflect on
Florent. Thank you.

- Steve



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] next step? was: Planning process step #1: Broad resource areas

[Steve Dougherty]

On 05/25/2016 08:49 PM, Ian Clarke wrote:
> On Wed, May 25, 2016 at 6:44 PM, Arne Babenhauserheide 
> wrote:
>>
>> Core technical reasons:
>>
>> - It excludes those of our users who assume (not unreasonably) that
>>   Google might de-anonymize them.
>>
> 
> Is there any technical evidence that Google Docs will deanonymize a Tor
> user, or even an explanation of how this could occur?  The Google Docs
> client code can be easily examined, so if Google were somehow doing this,
> wouldn't it be easy to see?
> 
> In reality there is nothing other than your dislike of Google behind this
> concern.  You're welcome to dislike Google if you wish, but you will need
> to make a better argument if you expect everyone else to adapt to your
> personal view, which is what you seem to be asking for.
> 
> 
>> - It also excludes those who do not run Tor but only use Freenet for
>>   anonymous communication.
>>
> 
> And how can such people anonymously use PiratePad, which is your preferred
> choice?  It has exactly the same issue.
> 
> 
>> - It does not work without Javascript. Many of our users disable
>>   Javascript, especially on Tor.
>>
> 
> Same for PiratePad, which is the choice you have advocated.
> 
> 
>> - People who follow the mailing list cannot follow the discussion and
>>   development of the document. This makes the work intransparent for
>>   most of our community.
>>
> 
> PiratePad also suffers from this problem, as would any practical solution
> that met our needs.
> 
> 
>> - It is a non-free platform, so this workflow could be cut at any time.
>>
> 
> In the extremely unlikely event that Google suddenly shuts down Google
> Docs, then it will not be difficult to switch to another solution.
> 
> These are all very weak arguments.
> 
> 
>> Personal reason:
>>
>> When I told Ian about my reservations against using Google Docs,
>> essentially the reasons I gave here, the discussion got personal. I
>> won’t go into details here, but it hurt.
> 
> 
>> If it had not been for that, I would have followed a community decision
>> about Google Docs, just like I did about using Github. However this
>> crossed the point of being about being reasonable. That’s why my
>> decision not to use Google Docs here is final.
>>
> 
> So you admit that your position here is not governed by technical arguments
> (a good thing, since those were not convincing), but rather by animosity
> towards me due to a perceived insult.  I'm glad you made that clear to
> everyone.
> 
> You have contributed very valuably to the project over the past few years
> Arne, and I sincerely hope that you continue to do-so, there really is no
> reason not to.
> 
> But in this matter you aren't behaving constructively, and the project
> should not accede to unreasonable demands which you've just admitted are
> driven by personal animus towards me.
> 
> The purpose of this project is to ensure that people have the freedom to
> communicate without fear of reprisal or censorship.  I don't see how any of
> this serves that purpose.

I can understand if you're upset that Arne does not agree with you, but
I don't understand what you're doing here. Do you expect that if you
berate Arne he will come around? You are being disrespectful. I'm not at
all suggesting that you aren't allowed to disagree, or be honest, but
you seem to go about being honest by also being hurtful. It's possible
to give feedback without making someone feel bad. I feel like you are
approaching this with the goal of shutting down those who disagree with
you, instead of collaborating and discussing with others to arrive at a
reasonable solution to a problem.



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

[freenet-dev] Freenet 0.7.5 build 1473 released

[Steve Dougherty]

10n string
  Use IPTOS_THROUGHPUT instead of AF13
  Fix inconsistent braces
  Spaces before language constructs
  Throw an IllegalArgumentException instead of reverting back to default
  Plugins might require java1.8
  Use SoftReferences for the SHA256 pool
  SHA256: let the JVM decide how big the pool should be
  remove dead code
  Bertm is right, Sun java is no more
  I've missed these two with my regexp
  Use a Queue and make it lockless (thanks bertm)
  A better version of the same thing
  formatting
  Add a new test to catch a crypto-bug happening on next
  It turns out that we need truncated HMACs
  hmacLength is a variable that has no reason to exist
  Add more codepoints as defined by RFC1349
  bertm is right, this is not fatal
  berm made a fair point, we should force the restart
  Fix logging on DarknetPeerNode
  We need to write to the peer-file when we add a darknet peer; duh!
  Ensure that we always write the peer file when we add a peer
  Add showoutput=yes to junit parameters
  More debugging in junit parameters; disable forking
  doh
  Add a new formatter to try to catch the exception; ensure that we
don't paralellize; allocate more memory for each test
  Add junit3 to build-deps
  revert last commit, remove threads=1 for junit (not supported in
ant 1.8)
  remove threads=1 for junit (not supported in ant 1.8)
  delegate the DSA magic to bouncycastle; this hasn't been tested
  always try both with and without the signature mask
  get rid of NativeBigIntegers
  explain the hash truncation
  doh
  update comments about truncation
  meh. Travis' wget is broken
  ensure that we always return the MD
  The old logic reverses the boolean, I guess we should keep it that way
  Simplify and comment the hash truncation logic

Matthew Toseland (17):
  Recreate message, as required
  Fix keepalives
  Pass in now
  Optimise
  Fix race condition in MultiMessageCallback
  Random delay for opennet ack when not path folding (locally)
  Reduce to 3 pings/blocks
  Use ping or bwlimit, whichever is larger.
  Logging
  Argh (logging)
  Use real-time bulk transfer time
  But add the ping time to the delay time, as both matter
  Add javadocs to MultiMessageCallback
  Assertion: Can't make() after arm()
  Give a code example in javadocs
  Better overall explanation
  Fix code sample

Sadao (1):
  fcp: fix zero-length binary blob download

Steve Dougherty (21):
  DatabaseKey: simplify return condition
  HMAC_legacy: remove trailing whitespace
  README: add Travis build status
  crypt/DSA: fix specifying extra argument
  fcp: fix ReturnType.DIRECT NPE
  README.md: add Coverity status badge
  Remove newly added trailing whitespace
  BaseL10n: fix spelling of "ensure"
  DSAGroup: fix mixed tabs and spaces
  RequestSender: fix whitespace
  RequestSender: rework value clamping
  Add Sharesite as an official plugin
  CONTRIBUTING: fix style guide link
  l10n: add Sharesite plugin name
  Update translations
  Remove outdated translation strings
  Update Freereader to version 5
  Revert "test: fix resource path on Java 6"
  Fix indentation
  Update default bookmark editions
  Build 1473

drak@kaverne (19):
  http: expiry time 1 day from now, not one day from mod
  static files: implement cacheControl inspired by the commit from bertm
  css themes: add missing /static/information.png and alert.png
  css: turn base into a pure interface and import the sub-files
directly in the theme
  css: Do not import base.css in the static themes
  update NEWS file
  http: cache-control, remove ETag
  update NEWS file
  documentation: 2MB manifest means 62 CHK redirects
  default config: min filesize for complaining is 50MiB
  default config: minimum bandwidth 10 KiB
  readme: start cleanup (i.e. stop calling 0.7 new)
  readme: capitalize titles (instead of uppercase) and remove 0.5
section
  Rename security to Usage and shorten it
  chat page: use negative usk numbers
  chat: set Sone minimal version to 72.
  bookmarks: add the filtered index and improve Nerdageddon entry
  add missing staticfile images for themes
  add more missing staticfile images for themes

xor-freenet (3):
  FProxy configuration: Sort language dropdown alphabetically
  BaseL10n: Remove useless cast
  BaseL10n: Add support for Hungarian translations

yadevel (3):
  Add missing assignment for Opennet announce location
  Avoid claiming of unrejected messages by NodeDispatcher
  wait for running transfers before processing RNF



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

[freenet-dev] Testing release build 1473-pre2

[Steve Dougherty]

Freenet unstable testing prerelease build 1473-pre2 is now available.
Like -pre1 before it and the stable build to be released in another
week if all goes well, it requires Java 7. Two weeks after build 1473's
stable release build 1472 will become mandatory.

This pre-release requires Bouncy Castle 1.54 to run. To test the build
download Bouncy Castle from
https://bouncycastle.org/download/bcprov-jdk15on-154.jar or
CHK@3Ra2Gbc7li7CGAKMOlZsrjC4HDkDdmyZoMb37rJq6F8,p8HhYtEegEWaCvFfTb-Heh3OIqqRq~w6wcbQrKsPShg,AAMC--8/bcprov-jdk15on-154.jar
then shut down your node, edit wrapper.conf or your classpath to use
bcprov-jdk15on-154.jar instead of bcprov-jdk15on-152.jar, and finally
run "./update.sh testing", "update.cmd testing", or fetch the jar from
the keys below and start the node manually. (If we had update channels
implemented this could be automated, but we don't, so it isn't.)

This adds Sharesite - a fork of ShareWiki - as an official plugin.
Thanks to ArneBab for getting it ready! It includes an earlier version
of Textile to avoid license problems, and adds syntax help, external
activelink support, and a template with div IDs for easier CSS.

Also in this build:

* Alphabetize language configuration dropdown.
* Remove NativeBigInteger. This reduces custom code.
* Use BouncyCastle's DSA implementation. This improves security and
  reduces custom code.
* Add Hungarian translation support. The translation was added
  previously but not actually available.
* Add random delay to opennet ACKs to improve security.
* When converting USK to SSK change negative suggested edition to
  positive. This should help avoid issues when using USKs with suggested
  search editions.
* Discard unwanted submessages from swap replies. This improves
  security.
* Fix dropping low-traffic connections. This helps with simulations.
* Optimize FProxy CSS load order, and fix bugs which prevented caching
  static assets. This improves web interface responsiveness.

CHK@rDHca3ekItjCV6zzzPAKIqE56tABKA4jw9DRY61Q29E,aki1Grlvq3197SgErirqnEF4Hq3mFk5WacGN2B6zoBg,AAMC--8/freenet-testing-build-1473-pre2-snapshot.jar
CHK@mlPxwL3we~O41woZ00XTMAfQNlmGT5eCkLZaobYID68,xSdGtOxyDGAhLjo0YT1hqbpLJUfk21RAe3d20-Iq1D0,AAMC--8/freenet-testing-build-1473-pre2-snapshot.jar.sig
CHK@IQ94o-HD5VHVHCxApGkC8HHAO8jpBhArw-wUuUiob7Q,LUuwErCX7UbOuKKNDfxEwmsT7KmFETpnOTgZwMiubPo,AAMC--8/freenet-testing-build-1473-pre2-source.tar.bz2
CHK@9qibNYdNjwCfMe4qo9ko7fgXucZTf8RRBYXFlEJTvD8,urn-yPuaFkRl3ISc01mmG2x881oW7JlqeaG~xetet2Y,AAMC--8/freenet-testing-build-1473-pre2-source.tar.bz2.sig

Changes from 1473-pre1:
---

Eleriseth (1):
  FreenetURI.sskForUSK: negate negative suggestedEdition

Florent Daigniere (10):
  delegate the DSA magic to bouncycastle; this hasn't been tested
  always try both with and without the signature mask
  get rid of NativeBigIntegers
  explain the hash truncation
  doh
  update comments about truncation
  meh. Travis' wget is broken
  ensure that we always return the MD
  The old logic reverses the boolean, I guess we should keep it that way
  Simplify and comment the hash truncation logic

Matthew Toseland (11):
  Recreate message, as required
  Fix keepalives
  Pass in now
  Optimise
  Random delay for opennet ack when not path folding (locally)
  Reduce to 3 pings/blocks
  Use ping or bwlimit, whichever is larger.
  Logging
  Argh (logging)
  Use real-time bulk transfer time
  But add the ping time to the delay time, as both matter

Steve Dougherty (8):
  Remove newly added trailing whitespace
  BaseL10n: fix spelling of "ensure"
  DSAGroup: fix mixed tabs and spaces
  RequestSender: fix whitespace
  RequestSender: rework value clamping
  Add Sharesite as an official plugin
  CONTRIBUTING: fix style guide link
  l10n: add Sharesite plugin name

drak@kaverne (7):
  http: expiry time 1 day from now, not one day from mod
  static files: implement cacheControl inspired by the commit from bertm
  css themes: add missing /static/information.png and alert.png
  css: turn base into a pure interface and import the sub-files
directly in the theme
  css: Do not import base.css in the static themes
  update NEWS file
  http: cache-control, remove ETag

xor-freenet (3):
  FProxy configuration: Sort language dropdown alphabetically
  BaseL10n: Remove useless cast
  BaseL10n: Add support for Hungarian translations



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

[freenet-dev] Testing release build 1473-pre1

[Steve Dougherty]

 in junit parameters; disable forking
  doh
  Add a new formatter to try to catch the exception; ensure that we
don't paralellize; allocate more memory for each test
  Add junit3 to build-deps
  revert last commit, remove threads=1 for junit (not supported in
ant 1.8)
  remove threads=1 for junit (not supported in ant 1.8)

Matthew Toseland (6):
  Fix race condition in MultiMessageCallback
  Add javadocs to MultiMessageCallback
  Assertion: Can't make() after arm()
  Give a code example in javadocs
  Better overall explanation
  Fix code sample

Sadao (1):
  fcp: fix zero-length binary blob download

Steve Dougherty (6):
  DatabaseKey: simplify return condition
  HMAC_legacy: remove trailing whitespace
  README: add Travis build status
  crypt/DSA: fix specifying extra argument
  fcp: fix ReturnType.DIRECT NPE
  README.md: add Coverity status badge

drak@kaverne (10):
  update NEWS file
  documentation: 2MB manifest means 62 CHK redirects
  default config: min filesize for complaining is 50MiB
  default config: minimum bandwidth 10 KiB
  readme: start cleanup (i.e. stop calling 0.7 new)
  readme: capitalize titles (instead of uppercase) and remove 0.5
section
  Rename security to Usage and shorten it
  chat page: use negative usk numbers
  chat: set Sone minimal version to 72.
  bookmarks: add the filtered index and improve Nerdageddon entry

yadevel (3):
  Add missing assignment for Opennet announce location
  Avoid claiming of unrejected messages by NodeDispatcher
  wait for running transfers before processing RNF



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] freenetproject.org traffic: Pretty good

[Steve Dougherty]

On 03/12/2016 12:40 PM, Arne Babenhauserheide wrote:
> 
> hyazin...@emailn.de writes:
> 
>> Have a look at this: https://www.similarweb.com/website/freenetproject.org
>> Looks pretty good. It's new that China is in the TOP 5 of visitors splitted 
>> by origins...
> 
> 200k visitors per month is pretty good, but we’re still stuck at 10k
> users. These are things we can fix, though it’s not easy to really get
> right.

Actually this number is off by an order of magnitude from what our piwik
[0] server log analysis lists. (Run on the server, not third party.)
That lists closer to 30k per month, and I'm not even sure it's able to
exclude bots properly because we don't log IPs.

> Obviously the problem of Freenet is not visibility. The problem is
> conversion rate from website visitor to longterm user.
> 
> Best wishes,
> Arne

[0] https://piwik.org/



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] monthly donations via salt on bountysource (need your opinion)

[Steve Dougherty]

On 03/07/2016 05:50 AM, Arne Babenhauserheide wrote:
> Hi,
> 
> I’d like to revisit the discussion about monthly donations via salt on
> bountysource.
> 
> We have an account with currently one anonymous monthly supporter and
> one non-anonymous supporter:
> https://salt.bountysource.com/teams/freenet/supporters
> 
> This allows us setting actual monthly targets which people can check —
> for example sufficient monthly donations to support a developer.
> 
> If we want to make salt part of Freenet donations, I will put it on the
> donation page. If I remember correctly, the previous discussion was
> inconclusive, so I’d like to get your opinions again:
> 
> 
> Will we take salt money?

I'd be fine with that.



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Problem with handling of Opennet Announce Requests

[Steve Dougherty]

On 02/18/2016 09:06 AM, Matthew Toseland wrote:
> On 18/02/16 13:43, Steve Dougherty wrote:
>> On Thu, Feb 18, 2016, 6:30 AM Martin Byrenheid <
>> martin.byrenh...@tu-dresden.de> wrote:
>>
>>> Hi,
>>>
>>> while working with Freenet, I discovered that whenever a seed node
>>> received an
>>> OpennetAnnounceRequest-message for a target location X, it forwards the
>>> request to another opennet peer node, but always for target location 0.0
>>> instead.
>>
>> Yikes. That sure sounds like a bug.
>>
>> This behavior results from the fact that the constructor of the
>>> AnnounceSender class (line 55 [1])  does not copy the given target location
>>> into the "target" member variable. Is this an implementation bug or is
>>> there a
>>> good reason why the original target location should be ignored?
>>>
>> Matthew likely wrote it, but he's busy at university, so instead of asking
>> him my impulse would be to check if that behavior is in the initial
>> AnnounceSender implementation. If it was intentionally removed later there
>> should be reasoning in the commit message. If - as I'd expect - it's a bug,
>> it very well may exist in the initial implementation or be introduced by a
>> refactor.
> 
> Argh. Yup:
> 
> https://github.com/freenet/fred/commit/5d21c855655c1f974a8e9333d74c1d564224bf4c
> 
> Please send a patch, and make target final while you're at it. Thanks!

Patch is now merged as 71a788164a896d6e5b6af0dfe0f35da5a6927633. Thanks
again!

Add missing assignment for Opennet announce location

This regression was introduced in
5d21c855655c1f974a8e9333d74c1d564224bf4c which was released in
build01412 on 2012-09-12.

See GitHub for details:
https://github.com/freenet/fred/pull/503#issuecomment-186988870

- Steve



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Please help improve our GSoC project ideas page!

[Steve Dougherty]

Sounds like a good plan! I'll take some time to contribute this weekend.
Thank you for putting together and submitting the application!

On Thu, Feb 18, 2016, 7:22 PM Arne Babenhauserheide <
arne.babenhauserhe...@gmail.com> wrote:

> Hi,
>
> I signed Freenet up for GSoC 2016. Now we need to improve our project
> ideas page.
>
> https://wiki.freenetproject.org/Google_Summer_of_Code/2016
>
> Note that the reviewers from Google will start with but a glance. The
> site has to be convincing for someone who read 150 applications
> before, is on the fifth coffee and already wanted to check just one
> further application 5 projects ago.
>
> That doesn’t mean dumbing it down, but rather making it clear,
> structured and easy to read. The first paragraphs have to rock, then
> the rest has to convince.
>
> Best wishes,
> Arne___
> Devl mailing list
> Devl@freenetproject.org
> https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Problem with handling of Opennet Announce Requests

[Steve Dougherty]

On Thu, Feb 18, 2016, 6:30 AM Martin Byrenheid <
martin.byrenh...@tu-dresden.de> wrote:

> Hi,
>
> while working with Freenet, I discovered that whenever a seed node
> received an
> OpennetAnnounceRequest-message for a target location X, it forwards the
> request to another opennet peer node, but always for target location 0.0
> instead.


Yikes. That sure sounds like a bug.

This behavior results from the fact that the constructor of the
> AnnounceSender class (line 55 [1])  does not copy the given target location
> into the "target" member variable. Is this an implementation bug or is
> there a
> good reason why the original target location should be ignored?
>

Matthew likely wrote it, but he's busy at university, so instead of asking
him my impulse would be to check if that behavior is in the initial
AnnounceSender implementation. If it was intentionally removed later there
should be reasoning in the commit message. If - as I'd expect - it's a bug,
it very well may exist in the initial implementation or be introduced by a
refactor.

Thanks,
Steve

Martin
>
> [1]
>
> https://github.com/freenet/fred/blob/2e89c8620413bdf04e20268ba7afbad05d4c8b6f/src/freenet/node/AnnounceSender.java#L55
> ___
> Devl mailing list
> Devl@freenetproject.org
> https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Freenet Data

[Steve Dougherty]

This is all the probe data I had collected since the transition to
PostgreSQL as of December 12, 2015. The dumps were made with
https://github.com/Thynix/pyProbe/blob/master/fnprobe/copy_to.py For
details on the tables in question see the database schema section of the
pyProbe readme:
https://github.com/Thynix/pyProbe/blob/master/README.md#database-schema

On Wed, Feb 17, 2016, 10:26 AM Michael Grube 
wrote:

> A quick correction, this is probe data, not data from a seed node.
> On Feb 17, 2016 9:56 AM, "Michael Grube"  wrote:
>
> > All,
> >
> > Some 2 months ago, Steve was nice enough to collect anonymous data from a
> > seednode and share it with me to do analysis on it. I am currently
> swamped
> > and figured this information should be accessible to the public anyway.
> >
> > https://drive.google.com/open?id=0B0lQIisqJ2blMTZ0ZlVNcmxXSXc
> >
> > Enjoy, and ask me or Steve if you have questions.
> >
> > Thanks
> >
> ___
> Devl mailing list
> Devl@freenetproject.org
> https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Freenet 0.7.5 1471-pre3

[Steve Dougherty]

On 01/03/2016 10:17 AM, Steve Dougherty wrote:
...
> - Due to node reference changes packets for setting up connections to
>   opennet seednodes are now larger. If you have low MTU (lower than
>   the typical 1500 bytes) this may prevent you from connecting to seed
>   nodes.

My mistake - Freenet has an MTU setting that defaults to 1280 bytes,
which should be the one mentioned here. 1500 bytes is for Ethernet.



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] What blocks Freenet adoption?

[Steve Dougherty]

I will respond in more detail from my desktop, but for now I can add a
specific example: today I learned of someone who was curious to see what
Freenet was about after talking about it. After installing it on their
Windows 10 laptop, they opened Linkageddon and figuring to see what "more
controversial" things were on offer, found links to illegal material, and
decided to uninstall for reasons of:

- Not being able to keep the machine online regularly.
- Unsettling material and being afraid of getting in trouble.

- Steve

On Sun, Jan 3, 2016, 8:26 PM Arne Babenhauserheide  wrote:

> I asked myself that question. These are my answers. Please add yours!
>
> Note: This is just for listing. Please don’t discuss these before January
> 16th.
>
> What blocks Freenet adoption?
>
> - Our themes look clunky and our web-interface is slow. Why is access
>   to bookmarked activelinks slow? Why isn’t 404 sent instantly (for
>   bookmarked activelinks) -> remove the checkbox “has an activelink?”,
>   just check instead. Prefetch activelinks at random intervals.
>   -> FreeStyle announced in FLIP to be working on new themes.
>
> - Hackers in-the-know reject Darknet due to the non-implemented fix
>   for the Pitch Black Attack. It’s been simulated several years ago
>   and just needs implementation.
>
> - Our installers often fail -> Work is already being done for Windows
>   and OSX (short of being deployed) and for Debian packages. Gentoo
>   mostly works (except for a hard-to-trace compression bug).
>
> - No working Darknet invites. We say “use darknet”, but advise
>   against that (“only connect to …”) and don’t make it easy and
>   useful. And new Darknet users get horrible performance. I invited
>   about 5-7 people over the past years, and at least 3 left again
>   because Darknet with a single friend is slow. For the others I
>   moderated the noderef exchange with my existing friends by manually
>   sending them each others references. To get adoption via Darknet,
>   this has to be fast on the initial connection without additional
>   manual interaction ← requirement.
>
> - WoT consumes too many resources (build 18 is faster, but my node
>   OOMs now, also without Sone).
>
> - New users don’t see what they can do with Freenet. We don’t fix
>   that, because starting to use WoT takes over an hour, so most of our
>   services can’t be shown to new users. -> Sharesite should improve
>   that (publish easily: due to Tor inproxies “Freenet is the easiest
>   way to publish a site in Tor”) -> recover Freemail v1 or recover
>   LCWoT and LCIntro and activate them by default (switching to
>   regular WoT once it works well enough will be easiy thanks to
>   having the same FCP interface). -> recover flircp and add it as
>   official plugin, active by default with random name per startup
>   to avoid timing attacks. Autoconnect to #public or such.
>
> - Does not work on mobile phones -> now that db4o is gone, it could be
>   worthwhile to change that. Using only while connected to power and
>   wifi should give 8-16 hours uptime (given that people plug in their
>   phones at night, at work and in trains), which is more than what
>   half the nodes in Freenet have. Freenet can cope with 30% backoff,
>   so being offline 30% of the time should work.
>
> - Opennet starts slowly. Our seednodes are overloaded. -> announce
>   through previous peers.
>
> - Our website looks much better now, but it still needs serious design
>   work to get on par with modern sites. It’s at a point where I’m
>   happy to show it, but not yet at a point where someone who randomly
>   hits the site instantly feels a desire to try Freenet.
>
> As you see, most of these can be fixed.
>
> Please add what I missed.
>
> Best wishes,
> Arne
> --
>   Writing about Freenet
> http://draketo.de/stichwort/freenet
>
> ___
> Devl mailing list
> Devl@freenetproject.org
> https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

[freenet-dev] Freenet 0.7.5 1471-pre3

[Steve Dougherty]

Freenet unstable testing prerelease 1471-pre3 is now available.

How to help test - three options:

1. Run update.sh testing or update.cmd testing from your Freenet
   installation directory.
2. Download it, shut down the node, replace freenet.jar with it, and
   start the node again. [2]
3. Build it yourself from the testing-build-1471-pre3 tag. [3]

This is feature-complete and hopefully the last testing release before
the stable release of build 1471. Please let us know if we fixed the
things we thought we fixed, or if you encounter any problems!

Build 1471 will be the last to support Java 6.

Highlights:

- Fix uploads stalling when using MAXIMUM physical security.
- Fix lots of "setNativePriority(X) has failed!", which was caused by a
  serious thread priority problem. This might fix nodes unexpectedly
  losing peers.
- Order alerts within a category by time: if you have lots of
  messages from darknet peers they will remain nicely sorted.

Translations:

- New partial Greek translation.
- Update German, Bokmål, Brazilian Portuguese, Simplified Chinese, and
  Traditional Chinese translations.
- Fix Bokmål localization loading.

CSS:

Changes to better match the CSS specifications.

- nav-* items no longer accept non-identifiers.
-  no longer accepts "space-between", "space-around", or
  "space-evenly".
- Fix what  accepts. [0]

Also:

- Remove Gantros Index because it stopped updating.
- Remove Linkageddon because it stopped updating.
- Remove old deprecated DSA-based crypto, and always include identity=
  in opennet noderefs.
- Fix JVM version string parsing.
- Fix and add test for broken localization substitution token pairs.
- Due to node reference changes packets for setting up connections to
  opennet seednodes are now larger. If you have low MTU (lower than
  the typical 1500 bytes) this may prevent you from connecting to seed
  nodes.
- New version of UPnP to fix some instability and compatibility
  problems. Thanks to 007pig we have a new UPnP plugin in development
  which supports UPnP2, but it is not yet included. [1]
- New version of KeyUtils.

This fixes the default bookmarks software category being missing. If you
don't see this category please re-add the default bookmark set from the
bookmark editing page.

Note to plugin authors: we removed KeyListenerConstructionException
because it was never thrown. Plugins that handled it will need to be
updated. This is (largely) why KeyUtils updated.

- Steve

[0] Specifically, it used to accept  along with
legacy && [ left | right | center ], which is incorrect. It now
accepts  along with , to match
http://www.w3.org/TR/css3-align/#justify-items-property
See https://github.com/freenet/fred/pull/448
[1] https://github.com/freenet/plugin-UPnP2
[2]
https://downloads.freenetproject.org/alpha/freenet-testing-build-1471-pre3-snapshot.jar

https://downloads.freenetproject.org/alpha/freenet-testing-build-1471-pre3-snapshot.jar.sig
[3]
https://downloads.freenetproject.org/alpha/freenet-testing-build-1471-pre2-source.tar.bz2

https://downloads.freenetproject.org/alpha/freenet-testing-build-1471-pre2-source.tar.bz2.sig


KeyUtils v5026:
---

Bert Massop (1):
  Remove references to removed KeyListenerConstructionException

Steve Dougherty (1):
  Version 5026

saces (1):
  show fpi and gh bugtracker


UPnP 10007:
---

Bert Massop (5):
  Fix NPE when binding SSDP socket does not succeed.
  Fix NPE when a service provider fails to list its services
  Language: use UPnP instead of UP
  Fix NPE when no ports have been forwarded
  Fix connection reset on case sensitive Host HTTP header name

Juiceman (2):
  Reformat codebase using Jindent tool
  Remove extra spaces

Steve Dougherty (2):
  Add readme
  10007: improve stability


Changes from 1471-pre2:
---

Bert Massop (4):
  Simplify RGA removeRandomExhaustiveSearch wakeupTime conditions
  HTMLFilter: fix processing of reset input element
  Show peer locations, not distance in peer location histogram
  Fix JVM version comparison for version >1.9 and build >99

David ‘Bombe’ Roden (8):
  Remove check for impossible condition
  Copy hashcode correctly
  Use common base class for input and output streams
  Remove useless exception rethrows
  Remove exception that was never thrown
  Fix wrapped FCP message
  Override list request identifier
  Fix wrapping a null FCP message

Florent Daigniere (24):
  Fix bug #6623 : Wrapper.log: Lots of "setNativePriority(X) has
failed!"
  Deprecate old variables; One should use the enum
  Document NativeThread.dontCheckRenice
  Only update essential plugins if we have to
  Actively prevent newer plugins from being deployed
  Remove DiffieHellman related code (pre-neg9)
  Remove DSA and compat code from PeerNode*
  Stop sending a DSA signature
  Use P256 pubkey as identity

Re: [freenet-dev] Issues in BaseL10n and in BaseL10nTest in the current code

[Steve Dougherty]

On 01/01/2016 03:33 PM, Rostislav Krasny wrote:
> Hi there,
> 
> After pulling the latest changes in the "next" branch of the Fred
> project I found a few issues in BaseL10n and in BaseL10nTest. Please
> take a look at my bug report that also includes a patch:
> 
> https://bugs.freenetproject.org/view.php?id=6782
> 
> I build Fred by Maven, so I converted the structure of the code
> directories into the Maven standard. And my patch is based in it.
> However my patch would be interesting to the original Fred developers
> as well because it fixes issues in BaseL10n that are not Maven/Ant
> related. It also fixes code portability, meaning it should not be
> Ant-only and should continue to work properly and pass tests after
> rearranged into Maven source directories structure.
> 
> P.S.
> I would like show you one of the test changes that demonstrates
> improvements done in the BaseL10n :
> 
> -// it would be nice to handle this correctly, but it seems
> like more trouble than it's worth
> -//assertEquals("content nested",
> node.generateChildren());
> -assertEquals("test.selfNestedSubstitution", node.generateChildren());
> +assertEquals("content nested",
> node.generateChildren());

Hi Rostislav,

Thanks for the patch! A few thoughts:

- this mixes formatting, style, and functional changes, which should be
  avoided.
- the commit message should enumerate the behavior changes and explain
  why they were made if it's not painfully obvious.
- after 1471 is released we're planning to move to Gradle (and use
  gradle-witness), but the directory structure changes will be
  equivalent. At that point we will certainly merge something similar
  to your changes (if not your changes outright) to restore sanity to
  the BaseL10nTest resource path stuff.

We usually do code review on GitHub; could you please open this as a
pull request? [0]

- Steve

[0] https://github.com/freenet/fred/pulls



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] New UPnP2 plugin

[Steve Dougherty]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Maybe I shouldn't be surprised that people have focused on the
relatively  easy and relatively unimportant (in this stage of
development) improvement of logging mechanism. Fred's
System.out.println() usages are certainly not best practice, and at
this stage using it is easier (and also understandable) for the
reasons you mention.

Thank you for writing this! UPnP2 support will be great. I  hope we
can (after 1471 at least, if "we" resolves to "me") start reviewing
it, testing it, and getting it ready to replace the existing UPnP plugin
.

- - Steve

On Sat, Dec 26, 2015, 12:11 PM  wrote:


Thanks a lot for providing the plugin!

On Saturday, December 26, 2015 09:05:35 PM Xiaoyu Huang wrote:
> System.out.println() is for easier debugging as I can see the
> results directly in wrapper.log.

The Logger logs (= freenet-latest.log) can be instantaneous as well,
as long
as you configure a short enough delay for flushing to disk:
1. Click "Switch to advanced mode" at the web interface's bottom
2. Change "Configuration / Logs / Max time between writing logs
(milliseconds)"

> I see many examples in Fred code that uses both Logger and
> println(). An example in NodeCrypto.java line around 136:

Ian is right: Please do not use println(), the Logger should be
preferred in
almost any case.
This allows developers to configure which kind of log entries they
would  like
to see, which is essential to debugging: If *all* logging of a node is
enabled, the logs will be so long that nobody can read them. So it is
important that it can be filtered, which only the Logger can
provide.___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl


-BEGIN PGP SIGNATURE-
Version: GnuPG v2

iQIcBAEBCAAGBQJWftXiAAoJECLJP19KqmFuhVwP/2VyHaFoFYaW6oqM/6eOHVIr
cfgFQKsrVq+sfZISh8UuiDts48LfKIxe96+4DhpHFC3pqAd8iCYTNGK/vYA03HxF
pS0x0ezXBNlV6+WrV4XiU/TcuNdbVHdlOBEK0049ngFJ81RBNI4ZSHaR4PmVTDdG
J9qbavFxgVOZovGsLL4LOQ4rdE9mg738ZIKYxSHQXM3ImJlZjNpMaMPyeRBNmgZO
nCDjhU0CZzeLZzo+M8np7VymC0Hfs57hfBVGXJtA+5O4eIu1o8FsCkZPlCXa3mPy
07xT1SD+QHTiFXXwCKjiVWoVbeIR9026skcA9KS/RcuFiDdPRdfhC9UdmijKGhyh
gq0nDWtTLzCAwn8VQzi+zBkdzWCYrfbtz1mIvQQ8+eJrCyNmO05SLaR4XLRYJn6j
OIR+iEe7zbACdOrCDi7gDNNNnZ9utS33yhNDomWBSqa0SFvJA0i6A3omABU4ITOp
H2D7osXVYhrEWwKqIBJ8fbpI4UkmLFYpIdvkttFLEs/9rMfVakl8NIqwC+jSGExb
mWMnsp+H2VGBYl/xuOH9dj+NjIobuS8ERQO/LuBFo0ripkrb6GDw14eQ+wB0j3/4
LFIObZwjv5A9x75U9P6jjyaO2Yg7dJl7NtRJbRVR/VUrRRK/0wAVhhOu+W0+WrYK
5M4iaPAiVOY64dyl8zq6
=z3qS
-END PGP SIGNATURE-
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

[freenet-dev] Possible Active Pitch Black Attack

[Steve Dougherty]

The network may be experiencing a pitch black attack, or maybe a Sybil
variant on it? (Given the assumption that few people are using darknet;
we should add a probe for security levels.) From talking on IRC, I am
not alone in observing peer locations severely clustered around 0.00:

Me: https://i.imgur.com/PDxrKVT.png
Psalle: https://i.imgur.com/DWJVgRR.png
mrsteveman1: https://i.imgur.com/6ORJz9m.jpg https://i.imgur.com/JLqoc0J.jpg

Might this explain my relatively recent inability to see some posts /
messages on FMS / FLIP / Sone? I'll see replies but not the original
messages.

- Steve



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Possible Active Pitch Black Attack

[Steve Dougherty]

On 12/04/2015 11:20 AM, Bert Massop wrote:
> Also, the clusters all appear close to your respective node's locations, as
> expected, and certainly not around 0.00 (which would be on the top or on
> the extreme right of the circle plot, I'm not reading the code at the
> moment).
> 
> Again, I see no reason to worry.

Oh, okay. That makes sense. I will say that naming a distance plot "Peer
Location Distribution" is extraordinarily misleading.



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Update FAQ entry

[Steve Dougherty]

On 11/21/2015 11:22 AM, Matthew Toseland wrote:
> Q: Has anyone got into trouble for their anonymous activities while
> running Freenet? A: US law enforcement can identify anonymous users of
> Freenet[1] and Tor[2]. It is reasonable to assume that other governments
> have access to the same technology, which is provided by private
> contractors. If you are concerned about governments, you should use
> darknet mode, and bear in mind that no current anonymity technology
> provides perfect protection.
> 
> And possibly:
> While we applaud the US police's apparent success in apprehending
> suspects allegedly sharing child abuse images, many governments
> persecute and prosecute political dissidents for legitimate speech
> published online. Therefore we hope to further improve Freenet's
> security in future, to protect its legitimate users. We do not have the
> ability to easily identify users of Freenet downloading specific files.
> 
> [1] =
> http://www.thedickinsonpress.com/news/north-dakota/3885239-predators-police-online-struggle
> [2] =
> http://motherboard.vice.com/read/court-docs-show-a-university-helped-fbi-bust-silk-road-2-child-porn-suspects
> 
> Also reference this in the attacks section.
> I will update the wiki.
> 
> Sorry I haven't posted a pull request; I'm nowhere near synchronized
> with the website updates...

Opened as https://github.com/freenet/website/pull/30#issuecomment-159449783



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Update FAQ entry

[Steve Dougherty]

On 11/24/2015 07:49 PM, Steve Dougherty wrote:
> On 11/21/2015 11:22 AM, Matthew Toseland wrote:
...
>> Sorry I haven't posted a pull request; I'm nowhere near synchronized
>> with the website updates...
> 
> Opened as https://github.com/freenet/website/pull/30#issuecomment-159449783

Now deployed: https://freenetproject.org/help.html#legal-trouble



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Thoughts on website

[Steve Dougherty]

On 11/08/2015 09:38 PM, Ian wrote:
> On Sun, Nov 8, 2015 at 6:34 PM, Dan Roberts  wrote:
>>
>> Since
>> someone on reddit compared us to Tor, and seeing as Tor is also a very
>> technical project that needs to explain itself to laypeople, perhaps
>> we could take some lessons from how they organize their messaging.
>>
> 
> That's a great idea.  I2P's website is also pretty slick, I think we can
> get some good ideas from it too: https://geti2p.net/en/

Agreed; I2P's website is nice too. It was actually one of the sites I
had in mind as a role model, but it ended up not being involved in the
redesign.



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Thoughts on website

[Steve Dougherty]

On 11/07/2015 09:36 AM, Ian wrote:
...
> That sentence doesn't make any more sense than anything else you've 
> said.

On 11/06/2015 06:59 PM, Ian wrote:
...
> Yeah, that's about as convincing as your previous arguments, one of 
> which is almost certainly factually incorrect, and the other is 
> definitely factually incorrect.

I'd like to call out these lines in particular for being jerkish. [0] As
we demonstrated in the discussion on moving the donation bar, (which
granted was much less controversial) it is entirely possible to come to
an agreement on things while avoiding personal attacks. I'd appreciate
it if everyone took care to maintain that behavior.

Thanks,
Steve

[0] https://en.wiktionary.org/wiki/jerkish



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Thoughts on website

[Steve Dougherty]

On 11/07/2015 06:47 PM, Ian wrote:
> On Sat, Nov 7, 2015 at 5:38 PM, xor  wrote:
>>
>> Together with the idea "a darknet-thing should have a dark website to make
>> users feel like they did find the darknet", I'd hope we can move on to
>> working
>> on other stuff for a while?
>>
> 
> I can't agree.  The research tells us that light on dark is bad.  We've had
> direct feedback on the current design supporting this.  We also have the
> fact that not a single popular website uses a light on dark color scheme.
> I really don't think there can be any doubt that a light-on-dark color
> scheme is hurting, not helping us.

Noted. We will fix it. Building a color scheme from the color of the
download button on the website someone suggested in the Reddit feedback
thread gives: http://paletton.com/#uid=13u0u0krdJ0gpQRm3MwAyFSDErs

> My personal opinion is that there are critical problems with the website as
> it stands right now, and I don't think we can afford to bury our heads in
> the sand about it.

I don't think we are ignoring the problem. What we are is all
volunteers. Many people have contributed changes and translations to
this website. Personally I've been contributing a great deal of time to
the project lately - above 20 hours in the past week - which is not
sustainable so I will be stepping back in both the near and medium term.

> Yes, I admit that most of these problems I could and should have pointed
> out earlier, but that doesn't change the fact that they are valid concerns.
> 
> Make no mistake, a bad website will kill our project.
...
> I hate to say it, but I'm really starting to think that, while the previous
> website wasn't good, the current website might be worse, and we would have
> a much much better website if we had just stuck to the default Bootstrap
> CSS (which is what most people do).

I strongly disagree, and I really wish you would have brought up such
strong opinions before this website went live. The old website was
designed in 2009 and looked it. I don't understand why you chose not to
bring this up earlier, but I agree that not doing so doesn't invalidate
your observations. What it does do make it a lot more time-sensitive to
address, which is stressful.

This new website is far, far easier to modify and translate. Its
infrastructure is superior. It'll be way easier to fix its color scheme.

- Steve



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

[freenet-dev] Things Before 1471 Release

[Steve Dougherty]

Hi everyone,

Here's my current understanding of the things Fred needs before 1471
will have -pre3 / is probably stable and feature-complete. If you're
looking for something to do, doing one of these would be great!

1. When updating to a suggested version, plugins (especially ones
   necessary to connect like UPnP) need to completely fetch the
   suggested version before unloading the current one to avoid being
   unable to complete the fetch. [0] We can either remove the suggested
   versions from connection-essential plugins (the easier option) or
   implement suggested version upgrading as above.

2. Add a fundraising solicitation useralert. See how the JVM version
   alert was added; [1] this one should have a "hide" button too. [2]
   This could be something like "The Freenet Project can no longer
   afford to pay a developer. Please donate! Our BitCoin address is
   1966U1pjj15tLxPXZ19U48c99EJDkdXeqb; see the project website for
   details." (Maybe a link to the website mirror, and/or the clearnet
   one.) The BitCoin address be added with a substitution token in the
   translatable string.

3. Generate and use a new autoupdate key to be switched to if running
   Java 7 or higher. (A release manager needs to at least generate the
   key; I'm working on a script for this.) Fixing bug #6390 is part of
   this. [3]

- Steve

[0] https://bugs.freenetproject.org/view.php?id=4490
[1]
https://github.com/freenet/fred/commit/2e0a8583de26b186a49c3f5e62713dd643e6c347
[2]
https://github.com/freenet/fred/commit/c4560061fc71251c02bc9178a6a992879ef90c5d
[3] https://bugs.freenetproject.org/view.php?id=6390



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Thoughts on website

[Steve Dougherty]

Noted. That sort of feedback would have been much more helpful back when
the redesign was in testing.

On Thu, Nov 5, 2015, 4:36 PM Ian <i...@locut.us> wrote:

> On Thu, Nov 5, 2015 at 3:19 PM, Steve Dougherty <st...@asksteved.com>
> wrote:
>
> > This site is already using Bootstrap.
> >
>
> Really?  It looks nothing like a typical Bootstrap site.  I think it might
> have been better to stick much more closely to the standard Bootstrap CSS
> (eg. light background).
>
> Ian.
> ___
> Devl mailing list
> Devl@freenetproject.org
> https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Thoughts on website

[Steve Dougherty]

Sure, better late than never, and we do have more feedback now; thank you
for seeking that out. I'm certainly planning to make changes based on this
feedback, among them moving the donation bar this evening, but I'm also
doing release manager things for Freenet and have a full-time job.

On Thu, Nov 5, 2015, 4:49 PM Ian <i...@locut.us> wrote:

> By the way, I really don't mean to be harsh, you guys have done great work
> on the site, but in my experience listening to and acting on feedback is
> absolutely critical.  It can be very difficult for the person that builds
> something to view it in the same way that other people do.
>
> In a different context I'm working on a slideshow for something right now,
> and I've asked for feedback from a bunch of people, and they were able to
> point out many issues I was oblivious to.
>
> Ian.
>
> On Thu, Nov 5, 2015 at 3:40 PM, Ian <i...@locut.us> wrote:
>
> > On Thu, Nov 5, 2015 at 3:38 PM, Steve Dougherty <st...@asksteved.com>
> > wrote:
> >
> >> Noted. That sort of feedback would have been much more helpful back when
> >> the redesign was in testing.
> >>
> >
> > Better late than never.  That feedback is partially based on external
> > feedback - eg. the Reddit comments - which we didn't have back then.
> >
> > Also, I think the current site is worse than the version during testing
> > due to the placement of the donation bar, which it is clear is causing
> > significant confusion.
> >
> > Ian.
> >
> ___
> Devl mailing list
> Devl@freenetproject.org
> https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Thoughts on website

[Steve Dougherty]

This site is already using Bootstrap.

On Thu, Nov 5, 2015, 4:07 PM Ian Clarke  wrote:

> Thanks Arne.  What do other people think of this feedback?
>
> Is there someone who is really willing to take ownership of getting the
> website into shape, perhaps using these pieces of feedback as a starting
> point?  It will be a significant amount of work to address all of the
> points, but a well-designed website is critical to the project's success.
>
> It might be too late given the new design, but my recommendation might have
> been to start from something like Bootstrap ,
> which makes it brain-dead simple to create very attractive websites.  I
> know a lot of developers without much design skill that have used it to
> very good effect.
>
> Ian.
>
> On Thu, Nov 5, 2015 at 2:50 PM, Arne Babenhauserheide 
> wrote:
>
> > Am Mittwoch, 4. November 2015, 22:56:40 schrieb Ian Clarke:
> > > This person put quite a bit of time into providing feedback on the new
> > > site.  Probably not stuff we want to hear, but very valuable:
> > >
> >
> https://www.reddit.com/r/design_critiques/comments/3ri38h/we_recently_redesigned_our_website_would_love/cwoq0n4
> >
> > I consider them good points and constructive.
> >
> > (regarding “time better spent”: the designer did not see the old site :))
> >
> > A small step into the direction of telling why people want to use
> > Freenet: https://github.com/freenet/website/pull/21
> > Not perfect, but a start.
> >
> > Second part: Moving the donation bar away from the top. We’re not
> > Wikipedia, people don’t come to our website to see our website, so
> > when we make it harder for them to see it, they will just not install
> > Freenet.
> >
> > Best wishes,
> > Arne
> >
>
>
>
> --
> Ian Clarke
> Founder, The Freenet Project
> Email: i...@freenetproject.org
> ___
> Devl mailing list
> Devl@freenetproject.org
> https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Thoughts on website

[Steve Dougherty]

On 11/05/2015 06:15 PM, xor wrote:
> On Thursday, November 05, 2015 03:40:31 PM Ian wrote:
>> Also, I think the current site is worse than the version during testing due
>> to the placement of the donation bar, which it is clear is causing
>> significant confusion.
> 
> The main goal with the new large bar is having people see it since it is an 
> emergency fundraiser since we're unable to pay me... So due to the emergency 
> it ought to be an eye-catcher and thus IMHO is fine to be the first thing on 
> the page as it is now.

I'd like to move it below the download button anyway.

The donation bar would continue to be plenty visible directly below the
download button. As it is it's confusing, especially for new visitors
and those on mobile devices. I'd react to seeing an appeal for donations
before I learn what the thing is similarly to a site which covers the
screen in a suggestion to sign up for its mailing list when I'm trying
to read an article - not charitably. On mobile devices the donation bar
can be the only thing visible when the page first loads, and I'm not
interested in moving the donation bar below the intro only on mobile.

There is also evidence that the donation bar's current extreme
prominence is confusing people; moving it down might help.

2015-11-05 14:26:17 qwebirc93233 Hi there
2015-11-05 14:27:47 qwebirc93233 I have some questions
2015-11-05 14:29:04 mrsteveman1 hi qwebirc93233
2015-11-05 14:32:37 qwebirc93233 Is donate necessary ?

> Wikipedia has also had the donation request as the first thing on the page 
> for 
> their previous few yearly fundraisers. They're supposed to know what they're 
> doing - they usually need millions of dollars.

I'm not sure its apparent effectiveness for Wikipedia means it's a good
idea here. It's certainly exasperating when they do it.

> With regards to the "it is impolite to first ask for money and only 
> afterwards 
> have the download button" criticism which was mentioned somewhere:
> We should grow a spine and realize that it is not impolite.
> We've been giving away free software for 16 years, at a total of > 350 000 
> lines of code now. Thats a lot of free stuff. We *CAN* ask for money; and we 
> can ask first place during emergency situations. Giving away free software is 
> not something which people should take for granted - everything in life 
> usually costs money. We're still in the very high positive space of karma :)

I, too, think it's impolite or at least likely to annoy people or not be
as effective as it could be. Why would someone want to donate before
they download the software or even know what it is? I disagree that
those reasons make the current bar placement a good idea for the reasons
above.

Out of respect for you instead of just moving it I have published it as
a pull request: https://github.com/freenet/website/pull/22

> However, as someone said elsewhere, what *could* be done is trimming some of 
> the large empty spaces on the page. That would improve the visibility of the 
> "What is Freenet?" section without moving the bar out of the focus.

Thanks to bertm the vertical space is now reduced, and the page is now
valid HTML. [0][1] I've also added "The Freenet Project Inc is a
non-profit 501(c)(3) corporation." between the bar and "Donate!" button.

- Steve

PS: As an aside, Wikipedia has a large amount of money and seem to be
raising enough to create a trust. They have $77 million net assets
compared to annual expenses around $5 million. [2]

[0] https://github.com/freenet/website/pull/20
[1] https://validator.w3.org/nu/?doc=https%3A%2F%2Ffreenetproject.org%2F
[2]
https://upload.wikimedia.org/wikipedia/foundation/0/0b/Audit_Report_-_FY_14-15_-_Final.PDF



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] A bold idea for discussion: "Freenet 2"

[Steve Dougherty]

On 11/05/2015 04:35 PM, Matthew Toseland wrote:
> On 03/11/15 18:00, Ian wrote:
...
>> Thoughts?
> IMHO general file storage is important. Even for revolutions! How much
> of the supposed technical contribution to the Arab Spring was videos on
> Youtube?
> 
> I would like to see a prototype of Tahrir. I don't think it should be
> called Freenet 2.0.

Agreed. Freenet is not just its code but also its community. Freenet is
Freenet, and Tahrir is its own thing. Tahrir should not take Freenet's name.



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

[freenet-dev] Links for Bob Ham

[Steve Dougherty]

On 11/04/2015 07:02 AM, Bob Ham wrote:
...
> That is extremely unhelpful.  I've done my research, I've looked through
> the website and the wiki and on Freenet and I've read some of the papers
> linked on the website.  I've not found anywhere a description of the
> fundamental problems which Toad says exist.  So I've asked Toad if he
> can describe these fundamental problems.  For some reason though, people
> have come along and said "don't ask questions like that!"

Did you see https://wiki.freenetproject.org/Research_challenges or the
section titled "Do we understand Freenet?" on toad's blog?
USK@yGvITGZzrY1vUZK-4AaYLgcjZ7ysRqNTMfdcO8gS-LY,-ab5bJVD3Lp-LXEQqBAhJpMKrKJ19RnNaZMIkusU79s,AQACAAE/toad/55/

I hope you can understand why a community might be hostile when it is
approached and instructed to shape up, form a strategy, and get some
leadership together already. It's condescending. What information we
have provided you've responded with being condescending some more.



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Links for Bob Ham

[Steve Dougherty]

On 11/04/2015 07:41 AM, Steve Dougherty wrote:
...
> Did you see https://wiki.freenetproject.org/Research_challenges or the
> section titled "Do we understand Freenet?" on toad's blog?
> USK@yGvITGZzrY1vUZK-4AaYLgcjZ7ysRqNTMfdcO8gS-LY,-ab5bJVD3Lp-LXEQqBAhJpMKrKJ19RnNaZMIkusU79s,AQACAAE/toad/55/

Also this thread:
https://emu.freenetproject.org/pipermail/devl/2014-March/037504.html




signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Thoughts on website

[Steve Dougherty]

We're aware of the excessive vertical space and are working on fixing it.

On Wed, Nov 4, 2015, 10:39 AM Michael Grube  wrote:

> Should the website maybe also mention Freenet's 501c3 status near the
> donation bar?
> On Nov 4, 2015 10:34 AM, "Ian Clarke"  wrote:
>
> > I like the donation bar, and the website is a huge improvement.
> >
> > However, I'm still very concerned about how much blank space there is on
> > our front page, while you have to scroll down to see any kind of real
> > explanation of what Freenet is.  The bulk of the information is below the
> > fold.  I really think the layout is all wrong here, and given that it's
> the
> > landing page, it is absolutely critical that we get it right.
> >
> > I'm also not a fan of the scrollbox as the primary means to explain what
> > Freenet is (it get's price of place in the middle of the page).  I find
> it
> > pretty cumbersome.  It might be good off to the side, but not right in
> the
> > middle of the first page people see (surrounded by mostly blank space).
> >
> > Can anyone think of any other well-designed website that has so much
> empty
> > space above the fold when the page is first loaded?  I guess you could
> say
> > that Google does, but they have far less explaining to do.
> >
> > I've submitted it for feedback here:
> >
> >
> https://www.reddit.com/r/design_critiques/comments/3ri38h/we_recently_redesigned_our_website_would_love/
> >
> > Ian.
> >
> > --
> > Ian Clarke
> > Founder, The Freenet Project
> > Email: i...@freenetproject.org
> > ___
> > Devl mailing list
> > Devl@freenetproject.org
> > https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
> ___
> Devl mailing list
> Devl@freenetproject.org
> https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Request for comments: Change list+IRC policy to avoid full rewrite flamewars

[Steve Dougherty]

On 11/04/2015 02:40 AM, xor wrote:
> On Tuesday, November 03, 2015 08:38:06 PM Ian Clarke wrote:
>> I don't think censorship is the answer :)
...
> Also, there is the psychological effect of destroying the motivation of 
> everyone who reads those threads, including the volunteers.

It certainly is demoralizing to suggest a rewrite, yes. Freenet's
community would not all follow to a rewritten version, especially if it
wasn't compatible. That makes a rewrite more like a separate but
tangentially related project.



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Project Status

[Steve Dougherty]

On 11/02/2015 08:02 AM, Bob Ham wrote:
> On Mon, 2015-11-02 at 06:28 -0500, Steve Dougherty wrote:
>> On 11/02/2015 06:26 AM, Steve Dougherty wrote:
>>> On 11/02/2015 06:21 AM, Bob Ham wrote:
>>>> On Mon, 2015-11-02 at 05:54 -0500, Steve Dougherty wrote:
>>>>> one
>>>>> may observe that we have not written up protocol documentation, making
>>>>> that our current strategy.
>>>>
>>>> I'm not sure what you mean; what are you referring to with the word
>>>> "that"?  What is your current strategy?
>>>
>>> The current strategy is to not document things. I think calling it a
>>> strategy is a stretch because a strategy requires coordination and
>>> planning. No one has wanted to document the protocol, so it hasn't
>>> gotten documented.
>>
>> Er, that's poor phrasing. No one has wanted to document the protocol
>> enough to document it themselves. I'm not being insightful here - it
>> hasn't happened, so our "strategy" is to not do it.
> 
> You're right, that's not a strategy.
> 
> Regardless, I think there's some confusion here.  I'm not talking about
> a strategy for creating a file containing information about the Freenet
> protocol.  What I'm talking about a strategy for getting the protocol to
> a point where it's worth other people implementing it and then writing
> high quality documentation that allows them to do so, possibly even
> publishing an RFC describing it.
> 
> It seems that nobody here believes that in five years' time Freenet
> developers will be publishing an RFC.  Instead, people seem to be
> focussed on updating the website, worrying about user interface niggles
> and fretting over whether users can install new versions of Fred easily
> enough.
> 
> I'm talking about a strategy for getting the project to a point where it
> can actually have meaningful impact on the world.  There doesn't seem to
> be any direction in the project.  There's some software and some kind of
> community around it but there seems to be no vision of how to move
> forward to a point where the project contributes to something wider.
> 
> What is the priority of the project, is it to ensure that as many
> Windows users as possible have a little Freenet icon in their status
> tray?  Or is it to play a role in creating a world where nobody really
> uses Windows because they recognise how massive a threat it is to their
> privacy and security?  At the moment the priority seems to be the former
> and there seems to be no idea about how to approach the latter (a
> "strategy").

I feel like you're belitting what work we do because we have not
performed it in accordance with an overarching strategy. While you are
correct that working toward a larger vision can be a very good thing,
I'm hurt by that. I do have ideas for workflows I'd like to see Freenet
support, and can go into them if you'd consider that enough to be a
strategy.

Do you have any suggestions to make?



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Project Status

[Steve Dougherty]

On 11/01/2015 09:47 AM, Bob Ham wrote:
> On Sun, 2015-11-01 at 12:07 +0100, Arne Babenhauserheide wrote:
>> On Saturday, 31. October 2015 16:27:42 Bob Ham wrote:
...
>> 4. incorrect assumption: There is no clear strategy about the
>>documentation of the protocol.
>>
>> The current clear strategy includes
> 
> Are you saying there is now a strategy for publishing documentation on
> the protocol?  Has the situation changed since I asked on IRC and found
> an absence of such a strategy?  If the situation has changed, can you
> provide me with a reference to the strategy?

The strategy is not written up and adopted formally. It's more that one
may observe that we have not written up protocol documentation, making
that our current strategy.



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Project Status

[Steve Dougherty]

On 11/02/2015 06:26 AM, Steve Dougherty wrote:
> On 11/02/2015 06:21 AM, Bob Ham wrote:
>> On Mon, 2015-11-02 at 05:54 -0500, Steve Dougherty wrote:
>>> one
>>> may observe that we have not written up protocol documentation, making
>>> that our current strategy.
>>
>> I'm not sure what you mean; what are you referring to with the word
>> "that"?  What is your current strategy?
> 
> The current strategy is to not document things. I think calling it a
> strategy is a stretch because a strategy requires coordination and
> planning. No one has wanted to document the protocol, so it hasn't
> gotten documented.

Er, that's poor phrasing. No one has wanted to document the protocol
enough to document it themselves. I'm not being insightful here - it
hasn't happened, so our "strategy" is to not do it.



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Project Status

[Steve Dougherty]

On 11/02/2015 06:21 AM, Bob Ham wrote:
> On Mon, 2015-11-02 at 05:54 -0500, Steve Dougherty wrote:
>> one
>> may observe that we have not written up protocol documentation, making
>> that our current strategy.
> 
> I'm not sure what you mean; what are you referring to with the word
> "that"?  What is your current strategy?

The current strategy is to not document things. I think calling it a
strategy is a stretch because a strategy requires coordination and
planning. No one has wanted to document the protocol, so it hasn't
gotten documented.



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Freenet debian package

[Steve Dougherty]

Okay, that makes sense. Build 1471 will be a transition build to avoid
feature creep, and we'll need a build of WoT that includes db4o for 1472.

- Steve

On Wed, Oct 28, 2015, 7:20 AM Ximin Luo 
wrote:

> On 28/10/15 10:51, Florent Daigniere wrote:
> > On Tue, 2015-10-27 at 21:47 +0100, Arne Babenhauserheide wrote:
> >> Am Sonntag, 25. Oktober 2015, 15:13:06 schrieb Matthew Toseland:
> >>> I disagree. We should take reasonable steps to avoid breaking
> >>> unofficial
> >>> plugins, but we shouldn't let it cripple us. We are not Microsoft.
> >>> And
> >>> db4o is unmaintained upstream...
> >>
> >> Let’s avoid doing another “hey, we’re growing again, how about
> >> breaking people’s setup?” ← we already did that a few times. It was
> >> pretty frustrating.
> >>
> >> There’s no gain from removing db4o except for ideological pureness,
> >> which has no value for our users.
> >>
> >
> > More software -> more maintenance burden -> more bugs -> less time
> > spent on fixing things users actually use.
> >
> > What's the part you don't understand?
> >
> > Right now, keeping db4o means headaches with packaging and build-system
> > integration. It's one of the few dependencies we have that uses
> > Maven...
> >
> > Nobody is happy with it; the ideology purists, the packagers nor the
> > people who actually use it (xor's plugins). They all want change
> > (removal or upgrade depending on who you ask); unless you volunteer to
> > handle the actual changes, I'm not sure I understand why you'd get a
> > vote on what will happen.
> >
>
> FWIW scrapping db4o will also help the debian package actually enter
> Debian at some point - it's one less dependency to have to bundle (and
> argue with the FTP masters about).
>
> X
>
> --
> GPG: 4096R/1318EFAC5FBBDBCE
> git://github.com/infinity0/pubkeys.git
> ___
> Devl mailing list
> Devl@freenetproject.org
> https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Git push access

[Steve Dougherty]

On 10/25/2015 07:31 AM, Ximin Luo wrote:
> Hi, can I get git push access back on debian.git and contrib.git? I
> have some updates to make.

Added.

> Also note the teams (as in Github Teams) are now useless since they
> only provide permissions to *-staging, but those repos have all be
> renamed away.

Yikes, they have indeed rotted.

> Ian, Toad and NextGens are the only current admins of the GitHub org,
> but none of them are very active on the project. Should we add
> another more active person as admin?

That would be good.



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Freenet debian package

[Steve Dougherty]

On 10/25/2015 09:02 AM, Matthew Toseland wrote:
> On 25/10/15 10:22, Arne Babenhauserheide wrote:
>> Am Samstag, 24. Oktober 2015, 16:06:42 schrieb Matthew Toseland:
>>> We could even get rid of db4o if we can bundle it with the
>>> plugins that need it.
>> Let’s not do anything which could break plugins.
> Why not? Do any unofficial plugins use db4o?

We can't assume that they don't.



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

[freenet-dev] Freenet 0.7.5 1471-pre2

[Steve Dougherty]

oveKey(), and THEN add the bytes to the
counter.
  CachingFreenetStoreTracker: add() have a lower threshold, say 90%
of maxSize, when it will start a write job, but still accept the data.
  CachingFreenetStore: If backDatastore.put() throws, we should
probably still remove the key. We don't want to keep looping forever.
This is especially important for KeyCollisionException.
  CachingFreenetStore: always remove the key, even if we get
IOException and check if the last version of the block are equals to the
block pushed. it might have changed if there was a put() with
overwrite=true. If it has changed, return 0, i.e. don't remove it
  CachingFreenetStore: error in equals, correct

Steve Dougherty (29):
  themes: avoid styling headers as normal text
  l10n: remove unused strings
  l10n: polish phrasing and fix typos
  l10n: fix spelling of "compromised"
  l10n: reduce configuration description aggression
  l10n: polish phrasing and fix typos
  Convert NEWS to Markdown
  NEWS: remove 1468 tray download mention
  Fix spelling of "infeasible"
  CONTRIBUTING: document adding news entries
  l10n: remove unused string
  l10n: replace "meta-string" with "path component"
  l10n: remove duplication; fix phrasing in SSL options
  l10n: avoid duplication; fix phrasing
  l10n: polish phrasing
  l10n: fix mailing list address
  l10n: clarify progress page purpose
  Move Gantros' index to top bookmark
  BookmarkEditor: reduce code duplication
  BookmarkEditor: disallow empty bookmark names
  Parse empty bookmark name as "Unnamed Bookmark"
  Add bookmark name NEWS entry
  default bookmarks: move Enzo's Index to the top
  Update WebOfTrust to build 18
  Update translations
  Remove untranslated strings
  Update Freemail to v0.2.7.2
  Update FlogHelper to v35
  Update KeyUtils to v5025

drak@kaverne (8):
  add a NEWS file
  add a NEWS entry about the NEWS file
  bookmarks: indexes for default bookmarks in software category were
wrong.
  default bookmarks: Fix: did not adjust the documentation category
name.
  update NEWS
  improve our READMEs with build instructions
  add a note how to run the built freenet yourself.
  switch the default theme to sky static

saces (1):
  set addItem to public

xor-freenet (1):
  Eclipe classpath: Fix sourcepath of contrib to match repository name



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Freenet 0.7.5 1471-pre1

[Steve Dougherty]

On 08/29/2015 06:36 AM, Matthew Toseland wrote:
> On 28/08/15 23:31, Steve Dougherty wrote:
>> Freenet unstable testing prerelease 1471-pre1 is now available.
...
> Did you resolve the problems with updating essential plugins? We can't
> require a new version of an essential plugin. Period. Until we fix
> plugin updating... The log doesn't seem to include stuff about
> recommended vs minimum versions?

Not yet, no, and neither does 1471-pre2. That'll mean either finish
implementing recommended version update or roll back the recommended
version setting.



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Freenet Hackathon?

[Steve Dougherty]

What time works for you? Perhaps that too will work for others.

On Fri, Oct 23, 2015, 11:26 AM Dan Roberts <ademan...@gmail.com> wrote:

> Hi Steve,
> Thanks for proposing a date, unfortunately I actually have final
> exams the week of December 14th so I have very limited availability
> that weekend. I was also hoping to try to rally some people from my
> university, so the weekend before finals week is doubly difficult.
> However, realistically, I think I'd be lucky to attract more than 2-3
> interested students anyways, so that may not really matter, especially
> if Dec 12-13 works best for others.
>
> Cheers,
> Dan
>
> On Thu, Oct 22, 2015 at 8:39 PM, Steve Dougherty <st...@asksteved.com>
> wrote:
> > Does December 12th - 13th work for people?
> >
> >
> > ___
> > Devl mailing list
> > Devl@freenetproject.org
> > https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
> ___
> Devl mailing list
> Devl@freenetproject.org
> https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Freenet debian package

[Steve Dougherty]

On 10/23/2015 02:54 AM, dean wrote:
> On 10/23/15 13:50, Steve Dougherty wrote:
>> On 10/22/2015 06:09 PM, dean wrote:
>>> Hi all,
>>>
>>> I have been hacking on the freenet debian package for a little while and
>>> I think I have gotten it up to a usable stage. Id like some feedback if
>>> someone would like to browse/test it please?
>>
>> Sure! I'm glad to hear you got this working again. Hopefully we'll be
>> able to start publishing it this time around.
>>
>> From looking at the diff:
...
>> * GWT continues to be painful. What is it required for? IIRC it's the
>>   progress loading images, which are cool, but also kinda abandoned.
>>   Maybe someone will be interested in rescuing them during the
>>   hackathon?
> 
> Yes! I'm not at all happy including the jars like that, it was a bit of
> a last resort so that the build process will work for everybody. I need
> to do some digging here, hopefully the hackathon can purge it forever.

It's certainly the pragmatic choice. I've started
https://wiki.freenetproject.org/Wiki/Hackathon

>> * The change to the seednodes update makes things end up in a different
>>   directory: it removes one cd but not the matching cd -.
> 
> Nice one, Fixed. Also went back to timestamping, much better, thanks!.

On that note, is there a reason to commit seednodes.fref if it's liable
to be overwritten when fetched? Is it a fallback for if it can't be fetched?

>> * I don't think v29 is preferable to contrib master. master is split
>>   into multiple jars,  which is better and I'm hoping we can move to it.
> 
> My thoughts on this were: The debian package should use exactly the same
> code as everybody else does. Isn't contrib master considered untested? I
> planned to trial contrib master in branch until freenet used contrib
> master too. Am I being silly? Should I just use master?

I'd be interested in restoring using master, yes. It's a good point that
using the same version as deployed has consistency benefits, but:

* Would using split contrib minus the wrapper things it builds make it
  entirely use the Debian wrapper and avoid wrapper version mismatch
  forevermore?
* As I'm hoping to move to contrib master in unpackaged Fred within the
  next few releases, putting it in the Debian package which is already
  in testing for other reasons would give contrib master some testing
  as well.

...
> It should be fairly trivial to update the wrapper freenet uses shouldn't
> it? Maybe I'll look at this later, or when the build system gets upgraded.

It should be, but it isn't as easy as it should be because of the
monolithic freenet-ext.

>> * Why not depend on Bouncy Castle? I'd rather make a Debian package for
>>   1.52 and use that.
> 
> Me too. The problem is in the making of the package. I'm subscribed to
> the debian-java mail list and there has been mention of updating it, but
> who knows when. I was trying to make this package usable right now and
> depending on an old lib freenet will refuse to use is just a waste of
> disk space.

That's an update for the experimental version though, right? That
doesn't help people on earlier versions.

>> * Why is extlib.wrapper.suppress in contrib.override.properties changed
>>  to false?
> 
> Because of he wrapper version mismatch I referred to above, debian/rules
> now builds wrapper.jar and includes it in /usr/share/java/freenet ( so
> as to not confuse it with the /usr/share/java/wrapper.jar from
> service-wrapper in the repo). Its a bit of a mess I know...
> 
> In most of the decisions I made here I tried to take the safe option to
> try to minimise debian only bugs and reduce workload and maintenance so
> this package can be usable for a long time. This is still a work in
> progress. A freenet debian repo would be nice too so I can just add
> http://freenetproject.org/debian to my sources.list does anyone think
> that could be possible? I understand we are still a while away form that
> stage but a man can dream cant he?.

A repo would be great! Probably
https://downloads.freenetproject.org/debian/, though. Also - Debian
packages can be used to update over Freenet too. Mempo's already doing
it, though the experience would be improved by a plugin which downloads
everything under a USK and mirrors it locally.

>> Thanks,
>> Steve
> 
> Thanks for your review! Do you think you will get a chance to build and
> test the package too? I understand your very busy so its ok if you cant,
> maybe someone else can?.

I'll do that too, but probably not this weekend because I'll be working
on the 1471-pre2 prerelease.

> Thanks again,
> Dean.




signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Project Status

[Steve Dougherty]

I'm not proposing that we bundle Tor, that this replace the existing UDP
transport, nor that it become a typical mode of operation. I'm pointing out
a possible use of a TCP transport plugin. I'm also not suggesting we do a
whole bunch of Tor-specific discovery/routing work like Matthew mentioned.
The initial use case is limited to darknet connections between hidden
services.

On Fri, Oct 23, 2015, 10:39 AM Ian <i...@locut.us> wrote:

> On Thu, Oct 22, 2015 at 10:16 PM, Steve Dougherty <st...@asksteved.com>
> wrote:
> >
> > While it's true that we can't exactly "leave the anonymity to Tor," I do
> > think we could be able to make use of Tor. If we can get a TCP transport
> > plugin working people can set up a node as a hidden service and reduce
> > the visibility of running a node.
>
>
> If we were getting a lot of complaints about Freenet being too fast, too
> easy to install, too easy to use, or not bloated enough, then bundling Tor
> would be a great way to solve all of these complaints.
>
> Otherwise, it still seems like a really awful idea.
>
> Ian.
> ___
> Devl mailing list
> Devl@freenetproject.org
> https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Project Status

[Steve Dougherty]

On 10/16/2015 11:13 AM, Ian wrote:
> On Thu, Oct 15, 2015 at 6:38 PM, 
> wrote:
...
>> I'm questioning if the overhead of designing and maintaining yet another
>> anonymity protocol makes sense given Freenet's current situation. You can
>> concentrate on polishing Freenet UX and storage algorithms instead and
>> leave the anonymity to Tor.
> 
> 
> As I already said in my previous email, that is nonsense.  Freenet's
> "anonymity" is at the core of what Freenet is.  You can't just "unplug" the
> anonymity and plug Tor in in it's place.  It doesn't work like that.

While it's true that we can't exactly "leave the anonymity to Tor," I do
think we could be able to make use of Tor. If we can get a TCP transport
plugin working people can set up a node as a hidden service and reduce
the visibility of running a node.



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Freenet Hackathon?

[Steve Dougherty]

Does December 12th - 13th work for people?



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Behind the times

[Steve Dougherty]

On 10/22/2015 10:58 PM, Ian Clarke wrote:
> On Thu, Oct 22, 2015 at 9:43 PM, Steve Dougherty <st...@asksteved.com>
> wrote:
...
>> I don't understand what you mean by this exactly. Reduce padding between
>> sections and put the download button where? Up in the menu?
>>
> 
> Probably below the menu, but in the top-right of the page.  That way it's
> very prominent, but not the immediate thing that attracts attention.

Why?

> I think right now the first thing people are encouraged to look at is the
> Download button, but to figure out why they might want to consider
> downloading, they have to scroll down to the "What is Freenet?" section.

Currently the Browse and Forums panes link to the same page, so I'd want
to fix that before making the section even more prominent. Somewhat less
scrolling would be good here, yes.

> I think we need a very concise explanation of why they would want to
> download Freenet as the focal point for the front page.
> 
> Thoughts?

That's the intent of the slides, which are above the button: it starts
on "Avoid Censorship" "Freenet is a platform for censorship-resistant
communication and publishing. ..."

Is that more verbose than you were thinking?



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Freenet debian package

[Steve Dougherty]

On 10/22/2015 06:09 PM, dean wrote:
> Hi all,
> 
> I have been hacking on the freenet debian package for a little while and
> I think I have gotten it up to a usable stage. Id like some feedback if
> someone would like to browse/test it please?

Sure! I'm glad to hear you got this working again. Hopefully we'll be
able to start publishing it this time around.

From looking at the diff:

* The contrib submodule path should lose the "-staging" too.
* GWT continues to be painful. What is it required for? IIRC it's the
  progress loading images, which are cool, but also kinda abandoned.
  Maybe someone will be interested in rescuing them during the
  hackathon?
* The change to the seednodes update makes things end up in a different
  directory: it removes one cd but not the matching cd -.
* I don't think v29 is preferable to contrib master. master is split
  into multiple jars,  which is better and I'm hoping we can move to it.
* Does the wrapper not work with the packaged Debian version? In my
  experience it'll sometimes work despite a mismatch. I don't know if
  that's unstable.
* Why not depend on Bouncy Castle? I'd rather make a Debian package for
  1.52 and use that.
* Why is extlib.wrapper.suppress in contrib.override.properties changed
 to false?

Thanks,
Steve



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Behind the times

[Steve Dougherty]

On 10/22/2015 08:15 PM, Ian wrote:
> Yay!
> 
> I think it's a huge improvement.

:D

> One issue is there are a couple of places that could use a bit more
> contrast, particularly the "SUMA Award" logo should probably be brighter.

Brightened.

> Another thing is that there is a lot of empty space "above the fold",
> mostly to accommodate the central placement of the "Download Freenet"
> button I think.

Yep. Ademan and I are looking into reducing the amount of vertical space
between the menu and the first section on the main page.

> Could we move the "What is Freenet?" section up, and perhaps move the
> download link to the top right of the page?

I don't understand what you mean by this exactly. Reduce padding between
sections and put the download button where? Up in the menu?



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Behind the times

[Steve Dougherty]

The site is now live.

On 10/05/2015 05:22 AM, Steve Dougherty wrote:
> It's given in the prompt: both are "guest".
> 
> 
> 
> On Sun, Oct 4, 2015, 11:41 PM Ian <i...@locut.us> wrote:
> 
> 
> What's the username/pwd for https://testing.freenetproject.org/ ?
> 
> On Sun, Oct 4, 2015 at 10:40 PM, Steve Dougherty <st...@asksteved.com>
> wrote:
> 
>> On 09/29/2015 07:26 PM, Arne Babenhauserheide wrote:
>> > Am Dienstag, 29. September 2015, 14:50:27 schrieb Ian Clarke:
>> >> - Website badly needs an update, it looks very dated and frankly a
>> bit
>> >> spammy. Bootstrap <http://getbootstrap.com/>
>> >> anyone, or even the Github page generator
>> >> <https://github.com/blog/1081-instantly-beautiful-project-pages>
>> >> would be a big improvement
>> >
>> > Gerard created a new site a few months ago and we've been working on
>> > finalizing it since then. Yesterday he uploaded a new test-version:
> 
>> I spent the weekend on this and I think it's almost ready. When I get
>> more time to devote to it I'll upload it to Transifex and put out a call
>> for translators. I'd like to avoid deploying it with fewer words
>> translated than the current site, but I'll put a 2-week maximum on how
>> long to wait.
> 
>> The current development state of the site remains here:
> 
>> https://testing.freenetproject.org/
> 
>> and my fork is
> 
>> https://github.com/Thynix/freenet-website



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Freenet Hackathon?

[Steve Dougherty]

On 10/20/2015 10:10 PM, Dan Roberts wrote:
> Hi Everybody,
> 
> Is anyone interested in a Freenet hackathon?

I am!

...
> Given the rather dire sounding "Project Status" thread, one
> of the first threads I caught since I signed up for the ML, I think a
> this might be useful to re-envigorate the project.

Agreed.

> Proposal
> 
> 
> I propose that the Freenet Project hold a 48-hour weekend hackathon
> (00:00 Saturday to 23:59 Sunday) sometime this fall or winter, and
> advertise it for a month or so prior.

Sounds good. I can look into whether something around my local
cryptoparty can get involved as well.

> To do this, the project needs a few things:
> 
> 1. A straight forward goal or priority, and lots of low-hanging-fruit
>bugs contributing to that goal.

Any ideas for that? Fixing UI annoyances? Probably-physical-layer bugs
like https://bugs.freenetproject.org/view.php?id=6612 ? Going through
and finding strange code that can be improved? Darknet invites?

UI things seem likely to be the most accessible thing for newcomers that
comes to mind.

> 2. A guide to getting up and running quickly (perhaps gradle is useful
>here?). https://wiki.freenetproject.org/Building_from_source
>definitely needs a bit of help either way though (I can at least
>update the command-line section).

https://github.com/freenet/fred/pull/412 exists and could be a good
starting point; I agree that gradle seems like a better near-term solution.

> 3. Support for green developers. There will be a lot of questions.
>(Although it may lead to a "blind-leading the blind" situation, I
>volunteer here.)

I plan to be around as well. Anyone else?

> Possible issues
> ===
> 
> I imagine one possible objection to this initiative is that code
> reviewer time is finite, perhaps the increased contribution volume would
> actually be counterproductive? If this is the case, then a hackathon is
> probably a non-starter, unless a large backlog of non-critical patches
> is acceptable.

I'd be surprised if people go from a new codebase to anything requiring
long review in the span of 48 hours. I'll be around, and hopefully other
people who can review things as well, so I'd expect us to be able to
deal with much if not all of it very quickly.

> The other issue is that few if any of us are in the same time zones. I
> believe this is pretty much a non-issue, it would be a 48-hour event,
> and if all existing developers commit to participating for some portion
> of the weekend, there will probably be significant overlap (which is
> good).
> 
> Even if there is zero new-developer turnout, it would be useful to the
> project to have a designated time when everyone is working together (and
> in fact perhaps be more productive in that sense).

Agreed.



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Does anyone have rthist.png?

[Steve Dougherty]

Yep, I think that's it. That page, and by extension that diagram, were for
Freenet 0.5, so it's removed from the redesigned website. That makes the
German article the outdated one.

From mobile

On Mon, Oct 12, 2015, 2:35 AM xor  wrote:

> Was it this maybe?
> https://commons.wikimedia.org/wiki/File:Rthist.png
>
> Btw: It is only used on the German Wikipedia page, not on the English one.
> Either the German one is outdated, or the English
> one.___
> Devl mailing list
> Devl@freenetproject.org
> https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Dependency management was Re: Behind the times

[Steve Dougherty]

We already distribute runtime dependencies with Freenet; I don't think it
would be reasonable to distribute things required only for development like
JUnit / Hamcrest.

From mobile


On Mon, Oct 12, 2015, 5:37 PM Arne Babenhauserheide @ web.de > wrote:

Am Montag, 12. Oktober 2015, 13:09:48 schrieb Ian:
> > Can we make Tor or repo-over-freenet the default for people who build
> > freenet?
>
> Since Freenet can (in theory) do it, I think it would be much better to
use
> Freenet from an "eat your own dogfood" perspective.  I think the only
> danger here is that we further complicate things for a developer trying to
> get into the project.

I agree.

Could we just ship all required libraries (jars) for building Freenet
with every freenet install, so developers could just copy them over
from their Freenet directory (or point the build tool to the freenet
install)?

That should be easier than any other way of installation, because
everyone running freenet would already have all the libraries in
place. Also it would be ensured by our auto-updater that the libraries
are always the right ones for the current version of Freenet.

Best wishes,
Arne___
Devl mailing list
Devl @ freenetproject.org

https ://

emu.freenetproject.org
/
cgi
-bin/mailman/
listinfo
/
devl

___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl