Re: [freenet-dev] Freenet Rebooted (without rewriting everything, pay for opennet)

[Matthew Toseland]

On 01/12/15 04:13, charles wrote:
> So based on what I've read from the rest of this thread, that is not
> stated clearly in this pitch, is that a Full Opennet Node is similar to
> Tor's Relays or Directory Authorities (I believe you'r saying the later,
> but not sure, maybe some combo?). So the only thing that people would
> pay for was the right to run one of these Relay/Authorities. The average
> Freenet user would never need to be aware that this was happening in
> order to use opennet as they normally do, for free. Is that correct?

Pretty much.

The idea is that Full Opennet Nodes would participate in tunnels, and we
might also restrict routing high HTL traffic to them. Ordinary nodes
would still store data and relay traffic. Or ordinary transient nodes
would just connect and send requests (including tunneled requests).
Users who run an FON and run local requests on it get better performance
than an ordinary opennet node would.

Right now there are no tunnels on Freenet. There are ways to add
tunnels, but if we want to remain scalable/near-fully decentralised,
they only protect against up to 20% malicious nodes. And we would
certainly have to avoid using slow nodes in tunnels if we want
reasonable performance.
>
> -Charles
>
> On 11/30/15 10:29 AM, Matthew Toseland wrote:
>> We have several major problems:
>> 1. We need a major injection of cash.
>> 2. We will not have a big connected darknet any time soon.
>> 3. Opennet is not secure unless users pay for introduction.
>> 4. Opennet is slow because of lowest common denominator load.
>>
>> I propose: Freenet Rebooted.
>>
>> A Kickstarter, but based on extending the current code, not a full
>> rewrite. A lot of it actually works reasonably well.
>>
>> MAJOR CHANGES:
>> 1. Darknet enhancements, but we recognise that we will need a large,
>> fast opennet backbone to connect the darknet pockets for the time being.
>> 2. You can only run a Full Opennet Node if you have an Opennet Invite
>> and meet bandwidth/performance requirements.
>> 3. Only Full Opennet Nodes route tunnels and/or high HTL traffic.
>> 4. There may be further restrictions for security reasons, if so we will
>> ensure that an OI still gives performance benefits (even if you are not
>> routing traffic).
>> 5. Opennet tunnels via ShadowWalker.
>> 6. Better seednodes.
>> 7. Most of the enhancements to other areas we've previously discussed.
>> 8. Transient mode reintroduced, so opennet Freenet is still free as in
>> beer, and secure with tunnels. Great for uploading on the run! But
>> transient nodes don't route traffic/tunnels and get lower performance.
>> 9. Investigate hardware partners and home-server UI issues. Long term we
>> need cheap, convenient hardware nodes, because we need uptime.
>>
>> Initially we aim to raise $1M. Anyone who donates $100 gets an Opennet
>> Invite, so this is 10,000 users. Hardware nodes might be a good donor
>> perk too. In future we anticipate charging for OI's, but expect an
>> increasing proportion to be provably given to other worthwhile,
>> respected and relevant charities e.g. EFF: The price paid to become part
>> of the network infrastructure is mainly a deterrent to large scale
>> attacks, rather than a means of raising revenue.
>>
>> Thoughts?
>>
>> Obviously there is a risk of people running parallel networks for $99 or
>> whatever, or #freenet-refs style auto-darknet meshes. Some of them will
>> be scammers and we have a good web presence to start with; I don't think
>> we should worry about this.



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Freenet Rebooted (without rewriting everything, pay for opennet)

[Arne Babenhauserheide]

Am Montag, 30. November 2015, 21:23:07 schrieb Matthew Toseland:
> Most people can't run Freenet 24x7 even if they wanted to, or can't
> afford to,

This is fixed by Darknet FOAF.

> and most people don't want to run Freenet at all, even if their
> friend urges them to.

This I doubt. Currently Darknet is so hard to use that we hardly have
any data about adoption.

As an example what could help: For years there’s been a bug report
about letting the one who creates the invitation bundle select the
bookmarks to share. We did not implement it, though, because we spent
time on Opennet instead.

We don’t even have invitation bundles yet, so we’re in the same
position as GnuPG — which also did not spread despite being completely
acceptable for almost everyone. 

But we can add invitation bundles. It’s all documented in the
bugtracker, just not acted upon. We can’t blame the failures of our
tool only on the content in Freenet.

> But this all started with a thread complaining that we'd added an FAQ
> entry saying at least one police force can break opennet Freenet and
> we're not doing anything about it and darknet isn't an acceptable
> answer.

Since the claim that we’re not doing anything is not true, I don’t
really worry about that. I worry more about radical breaking of
Opennet as a knee-jerk reaction on criticism.

Best wishes,
Arne

signature.asc
Description: This is a digitally signed message part.
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Freenet Rebooted (without rewriting everything, pay for opennet)

[charles]

So based on what I've read from the rest of this thread, that is not
stated clearly in this pitch, is that a Full Opennet Node is similar to
Tor's Relays or Directory Authorities (I believe you'r saying the later,
but not sure, maybe some combo?). So the only thing that people would
pay for was the right to run one of these Relay/Authorities. The average
Freenet user would never need to be aware that this was happening in
order to use opennet as they normally do, for free. Is that correct?

-Charles

On 11/30/15 10:29 AM, Matthew Toseland wrote:
> We have several major problems:
> 1. We need a major injection of cash.
> 2. We will not have a big connected darknet any time soon.
> 3. Opennet is not secure unless users pay for introduction.
> 4. Opennet is slow because of lowest common denominator load.
>
> I propose: Freenet Rebooted.
>
> A Kickstarter, but based on extending the current code, not a full
> rewrite. A lot of it actually works reasonably well.
>
> MAJOR CHANGES:
> 1. Darknet enhancements, but we recognise that we will need a large,
> fast opennet backbone to connect the darknet pockets for the time being.
> 2. You can only run a Full Opennet Node if you have an Opennet Invite
> and meet bandwidth/performance requirements.
> 3. Only Full Opennet Nodes route tunnels and/or high HTL traffic.
> 4. There may be further restrictions for security reasons, if so we will
> ensure that an OI still gives performance benefits (even if you are not
> routing traffic).
> 5. Opennet tunnels via ShadowWalker.
> 6. Better seednodes.
> 7. Most of the enhancements to other areas we've previously discussed.
> 8. Transient mode reintroduced, so opennet Freenet is still free as in
> beer, and secure with tunnels. Great for uploading on the run! But
> transient nodes don't route traffic/tunnels and get lower performance.
> 9. Investigate hardware partners and home-server UI issues. Long term we
> need cheap, convenient hardware nodes, because we need uptime.
>
> Initially we aim to raise $1M. Anyone who donates $100 gets an Opennet
> Invite, so this is 10,000 users. Hardware nodes might be a good donor
> perk too. In future we anticipate charging for OI's, but expect an
> increasing proportion to be provably given to other worthwhile,
> respected and relevant charities e.g. EFF: The price paid to become part
> of the network infrastructure is mainly a deterrent to large scale
> attacks, rather than a means of raising revenue.
>
> Thoughts?
>
> Obviously there is a risk of people running parallel networks for $99 or
> whatever, or #freenet-refs style auto-darknet meshes. Some of them will
> be scammers and we have a good web presence to start with; I don't think
> we should worry about this.
>
>
>
> ___
> Devl mailing list
> Devl@freenetproject.org
> https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl




signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Freenet Rebooted (without rewriting everything, pay for opennet)

[Matthew Toseland]

On 30/11/15 21:12, Arne Babenhauserheide wrote:
> Am Montag, 30. November 2015, 20:54:38 schrieb Matthew Toseland:
>> 1) Stick our heads in the sand and sing the glories of opennet, in spite
>> of clear evidence of it being irredeemably broken, or
>> 2) Hope that more people use darknet.
> Binary choices are almost always (self-) deception.
>
> 3) Improve darknet usability so the default mode for new users is
>being invited by an existing Freenet user.

Even if that was true it would still take a long time to have large
enough darknet pockets to provide meaningful protection against an
attacker connected to all opennet nodes. And making darknet easier will
not overcome the other problems: Most people can't run Freenet 24x7 even
if they wanted to, or can't afford to, and most people don't want to run
Freenet at all, even if their friend urges them to.

It's a goal we should strive for, because if we get viral growth then we
probably get exponential growth. But it requires a very high density at
least within specific sub-communities.
> 4) Talk about the things which already work well.
Definitely a good thing, and my congratulations for your doing so on
your blog etc.

But this all started with a thread complaining that we'd added an FAQ
entry saying at least one police force can break opennet Freenet and
we're not doing anything about it and darknet isn't an acceptable
answer. I hope we achieve a global f2f darknet. I doubt it's possible
without at least a long intermediate stage during which mostly smallish
darknet pockets are linked by opennet.
>
> Best wishes,
> Arne



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Freenet Rebooted (without rewriting everything, pay for opennet)

[Matthew Toseland]

On 30/11/15 21:10, Arne Babenhauserheide wrote:
> Am Montag, 30. November 2015, 19:58:38 schrieb Matthew Toseland:
>>> Even regular E-Mail providers, G+ and Facebook did not find a way to
>>> get a significant number of users to pay — for a service which is
>>> clearly essential for todays communication. Why do you think people
>>> would pay for Freenet?
>> They don't need them to.
> They are trying and trying and trying. My E-Mail provider is spamming
> me every month with a new deal to join its (paid) club.
>
> So they obviously do need them. They just don’t get them without first
> giving them free service for a very long time.

Depends on your email provider. Google charge for very little, they're
too busy with other revenue streams.
> Best wishes,
> Arne



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Freenet Rebooted (without rewriting everything, pay for opennet)

[Matthew Toseland]

On 30/11/15 21:05, Arne Babenhauserheide wrote:
> Am Montag, 30. November 2015, 19:36:43 schrieb Matthew Toseland:
>> How much of this is due to default settings where it didn't manage to
>> autodetect via UPnP? How much to users not making informed choices?
> And why do we have such low default settings?

Because we want to support lowest common denominator users, and people
who forgot that they had a traffic limit etc. I agree we might be able
to increase it.
> Best wishes,
> Arne



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Freenet Rebooted (without rewriting everything, pay for opennet)

[Matthew Toseland]

On 30/11/15 21:04, Arne Babenhauserheide wrote:
> Am Montag, 30. November 2015, 19:36:43 schrieb Matthew Toseland:
>> How much of this is due to default settings where it didn't manage to
>> autodetect via UPnP? How much to users not making informed choices?
> There are two peaks. Would both be from UPnP?
One might be a default option? The other might be a common user choice?
Or it might be it's chosen by people who have a transfer limit, in which
case we can't do much about it, although it might be another default
option? It would be nice to know more about this...
> Best wishes,
> Arne



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Freenet Rebooted (without rewriting everything, pay for opennet)

[Arne Babenhauserheide]

Am Montag, 30. November 2015, 20:54:38 schrieb Matthew Toseland:
> 1) Stick our heads in the sand and sing the glories of opennet, in spite
> of clear evidence of it being irredeemably broken, or
> 2) Hope that more people use darknet.

Binary choices are almost always (self-) deception.

3) Improve darknet usability so the default mode for new users is
   being invited by an existing Freenet user.
4) Talk about the things which already work well.

Best wishes,
Arne
--
Konstruktive Kritik: 

- http://draketo.de/licht/krude-ideen/konstruktive-kritik



signature.asc
Description: This is a digitally signed message part.
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Freenet Rebooted (without rewriting everything, pay for opennet)

[Arne Babenhauserheide]

Am Montag, 30. November 2015, 19:58:38 schrieb Matthew Toseland:
> > Even regular E-Mail providers, G+ and Facebook did not find a way to
> > get a significant number of users to pay — for a service which is
> > clearly essential for todays communication. Why do you think people
> > would pay for Freenet?
> 
> They don't need them to.

They are trying and trying and trying. My E-Mail provider is spamming
me every month with a new deal to join its (paid) club.

So they obviously do need them. They just don’t get them without first
giving them free service for a very long time.

Best wishes,
Arne

signature.asc
Description: This is a digitally signed message part.
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Freenet Rebooted (without rewriting everything, pay for opennet)

[Arne Babenhauserheide]

Am Montag, 30. November 2015, 19:36:43 schrieb Matthew Toseland:
> How much of this is due to default settings where it didn't manage to
> autodetect via UPnP? How much to users not making informed choices?

And why do we have such low default settings?

Best wishes,
Arne

signature.asc
Description: This is a digitally signed message part.
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Freenet Rebooted (without rewriting everything, pay for opennet)

[Arne Babenhauserheide]

Am Montag, 30. November 2015, 19:36:43 schrieb Matthew Toseland:
> How much of this is due to default settings where it didn't manage to
> autodetect via UPnP? How much to users not making informed choices?

There are two peaks. Would both be from UPnP?

Best wishes,
Arne


signature.asc
Description: This is a digitally signed message part.
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Freenet Rebooted (without rewriting everything, pay for opennet)

[Matthew Toseland]

On 30/11/15 20:32, Dan Roberts wrote:
> I am strongly against this pay-for-opennet strategy until we've exhausted
> other funding options. To my knowledge we have only contacted 3 potential
> donors out of many! Frankly, I doubt we could even put together a
> successful kickstarter campaign at this point, given that we can't bother
> to write a few letters. If we care about funding, our immediate goal should
> be to finish the donation letter and start tailoring it to individual
> donors. (I have not focused on this either, mea culpa)

True, we should apply for more funding. And yes, a Kickstarter project
would involve a lot of work to put a good pitch together. However IMHO
it might be much more successful if we had something meaningful to give
donors.
> I realize the motivation for pay-for-opennet is also to improve security,
> but others have already raised enough concerns about that aspect.

I had hoped we could solve both problems. Of course that doesn't mean
providing perfect security, but it does mean improving the situation
dramatically.

Clearly we are not going to move forward on this since there is no
consensus in favour. So we should either:

1) Stick our heads in the sand and sing the glories of opennet, in spite
of clear evidence of it being irredeemably broken, or
2) Hope that more people use darknet.

We've been doing both for some time. Technical improvements to darknet
are long overdue but at best in the short run we will have a set of
darknet pockets joined together by opennet. Which means that users can
be traced to their darknet pocket, and will usually be small enough that
that is enough to identify them.



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Freenet Rebooted (without rewriting everything, pay for opennet)

[Dan Roberts]

I am strongly against this pay-for-opennet strategy until we've exhausted
other funding options. To my knowledge we have only contacted 3 potential
donors out of many! Frankly, I doubt we could even put together a
successful kickstarter campaign at this point, given that we can't bother
to write a few letters. If we care about funding, our immediate goal should
be to finish the donation letter and start tailoring it to individual
donors. (I have not focused on this either, mea culpa)

I realize the motivation for pay-for-opennet is also to improve security,
but others have already raised enough concerns about that aspect.

Cheers,
Dan
Am Montag, 30. November 2015, 15:29:25 schrieb Matthew Toseland:
> 3. Opennet is not secure unless users pay for introduction.

Even regular E-Mail providers, G+ and Facebook did not find a way to
get a significant number of users to pay — for a service which is
clearly essential for todays communication. Why do you think people
would pay for Freenet?

People pay for VPNs because VPNs promise them faster, anonymous
copyright infringement — I’ve seen the ads on torrent sites. The
Freenet Project cannot promise that without encouraging copyright
infringement — which we don’t.

And our communication sucks — with this thread a perfect example of
why it sucks. As much as I’m irked by the often toxic behavior of
niqnaq: this is something he’s right on. We have an existing
userbase. These users are our greatest asset. We might not like all of
them, but at the same time there are many awesome people using
Freenet. We’re neglecting them. We’re not doing the easy fixes.

Instead we’re saying “let’s make you pay to keep using Freenet”.

We need more people running Darknet, so why don’t we think of a way to
secure Opennet via Darknet? Darknet connections are the only thing at
which attackers don’t win trivially.

And it might turn out that for funding, this pull request is the most
important of them all: https://github.com/freenet/website/pull/28

Best wishes,
Arne
--
Celebrate with ye beauty and gather yer friends for a Pirate Party!
→ http://1w6.org/english/flyerbook-rules#pirate-party ←


___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Freenet Rebooted (without rewriting everything, pay for opennet)

[Matthew Toseland]

On 30/11/15 19:58, Matthew Toseland wrote:
> On 30/11/15 19:34, Arne Babenhauserheide wrote:
>> Am Montag, 30. November 2015, 15:29:25 schrieb Matthew Toseland:
>>> 3. Opennet is not secure unless users pay for introduction.
>> Even regular E-Mail providers, G+ and Facebook did not find a way to
>> get a significant number of users to pay — for a service which is
>> clearly essential for todays communication. Why do you think people
>> would pay for Freenet?
> They don't need them to. They harvest all their data and sell it to
> advertisers etc. If you're not paying for the product you are the
> product. If you are paying for the product we're probably selling your
> personal data anyway!

Also, a significant minority do pay for email still, e.g. Fastmail.



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Freenet Rebooted (without rewriting everything, pay for opennet)

[Matthew Toseland]

On 30/11/15 19:21, Florent Daigniere wrote:
> On Mon, 2015-11-30 at 15:50 +, Matthew Toseland wrote:
>> On 30/11/15 15:44, Florent Daigniere wrote:
>>> On Mon, 2015-11-30 at 15:29 +, Matthew Toseland wrote:
 Thoughts?
>>> This assumes that Sybil is the only attack against opennet... which
>>> is
>>> clearly misleading. Sybil is the obvious, cheap attack; the nastier
>>> ones are all those related to "open" topologies and protocols:
>>> partitioning attacks, correlation attacks, ... for which we don't
>>> have
>>> solutions either.
>>>
>>> Florent
>> You mean for denial of service? Or for identifying users?
>>
>> If we have scarcity then we can use ShadowWalker tunnels to prevent
>> identifying users (on arguably naive but quantified assumptions - it
>> works up to 20%), although granted there may be possibilities for
>> active
>> attacks. Direct DoS attacks against opennet announcement are also a
>> lot
>> easier to deal with.
> Yes, active attacks is what I'm talking about here; If you knock off
> parts of the network (or make them unreachable for your target) you're
> doing a partitioning attack... and tunnels don't help you (because even
> if you manage to detect it you won't accept hard-fail - the secure
> behaviour).

Not in every case. E.g. a seednode attempting to capture new announcees
is a classic partition attack, but it's fixable by using other seeds and
some consensus protocols etc. For which making identity generation
expensive is very useful.
> This is a problem that doesn't have any real-solution, just bad trade-
> offs. For the sake of giving an example: Bitcoin has the same problem.
>
> Florent
> PS: correlation attacks are way easier on a partitioned network for
> obvious reasons



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Freenet Rebooted (without rewriting everything, pay for opennet)

[Matthew Toseland]

On 30/11/15 19:34, Arne Babenhauserheide wrote:
> Am Montag, 30. November 2015, 15:29:25 schrieb Matthew Toseland:
>> 3. Opennet is not secure unless users pay for introduction.
> Even regular E-Mail providers, G+ and Facebook did not find a way to
> get a significant number of users to pay — for a service which is
> clearly essential for todays communication. Why do you think people
> would pay for Freenet?

They don't need them to. They harvest all their data and sell it to
advertisers etc. If you're not paying for the product you are the
product. If you are paying for the product we're probably selling your
personal data anyway!

In the first case, people contribute enormous sums to Kickstarter
projects. Many of them are very successful in fundraising. The
Kickstarter itself could raise significant funds - but only if we do it
right. In particular, you need Stuff to give to donors. IMHO such a
campaign would bring us significant publicity (a good thing in itself),
and would have some chance of succeeding in delivering significant funds
- probably a greater chance than if we just posted a pitch with some
vague goals and goodies that they can get anyway from our cafepress store.

In the second case, people don't pay for USING Freenet. They pay for the
rights to be part of the core opennet infrastructure. They pay to keep
spammers out and above all for fast performance.
> People pay for VPNs because VPNs promise them faster, anonymous
> copyright infringement — I’ve seen the ads on torrent sites. The
> Freenet Project cannot promise that without encouraging copyright
> infringement — which we don’t.
>
> And our communication sucks — with this thread a perfect example of
> why it sucks. As much as I’m irked by the often toxic behavior of
> niqnaq: this is something he’s right on. We have an existing
> userbase. These users are our greatest asset. We might not like all of
> them, but at the same time there are many awesome people using
> Freenet. We’re neglecting them. We’re not doing the easy fixes.

We don't have the resources. That's half of the problem. The other half
is that opennet is irredeemably broken and being actively exploited. We
can fix both problems simultaneously.
> Instead we’re saying “let’s make you pay to keep using Freenet”.
>
> We need more people running Darknet, so why don’t we think of a way to
> secure Opennet via Darknet? Darknet connections are the only thing at
> which attackers don’t win trivially.

Because 90% of the network at any given time has NO darknet connections,
and that's likely to remain the case for a long time. Which means we
can't use the social topology to secure anything.
> And it might turn out that for funding, this pull request is the most
> important of them all: https://github.com/freenet/website/pull/28

As I said, improving the website is important.

But getting some major publicity is important too. And even with that
it's doubtful that we can raise significant sums.
>
> Best wishes,
> Arne
> --
> Celebrate with ye beauty and gather yer friends for a Pirate Party!
> → http://1w6.org/english/flyerbook-rules#pirate-party ←



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Freenet Rebooted (without rewriting everything, pay for opennet)

[Matthew Toseland]

On 30/11/15 18:11, xor wrote:
> This mail is split in 2 parts:
> 1. A summary of part 2, which also includes stuff which is not in part 2.
> 2. A copy of a previous reply of mine to a similar proposal. Most of what's 
> said there applies to this as well.
>
>
> Part 1 follows:
>
> I think we shouldn't randomly change our strategy from what it was to 
> something which invalidates all its work by postponing to finish whats half-
> finished into the far future: You're proposing yet another half a decade of 
> rewriting parts of fred over and over again instead of finally giving people 
> new client apps, which was the goal of my work but isn't finished yet (sorry, 
> it is a complex task :|)... 

Client apps are important. If we can get funding for them then it'd be
great to have somebody working full time on them.

> Because let's be honest: If we now installed a fred of 7 years ago, it would 
> by default still ship the same core applications as today: I joined back then 
> to get the WoT-stuff finished to the point where we can enable it by default.
> So I think we spent more than enough years on only providing fred work.
> (Yes, it sucks that I still haven't finished WoT+Freetalk, and I'm ashamed of 
> that, but I've been a volunteer and thus had limited time to contribute for 5 
> of those years, and Freetalk+WoT are major projects. I think they're over 40 
> 000 lines of code already...)
And for much of that time you've been a paid developer and still made
limited progress. These things are hard. We need enough funding that we
can improve several different areas of Freenet simultaneously IMHO.
> This needs to change, and it won't change if we only acquire funding for 
> minor 
> fred features. We need new things such as forums, filesharing, social 
> networking, mail etc. bundled *and* enabled by default; not new minor fred 
> features.
>
> Yes, your features are major security enhancements, not minor ones. But to 
> the 
> users, a feature is something which "does" something for the user. Security 
> is 
> merely self-servicing, not serving the user. They wouldn't recognize it as a 
> major new feature.
I include the rest under item 7. I'm certainly not arguing that we
should only ask for money for improving Fred's security! I do think it
should be part of what we are looking for.

One advantage of my proposal is if it worked it would generate
sufficient funds to hire several developers for a year. I believe we
estimate $100K/year/dev including costs, so in fact it would be 10
person-years. IMHO that's the sort of scale that we should be aiming at.
I appreciate that for funding body applications we may need to start lower.
> Further, I think people will not pay for Opennet. We cannot call something 
> "Free"net if it costs money. We'd be ridiculed for that.
English sucks (libre vs gratis, free software versus free spyware
services). Most languages don't have this problem.

However, as I have repeatedly explained, people only need to pay if they
want to run a core opennet node. Non-core (possibly transient) opennet
nodes can run, and so can darknet nodes. And they will have better
security because they can tunnel through the core nodes.
> With regards to hardware development: We haven't even ported to Android yet, 
> which is > 1 billion devices. Before we re-invent the wheel by custom 
> embedded 
> hardware, we should maybe first port to the standard embedded hardware 
> everyone uses :) I would support doing that, but not as a mandatory goal of 
> fundraising please. It should be something we do if we get more money than we 
> need. It is a nice goal though: An operating system with 1/8 of all humans 
> using it is not something which can be ignored.
An operating system used exclusively on mobile devices which are
specifically designed to store everything in the cloud. P2P simply
doesn't work on mobile, because of battery life, even if we ignore all
the other problems (such as carriers blocking it).

There are good reasons to have some Freenet code on Android however. We
have an app for node reference exchange, and it would be a good idea to
extend it to interface to a fixed node. And porting to Android is
relatively easy because the non-GUI parts are very similar to Java.
> I'm thankful for your proposal, and I feel sorry for having to give this 
> strong criticism, but I fear it's necessary: We have only asked 3 entities 
> for 
> money (see the Wiki page [1]). Just because we have temporarily run out of 
> money because we *did not ask for money* doesn't mean we should randomly 
> throw 
> away parts of our work and do stuff which we wouldn't have considered a good 
> idea before. Before we have bothered to try to ask lets say 50, there is no 
> reason to change what we planned to develop anyway.

Funding agencies will only give us money if we have a track record. So
we will have to start small or get very lucky. And that limits the range
of bodies we can apply to. And so on. It's worth trying, b

Re: [freenet-dev] Freenet Rebooted (without rewriting everything, pay for opennet)

[Matthew Toseland]

On 30/11/15 19:17, Arne Babenhauserheide wrote:
> Am Montag, 30. November 2015, 15:55:13 schrieb Matthew Toseland:
>> Not if we jettison the slower opennet nodes, which is also part of the
>> proposal. A lot of our performance issues are actually because we target
>> an outdated lowest common denominator.
> Sadly this isn’t true: Most of our users have low bandwidth, as shown
> by the stats from Steve:
>
> http://127.0.0.1:/USK@pxtehd-TmfJwyNUAW2Clk4pwv7Nshyg21NNfXcqzFv4,LTjcTWqvsq3ju6pMGe9Cqb3scvQgECG81hRdgj5WO4s,AQACAAE/statistics/1048/plot_peer_count.png
>
> Best wishes,
> Arne
How much of this is due to default settings where it didn't manage to
autodetect via UPnP? How much to users not making informed choices?



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Freenet Rebooted (without rewriting everything, pay for opennet)

[Arne Babenhauserheide]

Am Montag, 30. November 2015, 15:29:25 schrieb Matthew Toseland:
> 3. Opennet is not secure unless users pay for introduction.

Even regular E-Mail providers, G+ and Facebook did not find a way to
get a significant number of users to pay — for a service which is
clearly essential for todays communication. Why do you think people
would pay for Freenet?

People pay for VPNs because VPNs promise them faster, anonymous
copyright infringement — I’ve seen the ads on torrent sites. The
Freenet Project cannot promise that without encouraging copyright
infringement — which we don’t.

And our communication sucks — with this thread a perfect example of
why it sucks. As much as I’m irked by the often toxic behavior of
niqnaq: this is something he’s right on. We have an existing
userbase. These users are our greatest asset. We might not like all of
them, but at the same time there are many awesome people using
Freenet. We’re neglecting them. We’re not doing the easy fixes.

Instead we’re saying “let’s make you pay to keep using Freenet”.

We need more people running Darknet, so why don’t we think of a way to
secure Opennet via Darknet? Darknet connections are the only thing at
which attackers don’t win trivially.

And it might turn out that for funding, this pull request is the most
important of them all: https://github.com/freenet/website/pull/28

Best wishes,
Arne
--
Celebrate with ye beauty and gather yer friends for a Pirate Party!
→ http://1w6.org/english/flyerbook-rules#pirate-party ←



signature.asc
Description: This is a digitally signed message part.
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Freenet Rebooted (without rewriting everything, pay for opennet)

[Florent Daigniere]

On Mon, 2015-11-30 at 20:20 +0100, Arne Babenhauserheide wrote:
> Am Montag, 30. November 2015, 17:09:29 schrieb Bert Massop:
> > > Please, please PLEASE don't murder me for suggesting this, but
> > > what if we
> > > used social media to bootstrap network connectivity?
> > 
> > How is that different from Darknet?
> 
> It isn’t, it just makes it easier to connect via Darknet. That’s why
> I
> think it’s a good idea.
> 

I think it's a good idea too. The question is whether users are ready
to say that they're using Freenet to their friends. Empirical evidence
has shown that they aren't (so far).

Florent
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Freenet Rebooted (without rewriting everything, pay for opennet)

[Florent Daigniere]

On Mon, 2015-11-30 at 15:50 +, Matthew Toseland wrote:
> On 30/11/15 15:44, Florent Daigniere wrote:
> > On Mon, 2015-11-30 at 15:29 +, Matthew Toseland wrote:
> > > Thoughts?
> > This assumes that Sybil is the only attack against opennet... which
> > is
> > clearly misleading. Sybil is the obvious, cheap attack; the nastier
> > ones are all those related to "open" topologies and protocols:
> > partitioning attacks, correlation attacks, ... for which we don't
> > have
> > solutions either.
> > 
> > Florent
> You mean for denial of service? Or for identifying users?
> 
> If we have scarcity then we can use ShadowWalker tunnels to prevent
> identifying users (on arguably naive but quantified assumptions - it
> works up to 20%), although granted there may be possibilities for
> active
> attacks. Direct DoS attacks against opennet announcement are also a
> lot
> easier to deal with.

Yes, active attacks is what I'm talking about here; If you knock off
parts of the network (or make them unreachable for your target) you're
doing a partitioning attack... and tunnels don't help you (because even
if you manage to detect it you won't accept hard-fail - the secure
behaviour).

This is a problem that doesn't have any real-solution, just bad trade-
offs. For the sake of giving an example: Bitcoin has the same problem.

Florent
PS: correlation attacks are way easier on a partitioned network for
obvious reasons
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Freenet Rebooted (without rewriting everything, pay for opennet)

[Arne Babenhauserheide]

Am Montag, 30. November 2015, 17:09:29 schrieb Bert Massop:
> > Please, please PLEASE don't murder me for suggesting this, but what if we
> > used social media to bootstrap network connectivity?
> 
> How is that different from Darknet?

It isn’t, it just makes it easier to connect via Darknet. That’s why I
think it’s a good idea.

Best wishes,
Arne


signature.asc
Description: This is a digitally signed message part.
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Freenet Rebooted (without rewriting everything, pay for opennet)

[Arne Babenhauserheide]

Am Montag, 30. November 2015, 15:55:13 schrieb Matthew Toseland:
> Not if we jettison the slower opennet nodes, which is also part of the
> proposal. A lot of our performance issues are actually because we target
> an outdated lowest common denominator.

Sadly this isn’t true: Most of our users have low bandwidth, as shown
by the stats from Steve:

http://127.0.0.1:/USK@pxtehd-TmfJwyNUAW2Clk4pwv7Nshyg21NNfXcqzFv4,LTjcTWqvsq3ju6pMGe9Cqb3scvQgECG81hRdgj5WO4s,AQACAAE/statistics/1048/plot_peer_count.png

Best wishes,
Arne

signature.asc
Description: This is a digitally signed message part.
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Freenet Rebooted (without rewriting everything, pay for opennet)

[xor]

This mail is split in 2 parts:
1. A summary of part 2, which also includes stuff which is not in part 2.
2. A copy of a previous reply of mine to a similar proposal. Most of what's 
said there applies to this as well.


Part 1 follows:

I think we shouldn't randomly change our strategy from what it was to 
something which invalidates all its work by postponing to finish whats half-
finished into the far future: You're proposing yet another half a decade of 
rewriting parts of fred over and over again instead of finally giving people 
new client apps, which was the goal of my work but isn't finished yet (sorry, 
it is a complex task :|)... 

Because let's be honest: If we now installed a fred of 7 years ago, it would 
by default still ship the same core applications as today: I joined back then 
to get the WoT-stuff finished to the point where we can enable it by default.
So I think we spent more than enough years on only providing fred work.
(Yes, it sucks that I still haven't finished WoT+Freetalk, and I'm ashamed of 
that, but I've been a volunteer and thus had limited time to contribute for 5 
of those years, and Freetalk+WoT are major projects. I think they're over 40 
000 lines of code already...)

This needs to change, and it won't change if we only acquire funding for minor 
fred features. We need new things such as forums, filesharing, social 
networking, mail etc. bundled *and* enabled by default; not new minor fred 
features.

Yes, your features are major security enhancements, not minor ones. But to the 
users, a feature is something which "does" something for the user. Security is 
merely self-servicing, not serving the user. They wouldn't recognize it as a 
major new feature.

Further, I think people will not pay for Opennet. We cannot call something 
"Free"net if it costs money. We'd be ridiculed for that.

With regards to hardware development: We haven't even ported to Android yet, 
which is > 1 billion devices. Before we re-invent the wheel by custom embedded 
hardware, we should maybe first port to the standard embedded hardware 
everyone uses :) I would support doing that, but not as a mandatory goal of 
fundraising please. It should be something we do if we get more money than we 
need. It is a nice goal though: An operating system with 1/8 of all humans 
using it is not something which can be ignored.


I'm thankful for your proposal, and I feel sorry for having to give this 
strong criticism, but I fear it's necessary: We have only asked 3 entities for 
money (see the Wiki page [1]). Just because we have temporarily run out of 
money because we *did not ask for money* doesn't mean we should randomly throw 
away parts of our work and do stuff which we wouldn't have considered a good 
idea before. Before we have bothered to try to ask lets say 50, there is no 
reason to change what we planned to develop anyway.

I'd like to close this summary with the conclusion of part 2:
> What would be two productive things to continue this discussion with:
> 
> 1) Let's gather a list of news sites which could publish our request for
> funding.
> 
> 2) Let's enhance the list of entities to ask for funds:
> https://wiki.freenetproject.org/Fundraising


Part 2 - my reply to Ian's similar proposal...

When reading it, please imagine that Ians proposal was replaced with yours:
> such as rebuilding FProxy using a modern JavaScript framework like
> Bootstrap/React and modernizing the installers

On Monday, November 16, 2015 07:54:08 PM xor wrote:
[...]
> On Monday, November 16, 2015 10:52:16 AM Ian Clarke wrote:
> > Perhaps we could explore a KickStarter - but that would only work if it is
> > to achieve something big and externally very visible (such as rebuilding
> > FProxy using a modern JavaScript framework like Bootstrap/React and
> > modernizing the installers).
> 
> I'm fine with KickStarter, and fine with it's requirement of setting
> specific goals.
> Albeit I would do KickStarter as a last resort: The requirement of specific
> goals is too much of a burden if volunteers are also involved. We don't know
> whether suddenly a volunteer appears and provides a whole new bunch of
> code. That code then might lack very small changes to be ready for
> deployment, so it might be good if I did the changes so we could get the
> code out. But that would violate the KickStarter promise of me only working
> on the specific KickStarter goals.
> Also, it is very difficult to judge complexity of software development, i.e.
> whether something will take 6 months or 2 years. I don't know whether
> KickStarter requires us to specify a date of delivery though.
> 
> So KickStarter is OK, but as a last resort.
> 
> However, I think the specific goals you suggested are problematic:
[...]
> But the goal I'm more opposed to is this:
> > rebuilding FProxy using a modern JavaScript framework like Bootstrap/React
> 
> What you suggest here would be a complete 180° turn of our previous
> strategy, and leave all the work towards

Re: [freenet-dev] Freenet Rebooted (without rewriting everything, pay for opennet)

[Matthew Toseland]

On 30/11/15 16:09, Bert Massop wrote:
> On Mon, Nov 30, 2015 at 5:08 PM, Michael Grube  
> wrote:
>> This is true of everything that money can buy. Which is everything, with
>>> the possible (and slightly dubious) exception of social capital /
>>> friends. A big global friend-to-friend darknet is a good long term
>>> solution but the problem is how to get to that point.
>> Please, please PLEASE don't murder me for suggesting this, but what if we
>> used social media to bootstrap network connectivity?
> How is that different from Darknet?
There's a lot we can do to make it easier to connect to your friends on
darknet and make darknet more efficient. Advertising your connectivity
on Facebook may be part of that, subject to the whims of massive
corporations we have no influence over. I believe somebody wrote an app
a long time ago. However as I've explained there are a lot of other
barriers, notably politics (will take time to change) and the need to
run a node with reasonable uptime. IMHO it is reasonable to assume that
a connected global darknet is some way off: Most of our users don't know
anyone else who uses Freenet, and certainly don't know the 5 or so
friends they'd need for acceptable performance/security (even with
friend-of-a-friend connections).



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Freenet Rebooted (without rewriting everything, pay for opennet)

[Michael Grube]

On Nov 30, 2015 11:09 AM, "Bert Massop"  wrote:
>
> On Mon, Nov 30, 2015 at 5:08 PM, Michael Grube 
wrote:
> > This is true of everything that money can buy. Which is everything, with
> >> the possible (and slightly dubious) exception of social capital /
> >> friends. A big global friend-to-friend darknet is a good long term
> >> solution but the problem is how to get to that point.
> >
> >
> > Please, please PLEASE don't murder me for suggesting this, but what if
we
> > used social media to bootstrap network connectivity?
>
> How is that different from Darknet?

I have no interest in hijacking the conversation. Spreading darknet
connections by creating social media applications to quickly and easily
exchange noderefs is the rough idea. If you want to discuss it further we
can create a new thread.
> ___
> Devl mailing list
> Devl@freenetproject.org
> https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Freenet Rebooted (without rewriting everything, pay for opennet)

[Bert Massop]

On Mon, Nov 30, 2015 at 5:08 PM, Michael Grube  wrote:
> This is true of everything that money can buy. Which is everything, with
>> the possible (and slightly dubious) exception of social capital /
>> friends. A big global friend-to-friend darknet is a good long term
>> solution but the problem is how to get to that point.
>
>
> Please, please PLEASE don't murder me for suggesting this, but what if we
> used social media to bootstrap network connectivity?

How is that different from Darknet?
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Freenet Rebooted (without rewriting everything, pay for opennet)

[Michael Grube]

This is true of everything that money can buy. Which is everything, with
> the possible (and slightly dubious) exception of social capital /
> friends. A big global friend-to-friend darknet is a good long term
> solution but the problem is how to get to that point.


Please, please PLEASE don't murder me for suggesting this, but what if we
used social media to bootstrap network connectivity?
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Freenet Rebooted (without rewriting everything, pay for opennet)

[Matthew Toseland]

On 30/11/15 15:54, Bert Massop wrote:
> On Mon, Nov 30, 2015 at 4:29 PM, Matthew Toseland  wrote:
>> The price paid to become part
>> of the network infrastructure is mainly a deterrent to large scale
>> attacks, rather than a means of raising revenue.
>>
>> Thoughts?
> I read this as "The price paid to become part of the network is mainly
> a deterrent to actual users, thinning the network until three-letter
> agencies with nine-figure budgets don't even need large-scale attacks
> to succeed."
I don't see why it would deter users. It might deter people from running
core nodes, but it might also help to get such users as I've tried to
explain, especially if it also improves performance and security and
gives us the funds to solve a lot of the remaining software problems.
> The problem lies in your assumptions:
>> 3. Opennet is not secure unless users pay for introduction.
> Money is easy for attackers (e.g. groups or organizations), and hard
> for individuals. I fail to see how Opennet would become safer with
> payments.
This is true of everything that money can buy. Which is everything, with
the possible (and slightly dubious) exception of social capital /
friends. A big global friend-to-friend darknet is a good long term
solution but the problem is how to get to that point. For the time
being, it is unlikely that one will grow organically - pockets of
darknet will hopefully grow organically, but it will take time for them
to get connected. Hence we need opennet for now, and we'd like it to
offer meaningful security. Even with tunnels, at a considerable cost in
development time and performance, the security provided is nowhere near
sufficient.

I'm simply trying to find a model that actually works and provides some
approximation of hope.
> That said, I'll be happy to fork the code and reinstate a free network
> (free as both libre and gratis) once tunnels are implemented.
> Insecure? Maybe. But still as secure as Opennet with payments, yet
> free.
No, it would be dramatically less secure than paid-for opennet, because
any attacker can cheaply add lots of opennet nodes. Which is exactly
what a contractor to the US police presumably does - this is not a
hypothetical attack any more.



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Freenet Rebooted (without rewriting everything, pay for opennet)

[Matthew Toseland]

On 30/11/15 15:55, Matthew Toseland wrote:
> On 30/11/15 15:48, Ian Clarke wrote:
>> On Mon, Nov 30, 2015 at 9:29 AM, Matthew Toseland  wrote:
>>> 3. Opennet is not secure unless users pay for introduction.
>> Who would they pay, and how would this be implemented in a decentralized
>> way?
> In the first instance they would pay *us* via a Kickstarter. In the long
> run there might be other options e.g. provable sacrifice of Bitcoins.
>> Given that we already have a shrinking userbase despite Freenet being free,
>> why do you think people will be willing to pay to use it?  Won't this
>> dramatically shrink our userbase to a tiny core of enthusiasts, which will
>> provide far less cover traffic and thus reduce security?
> No, because it won't happen unless we get at least 10,000 users/donors.
> Isn't there a "we won't charge you unless we raise the minimum" thing
> for Kickstarter?
>
> And people could still use Freenet in transient mode. In fact we might
> even allow an intermediate mode: Routes traffic but not tunnels and high
> priority traffic. 
Sorry, I mean high-HTL traffic here. To answer the rest of your
question, I believe a Kickstarter, some substantial software
improvements and publicity, and a substantial improvement in both
security and performance, could have significant benefits for our
userbase. Publicity always gets us new users. But please read the rest
of my previous response.
> But they wouldn't get good performance unless they
> become a core infrastructure opennet node.



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Freenet Rebooted (without rewriting everything, pay for opennet)

[Matthew Toseland]

On 30/11/15 15:48, Ian Clarke wrote:
> On Mon, Nov 30, 2015 at 9:29 AM, Matthew Toseland  wrote:
>> 3. Opennet is not secure unless users pay for introduction.
> Who would they pay, and how would this be implemented in a decentralized
> way?
In the first instance they would pay *us* via a Kickstarter. In the long
run there might be other options e.g. provable sacrifice of Bitcoins.
> Given that we already have a shrinking userbase despite Freenet being free,
> why do you think people will be willing to pay to use it?  Won't this
> dramatically shrink our userbase to a tiny core of enthusiasts, which will
> provide far less cover traffic and thus reduce security?
No, because it won't happen unless we get at least 10,000 users/donors.
Isn't there a "we won't charge you unless we raise the minimum" thing
for Kickstarter?

And people could still use Freenet in transient mode. In fact we might
even allow an intermediate mode: Routes traffic but not tunnels and high
priority traffic. But they wouldn't get good performance unless they
become a core infrastructure opennet node.
> Opennet tunnels via ShadowWalker.
>
> Isn't Freenet already extremely slow?  Wouldn't this just slow it down a
> lot further?
Not if we jettison the slower opennet nodes, which is also part of the
proposal. A lot of our performance issues are actually because we target
an outdated lowest common denominator.

IMHO tunnels would have a marginal effect on performance anyway, since
they'd only be 2 or 3 hops. With the exception of *really* popular
stuff, we generally find stuff in around 7 hops, so that's potentially a
30% performance loss, but we could get some of it back by tweaks to
things that aren't necessary once we have tunnels. But see above.
> Ian.



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Freenet Rebooted (without rewriting everything, pay for opennet)

[Bert Massop]

On Mon, Nov 30, 2015 at 4:29 PM, Matthew Toseland  wrote:
> The price paid to become part
> of the network infrastructure is mainly a deterrent to large scale
> attacks, rather than a means of raising revenue.
>
> Thoughts?

I read this as "The price paid to become part of the network is mainly
a deterrent to actual users, thinning the network until three-letter
agencies with nine-figure budgets don't even need large-scale attacks
to succeed."

The problem lies in your assumptions:

> 3. Opennet is not secure unless users pay for introduction.

Money is easy for attackers (e.g. groups or organizations), and hard
for individuals. I fail to see how Opennet would become safer with
payments.

That said, I'll be happy to fork the code and reinstate a free network
(free as both libre and gratis) once tunnels are implemented.
Insecure? Maybe. But still as secure as Opennet with payments, yet
free.

— Bert
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Freenet Rebooted (without rewriting everything, pay for opennet)

[Matthew Toseland]

On 30/11/15 15:44, Florent Daigniere wrote:
> On Mon, 2015-11-30 at 15:29 +, Matthew Toseland wrote:
>> We have several major problems:
>> 1. We need a major injection of cash.
>> 2. We will not have a big connected darknet any time soon.
>> 3. Opennet is not secure unless users pay for introduction.
>> 4. Opennet is slow because of lowest common denominator load.
>>
>> I propose: Freenet Rebooted.
>>
>> A Kickstarter, but based on extending the current code, not a full
>> rewrite. A lot of it actually works reasonably well.
>>
>> MAJOR CHANGES:
>> 1. Darknet enhancements, but we recognise that we will need a large,
>> fast opennet backbone to connect the darknet pockets for the time
>> being.
>> 2. You can only run a Full Opennet Node if you have an Opennet Invite
>> and meet bandwidth/performance requirements.
>> 3. Only Full Opennet Nodes route tunnels and/or high HTL traffic.
>> 4. There may be further restrictions for security reasons, if so we
>> will
>> ensure that an OI still gives performance benefits (even if you are
>> not
>> routing traffic).
>> 5. Opennet tunnels via ShadowWalker.
>> 6. Better seednodes.
>> 7. Most of the enhancements to other areas we've previously
>> discussed.
>> 8. Transient mode reintroduced, so opennet Freenet is still free as
>> in
>> beer, and secure with tunnels. Great for uploading on the run! But
>> transient nodes don't route traffic/tunnels and get lower
>> performance.
>> 9. Investigate hardware partners and home-server UI issues. Long term
>> we
>> need cheap, convenient hardware nodes, because we need uptime.
>>
>> Initially we aim to raise $1M. Anyone who donates $100 gets an
>> Opennet
>> Invite, so this is 10,000 users. Hardware nodes might be a good donor
>> perk too. In future we anticipate charging for OI's, but expect an
>> increasing proportion to be provably given to other worthwhile,
>> respected and relevant charities e.g. EFF: The price paid to become
>> part
>> of the network infrastructure is mainly a deterrent to large scale
>> attacks, rather than a means of raising revenue.
>>
>> Thoughts?
> This assumes that Sybil is the only attack against opennet... which is
> clearly misleading. Sybil is the obvious, cheap attack; the nastier
> ones are all those related to "open" topologies and protocols:
> partitioning attacks, correlation attacks, ... for which we don't have
> solutions either.
>
> Florent
You mean for denial of service? Or for identifying users?

If we have scarcity then we can use ShadowWalker tunnels to prevent
identifying users (on arguably naive but quantified assumptions - it
works up to 20%), although granted there may be possibilities for active
attacks. Direct DoS attacks against opennet announcement are also a lot
easier to deal with.



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Freenet Rebooted (without rewriting everything, pay for opennet)

[Ian Clarke]

On Mon, Nov 30, 2015 at 9:29 AM, Matthew Toseland  wrote:
>
> 3. Opennet is not secure unless users pay for introduction.
>

Who would they pay, and how would this be implemented in a decentralized
way?

Given that we already have a shrinking userbase despite Freenet being free,
why do you think people will be willing to pay to use it?  Won't this
dramatically shrink our userbase to a tiny core of enthusiasts, which will
provide far less cover traffic and thus reduce security?

Opennet tunnels via ShadowWalker.


Isn't Freenet already extremely slow?  Wouldn't this just slow it down a
lot further?

Ian.

-- 
Ian Clarke
Blog: http://blog.locut.us/
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Freenet Rebooted (without rewriting everything, pay for opennet)

[Florent Daigniere]

On Mon, 2015-11-30 at 15:29 +, Matthew Toseland wrote:
> We have several major problems:
> 1. We need a major injection of cash.
> 2. We will not have a big connected darknet any time soon.
> 3. Opennet is not secure unless users pay for introduction.
> 4. Opennet is slow because of lowest common denominator load.
> 
> I propose: Freenet Rebooted.
> 
> A Kickstarter, but based on extending the current code, not a full
> rewrite. A lot of it actually works reasonably well.
> 
> MAJOR CHANGES:
> 1. Darknet enhancements, but we recognise that we will need a large,
> fast opennet backbone to connect the darknet pockets for the time
> being.
> 2. You can only run a Full Opennet Node if you have an Opennet Invite
> and meet bandwidth/performance requirements.
> 3. Only Full Opennet Nodes route tunnels and/or high HTL traffic.
> 4. There may be further restrictions for security reasons, if so we
> will
> ensure that an OI still gives performance benefits (even if you are
> not
> routing traffic).
> 5. Opennet tunnels via ShadowWalker.
> 6. Better seednodes.
> 7. Most of the enhancements to other areas we've previously
> discussed.
> 8. Transient mode reintroduced, so opennet Freenet is still free as
> in
> beer, and secure with tunnels. Great for uploading on the run! But
> transient nodes don't route traffic/tunnels and get lower
> performance.
> 9. Investigate hardware partners and home-server UI issues. Long term
> we
> need cheap, convenient hardware nodes, because we need uptime.
> 
> Initially we aim to raise $1M. Anyone who donates $100 gets an
> Opennet
> Invite, so this is 10,000 users. Hardware nodes might be a good donor
> perk too. In future we anticipate charging for OI's, but expect an
> increasing proportion to be provably given to other worthwhile,
> respected and relevant charities e.g. EFF: The price paid to become
> part
> of the network infrastructure is mainly a deterrent to large scale
> attacks, rather than a means of raising revenue.
> 
> Thoughts?
> 

This assumes that Sybil is the only attack against opennet... which is
clearly misleading. Sybil is the obvious, cheap attack; the nastier
ones are all those related to "open" topologies and protocols:
partitioning attacks, correlation attacks, ... for which we don't have
solutions either.

Florent

signature.asc
Description: This is a digitally signed message part
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

[freenet-dev] Freenet Rebooted (without rewriting everything, pay for opennet)

[Matthew Toseland]

We have several major problems:
1. We need a major injection of cash.
2. We will not have a big connected darknet any time soon.
3. Opennet is not secure unless users pay for introduction.
4. Opennet is slow because of lowest common denominator load.

I propose: Freenet Rebooted.

A Kickstarter, but based on extending the current code, not a full
rewrite. A lot of it actually works reasonably well.

MAJOR CHANGES:
1. Darknet enhancements, but we recognise that we will need a large,
fast opennet backbone to connect the darknet pockets for the time being.
2. You can only run a Full Opennet Node if you have an Opennet Invite
and meet bandwidth/performance requirements.
3. Only Full Opennet Nodes route tunnels and/or high HTL traffic.
4. There may be further restrictions for security reasons, if so we will
ensure that an OI still gives performance benefits (even if you are not
routing traffic).
5. Opennet tunnels via ShadowWalker.
6. Better seednodes.
7. Most of the enhancements to other areas we've previously discussed.
8. Transient mode reintroduced, so opennet Freenet is still free as in
beer, and secure with tunnels. Great for uploading on the run! But
transient nodes don't route traffic/tunnels and get lower performance.
9. Investigate hardware partners and home-server UI issues. Long term we
need cheap, convenient hardware nodes, because we need uptime.

Initially we aim to raise $1M. Anyone who donates $100 gets an Opennet
Invite, so this is 10,000 users. Hardware nodes might be a good donor
perk too. In future we anticipate charging for OI's, but expect an
increasing proportion to be provably given to other worthwhile,
respected and relevant charities e.g. EFF: The price paid to become part
of the network infrastructure is mainly a deterrent to large scale
attacks, rather than a means of raising revenue.

Thoughts?

Obviously there is a risk of people running parallel networks for $99 or
whatever, or #freenet-refs style auto-darknet meshes. Some of them will
be scammers and we have a good web presence to start with; I don't think
we should worry about this.



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl