Re: [freenet-dev] Project Status

[Arne Babenhauserheide]

Am Samstag, 14. November 2015, 23:30:38 schrieb xor:
> On Saturday, November 14, 2015 10:37:54 PM Arne Babenhauserheide wrote:
> > And from what I saw in 15 minutes of googling, Ian might be liable for
> > negligency for agreeing to this.
> 
> Please provide a source for this; as I cannot imagine any way to come to this 
> conclusion.

As I said, 15 minutes of googling for “501(3) non-profit debt”.

> > That would mean that he would be personally liable for the debt of FPI.
> 
> I hereby proclaim officially that I won't ever request Ian to give me any of 
> his personal money to pay for stuff which I did bill FPI for, not him.

It isn’t relevant what you want, just what the law says. You might be
forced to request the funds if you ever need to request unemployment
support.

> > Given that we cannot predict donations this is something I would not do.
> 
> Well, if this would be too risky for you, maybe be happy that someone else 
> offers to risk his personal fate to do it?

I’s cool that you are willing to take the risk to work for donations
with the meager amount of money available. I could not do that, and
the same is true for many others.

> Sorry if I have to be that passive aggressive, but it is really frustrating 
> to 
> make such offers and only get offense back for them.

I did not reply until you complained in IRC that I did not reply. That
you cling to that option after being told several times to either get
another job or apply for funding. If you have funding to bridge a few
months, you can do so, but you need to keep in mind that this means
that you’ll be burning funds you won’t get back.

That’s what we volunteers do: I won’t ever get back the time I spend
working on Freenet, and the same is true for all others who invest
their personal time into improving Freenet. When there’s no money to
pay you, you can either work on Freenet on a volunteer basis or not
work on Freenet.

> I had expected people to for once step back from their flamewars and be happy 
> that some part of the project can continue to churn out code even if there's 
> no funding temporarily...
> The offense instead is killing me on the inside.

The one who’s aggressive is you. You expect to be paid in money which
does not exist. And you wrote that you do realize that your behavior
is aggressive.

> > Knowing that the first X
> > months of donations would go towards paying debt could also be a
> > pretty strong deterrent for potential donors.
> 
> If having very little money is in fact a deterrent for potential donors

That’s not what I said.

> I'll deal with contacting donors once it has been decided whether fred 1471 
> will be deployed any soon: It contains 6 months of my work which haven't been 
> deployed yet due to a lack of a fred release. It would be fair to give it to 
> people first before asking for more money.

If you want to be fair to people of whom you don’t even know whether
they expect that, keep in mind that you’re being fair on your own
savings.

> Another blocker why I didn't contact anyone yet is this:
> Before we put a news entry "we ran out of funds" on the website

This is not “applying for funding”. A call for donations is just one
possible way. The link I sent you is another way — one you should
definitely try ASAP. ASAP as in “you should have already done so a few
weeks ago when I told you in clear words to do it”.

> Of the 19 entries in the fundraising list, we only asked 3, and we only got 1 
> "no". That is nothing.
> And there are potentially *thousands* of donors to ask beyond that list: The 
> NSA scandal for sure has got a lot of people interested in a free Internet.

Someone needs to be doing this. You can’t expect volunteers to do all
that work and then start acting passive-aggressive if it does not work
out. Fundraising is real work.

> Let's please realize that Freenet has been constantly online for over a 
> decade 
> probably, we've got 100% uptime, and people are constantly churning out 
> discussion and code.
> The project is alive.
> No need to give up.

I did not see us giving up. All we did was tell you to face the
reality that no money means no money.

Best wishes,
Arne


signature.asc
Description: This is a digitally signed message part.
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Project Status

[Ian Clarke]

I'm going to talk to Xor tomorrow, but under no circumstances can Freenet
go into debt to anyone.  As of right now, FPI has $1168.32 in our bank
account, and $1515.77 in Paypal.  Xor should not do any work that would
exceed this combined amount.

Ian.

On Sat, Nov 14, 2015 at 3:37 PM, Arne Babenhauserheide 
wrote:

> Am Donnerstag, 15. Oktober 2015, 16:39:29 schrieb xor:
> > I offer to write my bills as fully interest-free debt, with no time
> limit for
> > payment whatsoever. "Pay as soon as there are enough donations".
>
> I did not answer before, because I did not consider it my place to
> answer. Today I learned that this was interpreted as agreement.
> It was not agreement.
>
> I do not think that Freenet Project Inc. can afford to go into debt.
>
> And from what I saw in 15 minutes of googling, Ian might be liable for
> negligency for agreeing to this. That would mean that he would be
> personally liable for the debt of FPI. Given that we cannot predict
> donations this is something I would not do. Knowing that the first X
> months of donations would go towards paying debt could also be a
> pretty strong deterrent for potential donors.
>
> Weeks ago I sent you a link to a funding agency which I deem most
> likely to be able to fund your work. They offer 30k for a year, which
> is roughly what you’re billing right now (as far as I know).
> I don’t have that link anymore, and no time right now to dig through
> the IRC history. If you don’t have it anymore, ask me for it on
> tuesday evening.
>
> I’d like to be friendly here, but in matters of “we are broke” and
> “will we promise stuff we don’t have?”, making friendly promises would
> be dishonest. And getting Ian in legal trouble is a no-go.
>
> Best wishes,
> Arne




-- 
Ian Clarke
Founder, The Freenet Project
Email: i...@freenetproject.org
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Project Status

[xor]

On Saturday, November 14, 2015 10:37:54 PM Arne Babenhauserheide wrote:
> I do not think that Freenet Project Inc. can afford to go into debt.

What is the non-affordable consequence of debt *without* interest and 
*without* any time limit for payment?
What can happen?

> And from what I saw in 15 minutes of googling, Ian might be liable for
> negligency for agreeing to this.

Please provide a source for this; as I cannot imagine any way to come to this 
conclusion.

> That would mean that he would be personally liable for the debt of FPI.

I hereby proclaim officially that I won't ever request Ian to give me any of 
his personal money to pay for stuff which I did bill FPI for, not him.

Why would I even want to do that? I'm completely aware that Freenet is funded 
by donations, not by Ian. Why would I ask Ian for money?

> Given that we cannot predict donations this is something I would not do.

Well, if this would be too risky for you, maybe be happy that someone else 
offers to risk his personal fate to do it?
Sorry if I have to be that passive aggressive, but it is really frustrating to 
make such offers and only get offense back for them.

I had expected people to for once step back from their flamewars and be happy 
that some part of the project can continue to churn out code even if there's 
no funding temporarily...
The offense instead is killing me on the inside.
Can't this project ever stop the toxic attitude?

> Knowing that the first X
> months of donations would go towards paying debt could also be a
> pretty strong deterrent for potential donors.

If having very little money is in fact a deterrent for potential donors as you 
just said, then having lots of money is an incentive.
So will people donate more money if we write on the website "we already have $ 
1 billion of funding, and we want more" ?

> Weeks ago I sent you a link to a funding agency which I deem most
> likely to be able to fund your work. They offer 30k for a year, which
> is roughly what you’re billing right now (as far as I know).
> I don’t have that link anymore, and no time right now to dig through
> the IRC history. If you don’t have it anymore, ask me for it on
> tuesday evening.

Yes, thanks again.
I had already added this to the list of potential donors I had written: 
https://wiki.freenetproject.org/index.php?title=Fundraising=2928=2912

I'll deal with contacting donors once it has been decided whether fred 1471 
will be deployed any soon: It contains 6 months of my work which haven't been 
deployed yet due to a lack of a fred release. It would be fair to give it to 
people first before asking for more money.

(Don't worry: If it would be too much of a hassle to get the fred release out 
soon, I will ask nevertheless. I still want to do this carefully.)

Another blocker why I didn't contact anyone yet is this:
Before we put a news entry "we ran out of funds" on the website, I plan to 
gather a Wiki article of news websites which this news of ours could be 
submitted to. This needs to be done *before* we put our news article on our 
website: We need to contact news sites ASAP then. They won't publish old 
stuff, old stuff is not *new*s. And knowing how things usually end up, it 
might suddenly take weeks for us to write a list of news sites to contact, and 
then the news is already old... So better write the list before we push the 
news.

> I’d like to be friendly here, but in matters of “we are broke” and
> “will we promise stuff we don’t have?”, making friendly promises would
> be dishonest.

I am perfectly fine with being promised money which doesn't exist yet:
I believe that Freenet will succeed, and we will get funding.
The possibly that it won't happen is my problem, you don't have to worry about 
that :)

Of the 19 entries in the fundraising list, we only asked 3, and we only got 1 
"no". That is nothing.
And there are potentially *thousands* of donors to ask beyond that list: The 
NSA scandal for sure has got a lot of people interested in a free Internet.

Is it really time to give up and shoo off our assets? Employees are assets. 
Yes, maybe I do suck. Who am I to judge myself?
But it does seem somewhat clear that years of hanging on the #freenet IRC 
channel at least gives some basic education I hope, and throwing away that 
education (by telling people to leave as soon as there are a few days without 
money even though they want to stay) sounds not like a good investment in the 
future.

Let's please realize that Freenet has been constantly online for over a decade 
probably, we've got 100% uptime, and people are constantly churning out 
discussion and code.
The project is alive.
No need to give up.


signature.asc
Description: This is a digitally signed message part.
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Project Status

[Arne Babenhauserheide]

Am Donnerstag, 15. Oktober 2015, 16:39:29 schrieb xor:
> I offer to write my bills as fully interest-free debt, with no time limit for 
> payment whatsoever. "Pay as soon as there are enough donations".

I did not answer before, because I did not consider it my place to
answer. Today I learned that this was interpreted as agreement.
It was not agreement.

I do not think that Freenet Project Inc. can afford to go into debt.

And from what I saw in 15 minutes of googling, Ian might be liable for
negligency for agreeing to this. That would mean that he would be
personally liable for the debt of FPI. Given that we cannot predict
donations this is something I would not do. Knowing that the first X
months of donations would go towards paying debt could also be a
pretty strong deterrent for potential donors.

Weeks ago I sent you a link to a funding agency which I deem most
likely to be able to fund your work. They offer 30k for a year, which
is roughly what you’re billing right now (as far as I know).
I don’t have that link anymore, and no time right now to dig through
the IRC history. If you don’t have it anymore, ask me for it on
tuesday evening.

I’d like to be friendly here, but in matters of “we are broke” and
“will we promise stuff we don’t have?”, making friendly promises would
be dishonest. And getting Ian in legal trouble is a no-go.

Best wishes,
Arne

signature.asc
Description: This is a digitally signed message part.
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Project Status

[Bob Ham]

On Mon, 2015-11-02 at 06:28 -0500, Steve Dougherty wrote:
> On 11/02/2015 06:26 AM, Steve Dougherty wrote:
> > On 11/02/2015 06:21 AM, Bob Ham wrote:
> >> On Mon, 2015-11-02 at 05:54 -0500, Steve Dougherty wrote:
> >>> one
> >>> may observe that we have not written up protocol documentation, making
> >>> that our current strategy.
> >>
> >> I'm not sure what you mean; what are you referring to with the word
> >> "that"?  What is your current strategy?
> > 
> > The current strategy is to not document things. I think calling it a
> > strategy is a stretch because a strategy requires coordination and
> > planning. No one has wanted to document the protocol, so it hasn't
> > gotten documented.
> 
> Er, that's poor phrasing. No one has wanted to document the protocol
> enough to document it themselves. I'm not being insightful here - it
> hasn't happened, so our "strategy" is to not do it.

You're right, that's not a strategy.

Regardless, I think there's some confusion here.  I'm not talking about
a strategy for creating a file containing information about the Freenet
protocol.  What I'm talking about a strategy for getting the protocol to
a point where it's worth other people implementing it and then writing
high quality documentation that allows them to do so, possibly even
publishing an RFC describing it.

It seems that nobody here believes that in five years' time Freenet
developers will be publishing an RFC.  Instead, people seem to be
focussed on updating the website, worrying about user interface niggles
and fretting over whether users can install new versions of Fred easily
enough.

I'm talking about a strategy for getting the project to a point where it
can actually have meaningful impact on the world.  There doesn't seem to
be any direction in the project.  There's some software and some kind of
community around it but there seems to be no vision of how to move
forward to a point where the project contributes to something wider.

What is the priority of the project, is it to ensure that as many
Windows users as possible have a little Freenet icon in their status
tray?  Or is it to play a role in creating a world where nobody really
uses Windows because they recognise how massive a threat it is to their
privacy and security?  At the moment the priority seems to be the former
and there seems to be no idea about how to approach the latter (a
"strategy").
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Project Status

[Steve Dougherty]

On 11/02/2015 08:02 AM, Bob Ham wrote:
> On Mon, 2015-11-02 at 06:28 -0500, Steve Dougherty wrote:
>> On 11/02/2015 06:26 AM, Steve Dougherty wrote:
>>> On 11/02/2015 06:21 AM, Bob Ham wrote:
 On Mon, 2015-11-02 at 05:54 -0500, Steve Dougherty wrote:
> one
> may observe that we have not written up protocol documentation, making
> that our current strategy.

 I'm not sure what you mean; what are you referring to with the word
 "that"?  What is your current strategy?
>>>
>>> The current strategy is to not document things. I think calling it a
>>> strategy is a stretch because a strategy requires coordination and
>>> planning. No one has wanted to document the protocol, so it hasn't
>>> gotten documented.
>>
>> Er, that's poor phrasing. No one has wanted to document the protocol
>> enough to document it themselves. I'm not being insightful here - it
>> hasn't happened, so our "strategy" is to not do it.
> 
> You're right, that's not a strategy.
> 
> Regardless, I think there's some confusion here.  I'm not talking about
> a strategy for creating a file containing information about the Freenet
> protocol.  What I'm talking about a strategy for getting the protocol to
> a point where it's worth other people implementing it and then writing
> high quality documentation that allows them to do so, possibly even
> publishing an RFC describing it.
> 
> It seems that nobody here believes that in five years' time Freenet
> developers will be publishing an RFC.  Instead, people seem to be
> focussed on updating the website, worrying about user interface niggles
> and fretting over whether users can install new versions of Fred easily
> enough.
> 
> I'm talking about a strategy for getting the project to a point where it
> can actually have meaningful impact on the world.  There doesn't seem to
> be any direction in the project.  There's some software and some kind of
> community around it but there seems to be no vision of how to move
> forward to a point where the project contributes to something wider.
> 
> What is the priority of the project, is it to ensure that as many
> Windows users as possible have a little Freenet icon in their status
> tray?  Or is it to play a role in creating a world where nobody really
> uses Windows because they recognise how massive a threat it is to their
> privacy and security?  At the moment the priority seems to be the former
> and there seems to be no idea about how to approach the latter (a
> "strategy").

I feel like you're belitting what work we do because we have not
performed it in accordance with an overarching strategy. While you are
correct that working toward a larger vision can be a very good thing,
I'm hurt by that. I do have ideas for workflows I'd like to see Freenet
support, and can go into them if you'd consider that enough to be a
strategy.

Do you have any suggestions to make?



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Project Status

[Bob Ham]

On Mon, 2015-11-02 at 08:15 -0500, Steve Dougherty wrote:

> I feel like you're belitting what work we do because we have not
> performed it in accordance with an overarching strategy.

I'm not trying to belittle anyone, I'm simply pointing out that there is
a problem in how the project is going about achieving its goals.  Or
not, as the case may be.

> I do have ideas for workflows I'd like to see Freenet
> support, and can go into them if you'd consider that enough to be a
> strategy.

*Facepalm*

Why are you concerned about what *I* consider to be a strategy?  Why
aren't you yourself concerned about making a plan for the project to
achieve its goals?

I wonder, is there an underlying problem that nobody cares enough?

> Do you have any suggestions to make?

Be extremely clear in what you want to achieve as a group and then set
out how you intend to achieve that.

At present there are some fairly specific but high-level goals outlined
on the website.  Unfortunately, there is no plan at all on how to
achieve those goals.

I can't suggest how you might go about determining what you want to
achieve and how to do it because I don't know how the group works
together.  That is, how it communicates or comes to a consensus.

Again I wonder, is there an underlying problem in that the group
*doesn't* work together?
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Project Status

[Matthew Toseland]

On 02/11/15 21:57, Bob Ham wrote:
> On Mon, 2015-11-02 at 08:15 -0500, Steve Dougherty wrote:
>
>> I feel like you're belitting what work we do because we have not
>> performed it in accordance with an overarching strategy.
> I'm not trying to belittle anyone, I'm simply pointing out that there is
> a problem in how the project is going about achieving its goals.  Or
> not, as the case may be.
>
>> I do have ideas for workflows I'd like to see Freenet
>> support, and can go into them if you'd consider that enough to be a
>> strategy.
> *Facepalm*
>
> Why are you concerned about what *I* consider to be a strategy?  Why
> aren't you yourself concerned about making a plan for the project to
> achieve its goals?
>
> I wonder, is there an underlying problem that nobody cares enough?
>
>> Do you have any suggestions to make?
> Be extremely clear in what you want to achieve as a group and then set
> out how you intend to achieve that.
>
> At present there are some fairly specific but high-level goals outlined
> on the website.  Unfortunately, there is no plan at all on how to
> achieve those goals.
>
> I can't suggest how you might go about determining what you want to
> achieve and how to do it because I don't know how the group works
> together.  That is, how it communicates or comes to a consensus.
>
> Again I wonder, is there an underlying problem in that the group
> *doesn't* work together?
Aren't all volunteer projects necessarily coalitions of people with
differing goals? I mean, how much front-most leadership and strategy is
actually possible?

Doesn't mean we shouldn't try. We have lots of disorganised masses of
goals, e.g. the bug tracker. Trying to organise them is a good thing...



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Project Status

[Bob Ham]

On Mon, 2015-11-02 at 22:16 +, Matthew Toseland wrote:

> Aren't all volunteer projects necessarily coalitions of people with
> differing goals?

No, many volunteer projects are coalitions of people with the same
goals.

> I mean, how much front-most leadership and strategy is
> actually possible?

Why not try it and find out?
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Project Status

[Steve Dougherty]

On 11/01/2015 09:47 AM, Bob Ham wrote:
> On Sun, 2015-11-01 at 12:07 +0100, Arne Babenhauserheide wrote:
>> On Saturday, 31. October 2015 16:27:42 Bob Ham wrote:
...
>> 4. incorrect assumption: There is no clear strategy about the
>>documentation of the protocol.
>>
>> The current clear strategy includes
> 
> Are you saying there is now a strategy for publishing documentation on
> the protocol?  Has the situation changed since I asked on IRC and found
> an absence of such a strategy?  If the situation has changed, can you
> provide me with a reference to the strategy?

The strategy is not written up and adopted formally. It's more that one
may observe that we have not written up protocol documentation, making
that our current strategy.



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Project Status

[Steve Dougherty]

On 11/02/2015 06:26 AM, Steve Dougherty wrote:
> On 11/02/2015 06:21 AM, Bob Ham wrote:
>> On Mon, 2015-11-02 at 05:54 -0500, Steve Dougherty wrote:
>>> one
>>> may observe that we have not written up protocol documentation, making
>>> that our current strategy.
>>
>> I'm not sure what you mean; what are you referring to with the word
>> "that"?  What is your current strategy?
> 
> The current strategy is to not document things. I think calling it a
> strategy is a stretch because a strategy requires coordination and
> planning. No one has wanted to document the protocol, so it hasn't
> gotten documented.

Er, that's poor phrasing. No one has wanted to document the protocol
enough to document it themselves. I'm not being insightful here - it
hasn't happened, so our "strategy" is to not do it.



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Project Status

[Bob Ham]

On Mon, 2015-11-02 at 05:54 -0500, Steve Dougherty wrote:
> one
> may observe that we have not written up protocol documentation, making
> that our current strategy.

I'm not sure what you mean; what are you referring to with the word
"that"?  What is your current strategy?
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Project Status

[Steve Dougherty]

On 11/02/2015 06:21 AM, Bob Ham wrote:
> On Mon, 2015-11-02 at 05:54 -0500, Steve Dougherty wrote:
>> one
>> may observe that we have not written up protocol documentation, making
>> that our current strategy.
> 
> I'm not sure what you mean; what are you referring to with the word
> "that"?  What is your current strategy?

The current strategy is to not document things. I think calling it a
strategy is a stretch because a strategy requires coordination and
planning. No one has wanted to document the protocol, so it hasn't
gotten documented.



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Project Status (was: Re: High Speed Links)

[Bob Ham]

On Sun, 2015-11-01 at 12:07 +0100, Arne Babenhauserheide wrote:
> On Saturday, 31. October 2015 16:27:42 Bob Ham wrote:
> > 15:47 < pintu> there is no clear strategy on how to get from here to a 
> > robust, published protocol enabling censorship resistant publishing
> 
> Your wording carries invalid assumptions and contradicting goals.
> 
> 1. invalid assumption: a published protocol is required to enable
>censorship resistant publishing.
> 
> This is incorrect, because Freenet already enables censorship
> resistant publishing.

I think we're considering "censorship resistant publishing" differently.
You seem to be referring to a state where there exists some technology
which it's possible for some to use for the purpose of censorship
resistant publishing.

I'm referring to a state where censorship resistant publishing is
widespread or even the norm for the majority of Internet users.  In my
sense, published protocols are definitely required.  You can't engineer
systems like the Internet without properly published technical
information and multiple implementations of protocols.

Freenet may provide some relevant technology but the project is not
progressing toward publishing a protocol and moreover, from what I
understand there is no strategy on how it will get to the point of
publishing a protocol.


> 2. invalid assumption and contradicting goal: publishing a protocol
>makes it more robust.

I disagree, that assumption is not implied by my wording.  A protocol
can be published and be weak.  My wording has not implied otherwise.

My wording does assume that robustness of the protocol is a goal of the
project.


> 3. incorrect assumption: Freenet is not robust.

Again, I disagree; that assumption is not implied by my wording.



> 4. incorrect assumption: There is no clear strategy about the
>documentation of the protocol.
> 
> The current clear strategy includes

Are you saying there is now a strategy for publishing documentation on
the protocol?  Has the situation changed since I asked on IRC and found
an absence of such a strategy?  If the situation has changed, can you
provide me with a reference to the strategy?
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Project Status

[Bob Ham]

On Sat, 2015-10-14 at 20:22 +0100, Ian Clarke wrote:
> I think it's time for us all to take a step back and have a serious
> conversation about where we are, and where we are going.

I (as pintu) asked this question on IRC a little while back, I think
it's worth sharing that log.  Here is an executive summary:

15:46 < pintu> there is no underlying strategy
15:46 < pintu> there is some software that works-ish
15:46 < pintu> and some people making changes to it
15:47 < pintu> there is no clear strategy on how to get from here to a robust, 
published protocol enabling censorship resistant publishing
15:47 < pintu> right?
15:47 < TheSeeker> and until something better comes along, Freenet is still the 
best option that exists.


Here is the abridged log with activity outside the conversation omitted:

--- Log opened Thu May 08 13:58:12 2014
13:58 -!- pintu [n...@50-197-126-28-static.hfc.comcastbusiness.net] has joined 
#freenet
13:58 -!- Irssi: #freenet: Total of 74 nicks [8 ops, 0 halfops, 0 voices, 66 
normal]
13:58 -!- Irssi: Join to #freenet was synced in 1 secs
14:08 < pintu> https://wiki.freenetproject.org/Roadmap/0.8
14:08 < pintu> "This page was last modified on 23 July 2011"
14:09 < pintu> where is freenet going?
14:09 < niqnaq> abandonware
14:15 < pintu> niqnaq: are you serious?
14:15 < pintu> "Our current balance is $35023.31."
14:15 < pintu> (30th March 2014) Freenet 0.7.5 build 1461 released
14:15 < pintu> seems to not be going towards abandonware
14:16 < TheSeeker> things will hopefully pick up this summer.
14:18 < pintu> what protocol does freenet use?
14:29 < TheSeeker> the freenet protocol?
14:30 < greycat> Last I heard (which may be very out of date), the node-to-node 
protocol runs over UDP.
14:42 < ArneBab> pintu: we’re currently working on the plugins and applications.
14:59 < pintu> greycat: what is "the node-to-node protocol"?  where is it 
documented?
15:00 < greycat> https://wiki.freenetproject.org/Node_protocol
15:01 < pintu> that's it?
15:01 < pintu> tha's not documentation, that's just some labels
15:01 < greycat> That's all I know of at the moment.  I'm not up to date on 
this.
15:01 <@operhiem1> I'm not aware of protocol documentation either, but I 
haven't worked on it.
15:01 < pintu> I don't understand
15:02 <@operhiem1> Ultimately I fear the best documentation we have to offer on 
that is its implementation.
15:02 < pintu> how can freenet grow if the protocol isn't documented?
15:02 < pintu> right
15:02 < pintu> I see now
15:02 < pintu> 14:09 < niqnaq> abandonware
15:02 <@operhiem1> It hasn't been growing much.
15:02 < pintu> right
15:02 <@operhiem1> pintu: Doesn't that seem at least a little impolite?
15:03 <@operhiem1> Abandonware means no one is working on it. People are 
working on it.
15:03 < TheSeeker> The protocol isn't documented because it's still alpha and 
they don't want alternative implementations screwign things up and making 
things impossible to debug ...
15:03 < pintu> operhiem1: I'm not sure what you think is impolite
15:03 <@operhiem1> pintu: Maybe I'm misreading your tone. Never mind.
15:04 < pintu> regardless, the fact that the protocol isn't documented means 
that the ecosystem around freenet can only stagnate
15:04 <@operhiem1> TheSeeker: My fear with an alternative implementation is 
that there wouldn't be enough momentum behind it to reach feature parity with 
the existing one.
15:04 < TheSeeker> niqnaq was the one saying freenet is abandonware ...
15:04 <@operhiem1> pintu: That may indeed be true.
15:04 < pintu> hence, I see now why niqnaq said that the place freenet is going 
is abandonware
15:04 <@operhiem1> pintu: How does one document a protocol?
15:05 < TheSeeker> RFC?
15:05 < pintu> operhiem1: see these for many examples: 
http://www.ietf.org/rfc.html
15:05 < pintu> I don't understand
15:05 < TheSeeker> problem is that the protocol is subject to radical change at 
any time.
15:06 <@operhiem1> Documenting a specific negtype should be fine though.
15:07 < pintu> TheSeeker: how can people have set up an auto-update 
infrastructure for a production network.. and yet consider the protocol to be 
alpha?
15:07 < TheSeeker> do negtypes dictate the message formatting?  or just the 
crypto setup?
15:07 <@operhiem1> That said I'm not sure what direct benefit I see from 
documentation. Maybe I just lack vision here but I lean towards shorter-term 
stuff with direct tangible results.
15:07 < pintu> it was alpha when it was being simulated
15:07 <@operhiem1> Nevertheless I will add it to my list of stuff to get to.
15:07 < pintu> then it was beta
15:07 < pintu> now it's a production system
15:07 < TheSeeker> because freenet clearly doesn't work yet, and is FAR from 
feature complete?
15:08 <@operhiem1> ^
15:08 < pintu> you don't have over-the-wire auto-updates in an alpha system
15:08 <@operhiem1> This one does.
15:08 < TheSeeker> beta is feature complete, production is stable and able to 
be used to make money woth :P
15:08 <@nextgens> it's been a choice

Re: [freenet-dev] Project Status

[Arne Babenhauserheide]

Am Samstag, 24. Oktober 2015, 16:11:39 schrieb Matthew Toseland:
> On 24/10/15 09:28, Arne Babenhauserheide wrote:
> > Am Freitag, 23. Oktober 2015, 16:47:47 schrieb Steve Dougherty:
> >> I'm not proposing that we bundle Tor, that this replace the existing UDP
> >> transport, nor that it become a typical mode of operation. I'm pointing out
> >> a possible use of a TCP transport plugin. I'm also not suggesting we do a
> >> whole bunch of Tor-specific discovery/routing work like Matthew mentioned.
> >> The initial use case is limited to darknet connections between hidden
> >> services.
> > Also keep in mind that this would just be a specific application of a
> > general feature which hides darknet connections. The most
> > time-consuming part of it would be finishing and merging transport
> > plugins.
> That's a huge project and a long way off. Chetan's changes are huge, and
> there's much work still to be done. It's popular on Uservoice, but even
> so, it's not the best use of limited time and funds IMHO.

From the experience of watching development in the past years, I do
not expect using the Tor plugins to be less work.

Back then, Chetan already had an example UDP plugin which replicated
what Freenet already did (but I did not get that to run).

> And it's not even clear to me that it's the right approach; arguably
> real-time network-visible crypto should not be in Java since we can't do
> constant time, can't pin pages in memory etc. And Tor transports are
> external. So arguably we should have an external C daemon for crypto and
> transport layer.

That would mean we would not have a plan B if the tor transports would
prove to fail.

> > And there are already people routing darknet connections over CJDNS.
> I guess I'm not totally opposed; there are use cases for darknet
> connections tunneled over other networks. You might know somebody as a
> pseudonymous identity via e.g. hidden forums.
> 
> But it shouldn't be a priority. Certainly not before we've improved
> darknet considerably.

I won’t argue priorities here. That did not help anything when we did
it before. More exactly: I won’t talk priorities about things where I
cannot affect what is done in the end.

Best wishes,
Arne


signature.asc
Description: This is a digitally signed message part.
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Project Status

[salutarydiacritical23]

@Steve

Very reasonable and I agree.

The GSoC Transport work gives people the option of using Tor without any 
changes to the Freenet protocol.


@xor

You don't need to write a new Firefox plugin to do what you proposed. 
The FoxyProxy addon can redirect browser requests to proxies based on 
URL patterns. Optionally there's color indicators for every proxy so 
users know what they are visiting.


Ask the Tor browser team to carry the addon upstream and include a 
configuration file.



On 2015-10-23 18:47, Steve Dougherty wrote:
I'm not proposing that we bundle Tor, that this replace the existing 
UDP
transport, nor that it become a typical mode of operation. I'm pointing 
out
a possible use of a TCP transport plugin. I'm also not suggesting we do 
a
whole bunch of Tor-specific discovery/routing work like Matthew 
mentioned.

The initial use case is limited to darknet connections between hidden
services.

On Fri, Oct 23, 2015, 10:39 AM Ian  wrote:

On Thu, Oct 22, 2015 at 10:16 PM, Steve Dougherty 


wrote:
>
> While it's true that we can't exactly "leave the anonymity to Tor," I do
> think we could be able to make use of Tor. If we can get a TCP transport
> plugin working people can set up a node as a hidden service and reduce
> the visibility of running a node.


If we were getting a lot of complaints about Freenet being too fast, 
too
easy to install, too easy to use, or not bloated enough, then bundling 
Tor

would be a great way to solve all of these complaints.

Otherwise, it still seems like a really awful idea.

Ian.
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Project Status

[Matthew Toseland]

On 24/10/15 09:28, Arne Babenhauserheide wrote:
> Am Freitag, 23. Oktober 2015, 16:47:47 schrieb Steve Dougherty:
>> I'm not proposing that we bundle Tor, that this replace the existing UDP
>> transport, nor that it become a typical mode of operation. I'm pointing out
>> a possible use of a TCP transport plugin. I'm also not suggesting we do a
>> whole bunch of Tor-specific discovery/routing work like Matthew mentioned.
>> The initial use case is limited to darknet connections between hidden
>> services.
> Also keep in mind that this would just be a specific application of a
> general feature which hides darknet connections. The most
> time-consuming part of it would be finishing and merging transport
> plugins.
That's a huge project and a long way off. Chetan's changes are huge, and
there's much work still to be done. It's popular on Uservoice, but even
so, it's not the best use of limited time and funds IMHO.

And it's not even clear to me that it's the right approach; arguably
real-time network-visible crypto should not be in Java since we can't do
constant time, can't pin pages in memory etc. And Tor transports are
external. So arguably we should have an external C daemon for crypto and
transport layer.
> And there are already people routing darknet connections over CJDNS.
I guess I'm not totally opposed; there are use cases for darknet
connections tunneled over other networks. You might know somebody as a
pseudonymous identity via e.g. hidden forums.

But it shouldn't be a priority. Certainly not before we've improved
darknet considerably.
> Best wishes,
> Arne



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Project Status

[salutarydiacritical23]

Tor is designing their transport framework with the idea that other 
networks might be interested in them.


A month back they asked other network devs what they would like to see 
in the framework because they are going to rewrite and improve it. Guys 
from I2P gave feedback and you might want to.


On 2015-10-24 17:11, Matthew Toseland wrote:

On 24/10/15 09:28, Arne Babenhauserheide wrote:

Am Freitag, 23. Oktober 2015, 16:47:47 schrieb Steve Dougherty:
I'm not proposing that we bundle Tor, that this replace the existing 
UDP
transport, nor that it become a typical mode of operation. I'm 
pointing out
a possible use of a TCP transport plugin. I'm also not suggesting we 
do a
whole bunch of Tor-specific discovery/routing work like Matthew 
mentioned.

The initial use case is limited to darknet connections between hidden
services.

Also keep in mind that this would just be a specific application of a
general feature which hides darknet connections. The most
time-consuming part of it would be finishing and merging transport
plugins.
That's a huge project and a long way off. Chetan's changes are huge, 
and

there's much work still to be done. It's popular on Uservoice, but even
so, it's not the best use of limited time and funds IMHO.

And it's not even clear to me that it's the right approach; arguably
real-time network-visible crypto should not be in Java since we can't 
do

constant time, can't pin pages in memory etc. And Tor transports are
external. So arguably we should have an external C daemon for crypto 
and

transport layer.

And there are already people routing darknet connections over CJDNS.

I guess I'm not totally opposed; there are use cases for darknet
connections tunneled over other networks. You might know somebody as a
pseudonymous identity via e.g. hidden forums.

But it shouldn't be a priority. Certainly not before we've improved
darknet considerably.

Best wishes,
Arne



___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Project Status

[Arne Babenhauserheide]

Am Freitag, 23. Oktober 2015, 16:47:47 schrieb Steve Dougherty:
> I'm not proposing that we bundle Tor, that this replace the existing UDP
> transport, nor that it become a typical mode of operation. I'm pointing out
> a possible use of a TCP transport plugin. I'm also not suggesting we do a
> whole bunch of Tor-specific discovery/routing work like Matthew mentioned.
> The initial use case is limited to darknet connections between hidden
> services.

Also keep in mind that this would just be a specific application of a
general feature which hides darknet connections. The most
time-consuming part of it would be finishing and merging transport
plugins.

And there are already people routing darknet connections over CJDNS.

Best wishes,
Arne
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Project Status

[Steve Dougherty]

I'm not proposing that we bundle Tor, that this replace the existing UDP
transport, nor that it become a typical mode of operation. I'm pointing out
a possible use of a TCP transport plugin. I'm also not suggesting we do a
whole bunch of Tor-specific discovery/routing work like Matthew mentioned.
The initial use case is limited to darknet connections between hidden
services.

On Fri, Oct 23, 2015, 10:39 AM Ian  wrote:

> On Thu, Oct 22, 2015 at 10:16 PM, Steve Dougherty 
> wrote:
> >
> > While it's true that we can't exactly "leave the anonymity to Tor," I do
> > think we could be able to make use of Tor. If we can get a TCP transport
> > plugin working people can set up a node as a hidden service and reduce
> > the visibility of running a node.
>
>
> If we were getting a lot of complaints about Freenet being too fast, too
> easy to install, too easy to use, or not bloated enough, then bundling Tor
> would be a great way to solve all of these complaints.
>
> Otherwise, it still seems like a really awful idea.
>
> Ian.
> ___
> Devl mailing list
> Devl@freenetproject.org
> https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Project Status

[Matthew Toseland]

On 23/10/15 04:16, Steve Dougherty wrote:
> On 10/16/2015 11:13 AM, Ian wrote:
>> On Thu, Oct 15, 2015 at 6:38 PM, 
>> wrote:
> ...
>>> I'm questioning if the overhead of designing and maintaining yet another
>>> anonymity protocol makes sense given Freenet's current situation. You can
>>> concentrate on polishing Freenet UX and storage algorithms instead and
>>> leave the anonymity to Tor.
>> As I already said in my previous email, that is nonsense.  Freenet's
>> "anonymity" is at the core of what Freenet is.  You can't just "unplug" the
>> anonymity and plug Tor in in it's place.  It doesn't work like that.
> While it's true that we can't exactly "leave the anonymity to Tor," I do
> think we could be able to make use of Tor. If we can get a TCP transport
> plugin working people can set up a node as a hidden service and reduce
> the visibility of running a node.
Maybe but given the performance implications for opennet we should
probably keep connections over Tor separate from ordinary connections.

Using it for the first hop has several complications:
1. Moral hazard: We need to do some serious work on darknet usability
first / at the same time.
2. Bandwidth: Are Tor happy with it?
3. Performance impact on opennet routing: Torified nodes will normally
be slower, so may have difficulty maintaining connections.
3. Discovery: How do we find nodes? They probably won't be returned via
path folding? Do we want to forward ordinary requests to them
occasionally even though they are too slow to stay in the main routing
table?
4. Do we need a completely separate node, with a separate identity,
location, peers and datastore, for the Tor side? Then it won't have any
ordinary opennet connections! How do we get from one to the other?

Hence we probably want to see Torified opennet nodes as a first-hop
hidden service, accepting requests and inserts but not forwarding them
to its anonymous clients. We'd likely need to roll our own discovery
protocol, and it would be distinct from ordinary routing and path
folding. Although conceivably we could ask Tor to add support for
advertising relaying to Freenet from their directory of exit nodes...

Conclusion? Far from easy, costs performance, and making darknet easy
may be a better way to improve security. Although both darknet and Tor
can be blocked.



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Project Status

[Ian]

On Thu, Oct 22, 2015 at 10:16 PM, Steve Dougherty 
wrote:
>
> While it's true that we can't exactly "leave the anonymity to Tor," I do
> think we could be able to make use of Tor. If we can get a TCP transport
> plugin working people can set up a node as a hidden service and reduce
> the visibility of running a node.


If we were getting a lot of complaints about Freenet being too fast, too
easy to install, too easy to use, or not bloated enough, then bundling Tor
would be a great way to solve all of these complaints.

Otherwise, it still seems like a really awful idea.

Ian.
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Project Status

[Steve Dougherty]

On 10/16/2015 11:13 AM, Ian wrote:
> On Thu, Oct 15, 2015 at 6:38 PM, 
> wrote:
...
>> I'm questioning if the overhead of designing and maintaining yet another
>> anonymity protocol makes sense given Freenet's current situation. You can
>> concentrate on polishing Freenet UX and storage algorithms instead and
>> leave the anonymity to Tor.
> 
> 
> As I already said in my previous email, that is nonsense.  Freenet's
> "anonymity" is at the core of what Freenet is.  You can't just "unplug" the
> anonymity and plug Tor in in it's place.  It doesn't work like that.

While it's true that we can't exactly "leave the anonymity to Tor," I do
think we could be able to make use of Tor. If we can get a TCP transport
plugin working people can set up a node as a hidden service and reduce
the visibility of running a node.



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Project Status

[Arne Babenhauserheide]

Am Freitag, 16. Oktober 2015, 14:57:52 schrieb charles:
> If Kickstarter doesn't allow open source projects, then I don't
> understand how Krita has run several successful campaigns through
> them.[1][2][3] They do sell pro versions, but they are not targeted in
> the kickstarters or even really mentioned at all.
> 

Also Indiegogo allows Free Software projects, so there’s no problem here.

Best wishes,
Arne


signature.asc
Description: This is a digitally signed message part.
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Project Status

[Florent Daigniere]

On Sat, 2015-10-17 at 11:56 +0200, Arne Babenhauserheide wrote:
> > Do we have the resources to fight it? Is it a good use of our
> (limited)
> > resources/time?
> 
> Here’s an example of my reason for supporting opennet: A good friend
> who uses Freenet specifically to communicate with me (in a way where
> I
> can write freely) told me a few weeks ago “I now activated »connect
> to
> strangers« and now Freenet works well”.

Freenet not working so well in pure-darknet mode is due to several
factors, one of which is that there are hybrid nodes. If most nodes had
the same peer count as the average darknet node there wouldn't be a
huge performance gap like there is now. Remove hybrid node support and
you'll see that the performance gap narrows. More connected peers
doesn't mean "faster", especially on a network of the size we currently
have.

What are the other reasons?

Florent

signature.asc
Description: This is a digitally signed message part
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Project Status

[Arne Babenhauserheide]

Am Samstag, 17. Oktober 2015, 02:33:00 schrieb 
salutarydiacritica...@ruggedinbox.com:
> How did Freenet solve this? If a bad node can connect to you on Opennet, 
> they can do traffic analysis on your requests. With no guard nodes an 
> attacker can connect to everyone in short time. You can add node pinning 
> and tunnels but that's a lot of work.

The first answer to that is “via darknet”.

The second is: Freenet does not need interactive connections to
external data. In tor you get all packages for a connection from a
single source. In Freenet the request goes to dozens to hundreds of
machines who all only serve a tiny part of the file. The very concept
of Tor — interactive access to the regular web — prevents them from
doing anything which provides real anonymity.

Adding padding might improve that a bit, but it won’t solve the
problem — even though Tor operates at a massive scale compared to
Freenet, so it’s vastly easier to “hide in the forest”.

The difference is architectural: Tor provides communication channels
and might implement a storage layer on top. Freenet provides a storage
layer and implements communication on top.

This architectural difference allows Freenet to provide much higher
security than tor (on Opennet in theory, and practically on Darknet),
and it prevents us from ever providing sub-second round-trip-times.

Best wishes,
Arne

PS: Sorry for the rather harsh tone of this mail. I’m a bit aggravated
by Matthews doomsaying and didn’t yet manage to shed that feeling.

--
singing a part of the history of free software: 

- http://infinite-hands.draketo.de



signature.asc
Description: This is a digitally signed message part.
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Project Status

[Arne Babenhauserheide]

Am Samstag, 17. Oktober 2015, 11:29:31 schrieb Florent Daigniere:
> On Fri, 2015-10-16 at 19:37 +0200, Arne Babenhauserheide wrote:
> > Am Freitag, 16. Oktober 2015, 12:09:09 schrieb Florent Daigniere:
> > > I don't know how to make any
> > > form of opennet securely work for them. Do you?
> > 
> > For all of my knowledge, Opennet always was only about getting
> > users. Making it easy to have a somewhat usable Freenet from the
> > start. Because no matter how cool the tool, if no one uses it,
> > publishing over it is useless, because what you publish reaches no
> > one.
> > 
> > If a chinese dissident wants to reach foreign people, Freenet has to
> > be usable for both.
> 
> I don't see how that's different from what I wrote. I guess we have
> different definitions for "usable".

I  don’t  think  we  actually  disagree  on  anything  important.  The
differences are just in the nuances — and the general approach.

> opennet -> open topology -> trivial to censor
> opennet -> some form of centralisation -> trivial to DoS
> 
> Look at what happened to "alternative" technologies like Tor; they're
> like opennet, in a constant arms-race:
> 
> topology is in the concensus -> blocked
> introduction of bridges -> enumeration of bridges
> introduction of bridge-buckets -> improvement of the enumeration
> techniques
> transport plugins -> ...
> 
> Do we have the resources to fight it? Is it a good use of our (limited)
> resources/time?

Here’s an example of my reason for supporting opennet: A good friend
who uses Freenet specifically to communicate with me (in a way where I
can write freely) told me a few weeks ago “I now activated »connect to
strangers« and now Freenet works well”.

Now I can send a N2N message with a link to a file I uploaded into
Freenet and my friend can actually download it.

Since we have no darknet FOAF, I’m actively introducing friends with
similar interests to each other, but that is slow and unreliable.

I want a button where I can simply select 4 darknet friends and click
“introduce”, then get a text field where I can write a few lines for
each contact and have them receive the other noderefs — getting a
message where they can simply check the boxes of the friends they want
to add and then click “connect”.

But even more I want FOAF routing in darknet, so that a single noderef
suffices to get good connectivity.

Yesterday Germany added mandatory 10 weeks data retention, and I sent
my “connect-via-freenet” mail around again. It would be simply great
if Freenet were fast with a single noderef, because then I would not
have to tell them “you might have to enable opennet if you want good
performance”, even though they do know someone who runs Freenet.

> It's okay for them (they're about pseudo-anonymity) and not okay for us
> (assuming that censorship resistance is what we do).

I agree.

Best wishes,
Arne
--
A man in the streets faces a knife.
Two policemen are there it once. They raise a sign:

“Illegal Scene! Noone may watch this!”

The man gets robbed and stabbed and bleeds to death.
The police had to hold the sign.

…Welcome to Europe, citizen. Censorship is beautiful.

   ( http://draketo.de/stichwort/censorship )




signature.asc
Description: This is a digitally signed message part.
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Project Status

[Arne Babenhauserheide]

Am Freitag, 16. Oktober 2015, 01:38:12 schrieb 
salutarydiacritica...@ruggedinbox.com:
> I'm questioning if the overhead of designing and maintaining yet another 
> anonymity protocol makes sense given Freenet's current situation. You 
> can concentrate on polishing Freenet UX and storage algorithms instead 
> and leave the anonymity to Tor.

The problem here is that a realtime anonymizing system like tor cannot
protect you against timing attacks, while the system Freenet already
provides can do so. There are technical requirements which differ in
both systems.

The second problem is that you assume that anyone here is designing
yet another anonymity protocol. The protocols in Freenet already
exist and work quite well.

Do you run Freenet? If not, please do so.

Best wishes,
Arne
-- 
Unpolitisch sein
heißt politisch sein, 
ohne es zu merken. 
- Arne (http://draketo.de)




signature.asc
Description: This is a digitally signed message part.
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Project Status

[charles]

>> Try to get in crowdfunded anti surveillance projects
>> like CommunityCube: 
>> https://www.kickstarter.com/projects/communitycubes/communitycube-lets-build-a-fair-internet/description
>> It will establish you further like abovementioned and will result in more 
>> new users and developers.
> What's their business model? Social networks and open source projects
> are not allowed on Kickstarter, only profitable businesses. Selling
> boxes doesn't provide a good business reason to fund ongoing
> development. Look at your phone, it's probably beyond security support
> already, they want to sell you a new one...
If Kickstarter doesn't allow open source projects, then I don't
understand how Krita has run several successful campaigns through
them.[1][2][3] They do sell pro versions, but they are not targeted in
the kickstarters or even really mentioned at all.

-Charles

[1]
https://www.kickstarter.com/projects/krita/krita-open-source-digital-painting-accelerate-deve
[2]
https://www.kickstarter.com/projects/krita/krita-free-paint-app-lets-make-it-faster-than-phot
[3] https://krita.org/item/funding-krita/



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Project Status

[dean]

On 10/16/15 07:20, Zlatin Balevsky wrote:
>> But there are other trends that might favour us, e.g. cheap but powerful
> router boxes, Raspberry Pi /
>> Arduino hobbyist stuff etc.
> 
> Every trend can bring more volunteers passionate about it, so all venues
> are worth pursuing :)

This is an area in which freenet could be really suited for. Projects
like: https://wiki.debian.org/FreedomBox and integration with tails
could make freenet a lot more usable, "popular" and quell some of the
tor suggestions.

> Is "pretending that Opennet can work" still the official project's
> line?

In regards to this I must protest. I don't have any cyberpunk friends :(

> Is pretending that average humans will know enough Freenet users to make pure 
> Darknet work a reasonable estimate?
> Is it acceptable to limit freedom of speech to those who have many friends? 

I've got to side with xor here

> I think it's time for us all to take a step back and have a serious
> conversation about where we are, and where we are going.

I think this is the best thing to have happened to this project for a
long time and the list activity shows how alive it still is. I don't
think it needs any drastic changes but project direction and
fund-raising is where we should be focussed IMHO.

just my 2c,
Dean



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Project Status

[Florent Daigniere]

On Fri, 2015-10-16 at 19:09 +1000, dean wrote:
> > Is "pretending that Opennet can work" still the official project's
> > line?
> 
> In regards to this I must protest. I don't have any cyberpunk friends
> :(

Protest all you want; it's useless unless you come up with solutions.

If the aim of the project is to protect (Chinese, ...) dissidents we
have to account for their threat model. As far as I know it has to
include state level actors... Given that, I don't know how to make any
form of opennet securely work for them. Do you?

Florent

signature.asc
Description: This is a digitally signed message part
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Project Status

[Florent Daigniere]

On Fri, 2015-10-16 at 21:38 +1000, dean wrote:
> On 10/16/15 20:09, Florent Daigniere wrote:
> > On Fri, 2015-10-16 at 19:09 +1000, dean wrote:
> > > > Is "pretending that Opennet can work" still the official
> > > > project's
> > > > line?
> > > 
> > > In regards to this I must protest. I don't have any cyberpunk
> > > friends
> > > :(
> > 
> > Protest all you want; it's useless unless you come up with
> > solutions.
> > 
> > If the aim of the project is to protect (Chinese, ...) dissidents
> > we
> > have to account for their threat model.
> 
> Why cant freenet have more than one aim? Darknet for the more extreme
> threats?
> 

It can but we need to be honest about which aims are achievable and
which ones aren't.

> > As far as I know it has to include state level actors... Given
> > that, I don't know how to make any
> > form of opennet securely work for them. Do you?
> 
> No I do not, I'm certainly not an expert in this area. I was hoping
> the
> experts were working for the freenet project
> 
> I always liked the idea of wireless mesh routing like freedom box
> claim
> (i have not tried this) could assist against state level threats or
> some
> sort of dead drop system or https://en.wikipedia.org/wiki/PirateBox
> might come in handy when the adversary owns infrastructure.
> 

That's called darknet.

> Maybe I need to research this topic more but I don't understand how
> just
> darknet can operate on its own.

That's what freenet does: connect darknets together and route "stuff"
across them efficiently.

>  What happens when all you get is many
> small isolated darknets who cannot share with each other? Datastore
> sneakernet? Isn't half the point of opennet to connect various
> darknets
> together?

No it's not. Opennet is and has always been about "getting users"-
>"getting funds"->"make progress"

Opennet is what freenet 0.5 and before were.

>  and assist the darknet users to "get their message out"? or
> else what is the point of them publishing anything?
> 
> 
> Or even better, maybe I just need to make some new friends?
> 

That sounds like a plan. 

We should probably revise the terminology too; your neighboors
constitute perfect "friends" as far as darknet is concerned. If you can
use a direct link to them that $opponent can't monitor and $ISP can't
throttle, it's even better.

Florent

signature.asc
Description: This is a digitally signed message part
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Project Status

[dean]

On 10/16/15 20:09, Florent Daigniere wrote:
> On Fri, 2015-10-16 at 19:09 +1000, dean wrote:
>>> Is "pretending that Opennet can work" still the official project's
>>> line?
>>
>> In regards to this I must protest. I don't have any cyberpunk friends
>> :(
> 
> Protest all you want; it's useless unless you come up with solutions.
> 
> If the aim of the project is to protect (Chinese, ...) dissidents we
> have to account for their threat model.

Why cant freenet have more than one aim? Darknet for the more extreme
threats?

> As far as I know it has to include state level actors... Given that, I don't 
> know how to make any
> form of opennet securely work for them. Do you?

No I do not, I'm certainly not an expert in this area. I was hoping the
experts were working for the freenet project

I always liked the idea of wireless mesh routing like freedom box claim
(i have not tried this) could assist against state level threats or some
sort of dead drop system or https://en.wikipedia.org/wiki/PirateBox
might come in handy when the adversary owns infrastructure.

Maybe I need to research this topic more but I don't understand how just
darknet can operate on its own. What happens when all you get is many
small isolated darknets who cannot share with each other? Datastore
sneakernet? Isn't half the point of opennet to connect various darknets
together? and assist the darknet users to "get their message out"? or
else what is the point of them publishing anything?


Or even better, maybe I just need to make some new friends?

Dean.





signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Project Status

[dean]

On 10/16/15 22:02, Florent Daigniere wrote:
> On Fri, 2015-10-16 at 21:38 +1000, dean wrote:
>> On 10/16/15 20:09, Florent Daigniere wrote:
>>> On Fri, 2015-10-16 at 19:09 +1000, dean wrote:
> Is "pretending that Opennet can work" still the official
> project's
> line?

 In regards to this I must protest. I don't have any cyberpunk
 friends
 :(
>>>
>>> Protest all you want; it's useless unless you come up with
>>> solutions.
>>>
>>> If the aim of the project is to protect (Chinese, ...) dissidents
>>> we
>>> have to account for their threat model.
>>
>> Why cant freenet have more than one aim? Darknet for the more extreme
>> threats?
>>
> 
> It can but we need to be honest about which aims are achievable and
> which ones aren't.
> 
>>> As far as I know it has to include state level actors... Given
>>> that, I don't know how to make any
>>> form of opennet securely work for them. Do you?
>>
>> No I do not, I'm certainly not an expert in this area. I was hoping
>> the
>> experts were working for the freenet project
>>
>> I always liked the idea of wireless mesh routing like freedom box
>> claim
>> (i have not tried this) could assist against state level threats or
>> some
>> sort of dead drop system or https://en.wikipedia.org/wiki/PirateBox
>> might come in handy when the adversary owns infrastructure.
>>
> 
> That's called darknet.
> 
>> Maybe I need to research this topic more but I don't understand how
>> just
>> darknet can operate on its own.
> 
> That's what freenet does: connect darknets together and route "stuff"
> across them efficiently.
> 
>>  What happens when all you get is many
>> small isolated darknets who cannot share with each other? Datastore
>> sneakernet? Isn't half the point of opennet to connect various
>> darknets
>> together?
> 
> No it's not. Opennet is and has always been about "getting users"-
>> "getting funds"->"make progress"
> 
> Opennet is what freenet 0.5 and before were.
> 
>>  and assist the darknet users to "get their message out"? or
>> else what is the point of them publishing anything?
>>
>>
>> Or even better, maybe I just need to make some new friends?
>>
> 

Is there a wiki page or documentation somewhere where I can find out how
to do this??? ;-)

> That sounds like a plan. 
> 
> We should probably revise the terminology too; your neighboors
> constitute perfect "friends" as far as darknet is concerned. If you can
> use a direct link to them that $opponent can't monitor and $ISP can't
> throttle, it's even better.
> 

What about trustees? Its more about trust than how well you get along
with someone.

> Florent
> 
> 
>



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Project Status

[Ian]

On Thu, Oct 15, 2015 at 6:38 PM, 
wrote:

> Step back and take a deep breath. I'm not telling you to shutdown your
> website and foundation and host your project on Tor' s site.
>

I didn't say that, so perhaps you should re-read my last email.


> I'm questioning if the overhead of designing and maintaining yet another
> anonymity protocol makes sense given Freenet's current situation. You can
> concentrate on polishing Freenet UX and storage algorithms instead and
> leave the anonymity to Tor.


As I already said in my previous email, that is nonsense.  Freenet's
"anonymity" is at the core of what Freenet is.  You can't just "unplug" the
anonymity and plug Tor in in it's place.  It doesn't work like that.


> Its an intensive process coming up with something that stands up against
> serious enemies. Tor gets most of the academic community's attention
> improving against attacks all the time. You get this for free by switching
> to their protocol for transport.
>

Tor's anonymity is easier to prove because Tor is way less ambitious than
Freenet (one of the reasons Tor was easily blocked by the Chinese
government).  You're advocating that we replace the very thing that makes
Freenet different.  If we did that, what would be the point of continuing
with the project?

Ian.
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Project Status

[hyazinthe]

I noticed and got interested in Freenet in 2006 by this paper, here from the 
year 2002
- http://www.lawtechjournal.com/articles/2002/05_021229_roemer.php - and made an
effort in actually using it in 2014 as a reaction on the surveillance scandal 
exposed by Edward Snowden.

The good stuff:

For 15 years Freenet is one of the best technical solutions to extreme worst 
case internet scenarios
for whistleblowing & privacy advocates. And it still is. It's one of the most 
promissing technical
solutions in that regard. If I had to set up a new internet user existence with 
high demands on
freedom of press and privacy, I wouldn't think a second looking for other ways 
than the freenet project.

The Freenet has no bad record like for instance busted users for 15 years now 
upto today. What
other tool can claim that for itself?

I heard people here be in odds with the fact that freenet is the oldest player 
in the field.
The opposite is the case: It's no weakness, it's a strengh, it's reliability 
and consistency like a big, thick, old oak.

The Freenet is prestigious. In public it forms a 3 note chord together with TOR 
and I2P, and that
upto today: Just have a look at this recent article published by a news website
with 17 million visitors per month 
http://economictimes.indiatimes.com/tech/internet/more-indians-are-logging-on-anonymously-using-browsers-like-tor-freenet-i2p-and-tails/articleshow/49330271.cms
Not to forget the prize we've won this year: 
https://freenetproject.org/news.html#20150211-suma-award

The Freenet gets more and more important:
Just think of the surveillance scandal revealed by Edward Snowden in 2013, 
think of more and more
countries introducing data retention, think of how threatened freedom of press 
gets in more and more
countries, think of the centralization of the internet, shall I continue?
Each of those steps on the other side did, does and will push more people to 
the freenet.


The bad stuff:

The Freenet can't afford to look like a window in the past
in any way. It simply sucks. It's no pull, but push (away) factor.
And the worst thing in this regard is the completely grey, 
uncreative-depressing starting/main page of Freenet.
Second worst is the "internet like 1999" look of the websites linked by said 
main page of Freenet.
This is really a point which urgently and step by step needs to be updated. I'm 
glad that happens with
https://freenetproject.org/ very soon. It's absolutely necessary from user 
perspective !
Especially because of this: If Freenet always will be slower than the www, then 
you definitely don't
want Freenet to also be uglier then the www. It's a disadvantage you simply 
can't afford.
It should be the other way around: Your design loud and clear have to say that 
the future of the internet is the Freenet.


The chances:

Collaborations. Try to get in Tails. Try to get in Debian. Try to get in 
crowdfunded anti surveillance projects
like CommunityCube: 
https://www.kickstarter.com/projects/communitycubes/communitycube-lets-build-a-fair-internet/description
It will establish you further like abovementioned and will result in more new 
users and developers.

Funding - pull every thinkable straw, and you have some left. When one has a 
look at https://freenetproject.org/donate.html , one sees how
currently one can donate by...
- paypal (recurring payment), which is not used by people, who boycott paypal 
for fighting wikileaks or simply don't trust online payment
- paypal (once)
- bitcoins
- ~ talking and figuring out together - great offer, but practically to 
complicated. What ever solution could be figured out, write it directly
  and so remove the need to start a conversation before paying
- merchandising
what is missing:
- direct bank account based on SEPA - think of your peer group, privacy 
sensitive folks care about this method a lot, as online banking
in times of NSA is evil.
- you really need to make a strong effort in making a crowdfunding campaign on 
any crowdfunding platform, preferably big and popular
crowdfunding platforms like patreon or kickstarter, just like MediaGoblin has 
done so: http://mediagoblin.org/pages/campaign.html
-- I mean, you have it all:
--- You have the crowd motivation (surveillance scandal, data retention, 
facebook, etc.)
--- You have the offer: The practical useful tool, Freenet - with all of said 
record
 Now, all it takes is a serious effort in making a crowdfunding campaign, 
including a nice video, promoting at news papers & PR people,
well-thought crowdfunding aims, and all that placed in bottom drawer waitind to 
be taken out when the moment is very good for it, like
for instance when data retention is being introduced in another big country, 
etc.
Additionally, the time counter doesn't seem to me that effective as the money 
counter, so better switch back to the money counter.

Show people how to use the Freenet. You know why most people don't change their 
behaviour?
Not because of lack of motivation, but 

Re: [freenet-dev] Project Status

[Matthew Toseland]

On 16/10/15 00:38, salutarydiacritica...@ruggedinbox.com wrote:
> Step back and take a deep breath. I'm not telling you to shutdown your
> website and foundation and host your project on Tor' s site.
>
> I'm questioning if the overhead of designing and maintaining yet
> another anonymity protocol makes sense given Freenet's current
> situation. You can concentrate on polishing Freenet UX and storage
> algorithms instead and leave the anonymity to Tor. Its an intensive
> process coming up with something that stands up against serious
> enemies. Tor gets most of the academic community's attention improving
> against attacks all the time. You get this for free by switching to
> their protocol for transport.
>
> Not every developer that designed their app to communicate over Tor or
> a socks proxy, stuck their software with theirs. It's a more sensible
> decision than everyone rolling a custom anonymous protocol every time
> they wanted such services. Just like crypto, its better to go with a
> standard cipher checked the most by researchers than writing your own.
> Again I'm not criticizing your effort but your wiki page on attacks
> against Freenet does not inspire confidence in your target audience of
> investigate journalists and whistleblowers.
Using Tor as an initial layer on Freenet would improve the security of
opennet slightly but would need a way to discover nodes. Plus it would
be *slightly* slower. In any case Freenet's focus in terms of improving
security is / should be, on darknet - which has nothing to do with Tor.

There are distributed storage and chat systems built on top of I2P, and
possibly Tor. I don't think they're very popular - people want Facebook,
but with some warm fuzzy feeling attached (without any real security and
still using Javascript). People who really do need to publish
anonymously still need a wide audience.

We're not proposing to implement a tunnel scheme in Freenet in the near
future. It's been discussed, and it makes sense eventually (because the
threat model and use case is different to Tor, we can use different,
safer algorithms, using social trust and high latency for inserts), but
it's not a high priority right now.



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Project Status

[Matthew Toseland]

On 16/10/15 07:36, Florent Daigniere wrote:
> I do not think that "our users" are genuinely interested in publishing
> anything anymore. Back when the project started, there wasn't
> Wikipedia, Blogger, facebook nor twitter... And those who are (the
> copyright infringement brigade, ...) we're not ready/willing to
> support.
The fact that Wikipedia exists continues to amaze me and provide some
tiny beacon of hope... However the wider picture is bleak.
> I do not think that Freenet provides the security guarantees one would
> require to face a "state level" adversary. I do think that implying
> otherwise is deceitful (but I also acknowledge that it's what marketing
> is about and that it's necessary to raise funds).
>
> I'm not convinced that Darknet (as currently implemented) even works.
>
> All in all, I think that we're still looking for our audience, a decade
> and a half in the making... and that's only problematic because we have
> chosen it to be.
>
> I've always seen Freenet as an interesting (open) research problem and
> a way to learn, nothing more.

On 16/10/15 13:12, dean wrote:
> On 10/16/15 22:02, Florent Daigniere wrote:
>> On Fri, 2015-10-16 at 21:38 +1000, dean wrote:
>>> On 10/16/15 20:09, Florent Daigniere wrote:
 If the aim of the project is to protect (Chinese, ...) dissidents
 we
 have to account for their threat model.
>>> Why cant freenet have more than one aim? Darknet for the more extreme
>>> threats?
>> It can but we need to be honest about which aims are achievable and
>> which ones aren't.
And exactly what is your goal if it is not to protect against
state-level actors? If the state isn't part of your threat model then
you're a fool. If they are, you're stuffed.

To elaborate: Intelligence agencies, police, major corporations,
politicians and very rich individuals all have - legally or not,
depending on the whim of politicians - access to state level
intelligence resources. Even democratic governments engage in economic
espionage and surveillance of their political opponents. For example,
the UK's Special Branch's purpose is to spy on anyone the home secretary
deems a threat to the establishment (according to a former home
secretary). That recently included climate activists, for example. And
most democracies engage in some form of censorship - increasingly
including threatening political speech.

Furthermore, the intelligence agencies do not regard us as irrelevant.
We know the police have tools for dealing with Freenet, and we know the
NSA has commissioned contract work against Freenet, and spent internal
effort on Tor.

Their objective is not targeted surveillance of known terrorists, but
drag-net surveillance of everyone all the time, so they can data mine
for the interesting bits. People who use better tools to try to protect
their privacy are more likely to have it invaded more intrusively since
they probably have something to hide. People who search for Freenet, or
Tor, or who read the Linux Journal (backdoors perhaps?), are watched
more closely than people who don't. And they apparently have no rules at
all: They compromise closed source and presumably open source security
software, globally (not merely for a specific target), merely to make it
easier to watch everyone. This contradicts their defensive mission, as
those bugs will be found by others. That makes the whole field of
computer security highly dubious. At the extreme end they are prepared
to hack developers' computers, insert human operatives and presumably
resort to traditional blackmail and bribery. And they have near
unlimited resources.

Nobody can stand up to a determined state level actor. In the early days
of a new technology it inevitably appears to subvert established power
structures. But that's only because they haven't caught on yet. In the
corporate world it works out through new markets resulting in new
monopolies, who eventually act exactly the same as the old ones did. In
the espionage world it's more a matter of government catching on to new
possibilities.

On a more technical level, a determined government can, for only a
modest cost (which can be passed on to the consumer), block Freenet,
even with pure darknet and transport plugins. In the early days, there
was some hope as it was unclear what traffic flow analysis would cost.
Nowadays we know it's pretty cheap (although there may be some
overblocking). It is likely that this will happen in the UK over the
next year - for both Freenet and Tor.

Physical darknets don't help here because you need long links
(geographically as well as topologically), and those are easily detected
and always owned by somebody (or illegal, slow, expensive unsustainable
volunteer efforts etc).

However, given a sufficiently neutral Internet (an increasingly naive
assumption), Freenet could still provide some interesting properties:
- Censorship resistance.
- Distributed hosting.
- Stronger privacy than Tor (not now, but with a big darknet and maybe

Re: [freenet-dev] Project Status

[salutarydiacritical23]

Right now Freenet discovers other clients on opennet by way of seed 
nodes. Hypothetically you can run the nodes as hidden services and embed 
the addresses in Freenet clients. Clients generate their own hidden 
address keys and build routing tables from them.


No distributed system on I2P or Tor comes close to Freenet features. 
WoT, library, the plugin ecosystem and Opennet bring a lot of value 
compared to other systems. Opennet is a big part of Freenet's attraction 
and you shouldn't tear it out. The tunneling idea sounds great and it 
should get priority. Maybe you should discuss it with the Tor developers 
and see if they can help.


PS what NSA documents mention contractors attacking Freenet?



@Ian

Freenet has many selling points besides anonymity as I said. I'm 
surprised you don't see that.


Tor is not easily blocked by China and people connect from behind the 
Great Firewall everyday. They've been making all kinds of advancements 
in bridge technology and obfuscated protocols to bypass DPI. They have 
ways to distribute bridges and software packages that get around 
censorship of their website. Infrastructure for your users potentially.



@Arne

I am a Freenet user. I care about Freenet and want it to be popular with 
people facing most dangerous threats.


Tor is adding inter-relay adaptive padding soon to stop timing attacks.

https://lists.torproject.org/pipermail/tor-dev/2015-September/009485.html


How did Freenet solve this? If a bad node can connect to you on Opennet, 
they can do traffic analysis on your requests. With no guard nodes an 
attacker can connect to everyone in short time. You can add node pinning 
and tunnels but that's a lot of work.


On 2015-10-16 17:11, Matthew Toseland wrote:

On 16/10/15 00:38, salutarydiacritica...@ruggedinbox.com wrote:

Step back and take a deep breath. I'm not telling you to shutdown your
website and foundation and host your project on Tor' s site.

I'm questioning if the overhead of designing and maintaining yet
another anonymity protocol makes sense given Freenet's current
situation. You can concentrate on polishing Freenet UX and storage
algorithms instead and leave the anonymity to Tor. Its an intensive
process coming up with something that stands up against serious
enemies. Tor gets most of the academic community's attention improving
against attacks all the time. You get this for free by switching to
their protocol for transport.

Not every developer that designed their app to communicate over Tor or
a socks proxy, stuck their software with theirs. It's a more sensible
decision than everyone rolling a custom anonymous protocol every time
they wanted such services. Just like crypto, its better to go with a
standard cipher checked the most by researchers than writing your own.
Again I'm not criticizing your effort but your wiki page on attacks
against Freenet does not inspire confidence in your target audience of
investigate journalists and whistleblowers.

Using Tor as an initial layer on Freenet would improve the security of
opennet slightly but would need a way to discover nodes. Plus it would
be *slightly* slower. In any case Freenet's focus in terms of improving
security is / should be, on darknet - which has nothing to do with Tor.

There are distributed storage and chat systems built on top of I2P, and
possibly Tor. I don't think they're very popular - people want 
Facebook,
but with some warm fuzzy feeling attached (without any real security 
and

still using Javascript). People who really do need to publish
anonymously still need a wide audience.

We're not proposing to implement a tunnel scheme in Freenet in the near
future. It's been discussed, and it makes sense eventually (because the
threat model and use case is different to Tor, we can use different,
safer algorithms, using social trust and high latency for inserts), but
it's not a high priority right now.


___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Project Status

[Matthew Toseland]

On 16/10/15 16:32, hyazin...@emailn.de wrote:
> I noticed and got interested in Freenet in 2006 by this paper, here from the 
> year 2002
> - http://www.lawtechjournal.com/articles/2002/05_021229_roemer.php - and made 
> an
> effort in actually using it in 2014 as a reaction on the surveillance scandal 
> exposed by Edward Snowden.
>
> The good stuff:
>
> For 15 years Freenet is one of the best technical solutions to extreme worst 
> case internet scenarios
> for whistleblowing & privacy advocates. And it still is. It's one of the most 
> promissing technical
> solutions in that regard. If I had to set up a new internet user existence 
> with high demands on
> freedom of press and privacy, I wouldn't think a second looking for other 
> ways than the freenet project.
>
> The Freenet has no bad record like for instance busted users for 15 years now 
> upto today. What
> other tool can claim that for itself?
>
> I heard people here be in odds with the fact that freenet is the oldest 
> player in the field.
> The opposite is the case: It's no weakness, it's a strengh, it's reliability 
> and consistency like a big, thick, old oak.
>
> The Freenet is prestigious. In public it forms a 3 note chord together with 
> TOR and I2P, and that
> upto today: Just have a look at this recent article published by a news 
> website
> with 17 million visitors per month 
> http://economictimes.indiatimes.com/tech/internet/more-indians-are-logging-on-anonymously-using-browsers-like-tor-freenet-i2p-and-tails/articleshow/49330271.cms
> Not to forget the prize we've won this year: 
> https://freenetproject.org/news.html#20150211-suma-award
>
> The Freenet gets more and more important:
> Just think of the surveillance scandal revealed by Edward Snowden in 2013, 
> think of more and more
> countries introducing data retention, think of how threatened freedom of 
> press gets in more and more
> countries, think of the centralization of the internet, shall I continue?
> Each of those steps on the other side did, does and will push more people to 
> the freenet.
Thanks!
>
>
> The bad stuff:
>
> The Freenet can't afford to look like a window in the past
> in any way. It simply sucks. It's no pull, but push (away) factor.
> And the worst thing in this regard is the completely grey, 
> uncreative-depressing starting/main page of Freenet.
> Second worst is the "internet like 1999" look of the websites linked by said 
> main page of Freenet.
> This is really a point which urgently and step by step needs to be updated. 
> I'm glad that happens with
> https://freenetproject.org/ very soon. It's absolutely necessary from user 
> perspective !
> Especially because of this: If Freenet always will be slower than the www, 
> then you definitely don't
> want Freenet to also be uglier then the www. It's a disadvantage you simply 
> can't afford.
> It should be the other way around: Your design loud and clear have to say 
> that the future of the internet is the Freenet.
Modern websites are javascript layers over centralised databases.

We can't safely have Javascript in Freenet. Neither can Tor really, but
it's more extreme for us.

However, there is Winterface (for the generated content itself, not fproxy).
> The chances:
>
> Collaborations. Try to get in Tails. Try to get in Debian. 
We need an unofficial Debian package/repository, yes. However we don't
want to be in the mainline debian stable as it means no network level
changes for 2 years.
> Try to get in crowdfunded anti surveillance projects
> like CommunityCube: 
> https://www.kickstarter.com/projects/communitycubes/communitycube-lets-build-a-fair-internet/description
> It will establish you further like abovementioned and will result in more new 
> users and developers.
What's their business model? Social networks and open source projects
are not allowed on Kickstarter, only profitable businesses. Selling
boxes doesn't provide a good business reason to fund ongoing
development. Look at your phone, it's probably beyond security support
already, they want to sell you a new one...
> Funding - pull every thinkable straw, and you have some left. When one has a 
> look at https://freenetproject.org/donate.html , one sees how
> currently one can donate by...
> - paypal (recurring payment), which is not used by people, who boycott paypal 
> for fighting wikileaks or simply don't trust online payment
> - paypal (once)
> - bitcoins
> - ~ talking and figuring out together - great offer, but practically to 
> complicated. What ever solution could be figured out, write it directly
>   and so remove the need to start a conversation before paying
> - merchandising
> what is missing:
> - direct bank account based on SEPA - think of your peer group, privacy 
> sensitive folks care about this method a lot, as online banking
> in times of NSA is evil.
We need more funding yes. I'm not sure whether more donation options
would help or hinder. More ways to pay seems more complicated. Any thoughts?
> - you 

Re: [freenet-dev] Project Status

[Arne Babenhauserheide]

Am Freitag, 16. Oktober 2015, 12:09:09 schrieb Florent Daigniere:
> I don't know how to make any
> form of opennet securely work for them. Do you?

For all of my knowledge, Opennet always was only about getting
users. Making it easy to have a somewhat usable Freenet from the
start. Because no matter how cool the tool, if no one uses it,
publishing over it is useless, because what you publish reaches no
one.

If a chinese dissident wants to reach foreign people, Freenet has to
be usable for both.

Best wishes,
Arne
--
Ein Würfel System - einfach saubere Regeln: 

- http://1w6.org



signature.asc
Description: This is a digitally signed message part.
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Project Status

[xor]

On Wednesday, October 14, 2015 02:22:43 PM Ian Clarke wrote:
> I think it's time for us all to take a step back and have a serious
> conversation about where we are, and where we are going.
> 
> Our current bank account balance is US$1,184.32, our current PayPal balance
> is $1,201.60.

I vote for keeping as much of this locked as is required for 1 year of paying 
maintenance costs such as the server. We should also offer Arne & Florent the 
service of paying their travel costs for the EU-parliament thing; so please 
also allocate that.

> Even at Xor's very low hourly rate (he could get a lot more commercially
> given his skillset - which we should all appreciate him for)

You just made me very happy, thank you :)
I had feared I appeared like a failure after the big pull-request-merge-policy 
flamewar etc. I will keep trying to improve my communication skills! :)

> this is less
> than 100 hours of remaining availability. He needs to prepare for finding
> an alternate income source

Freenet is in a fortunate situation here:
I can keep working for some months *without* immediate payment.
I won't search a new job.

I offer to write my bills as fully interest-free debt, with no time limit for 
payment whatsoever. "Pay as soon as there are enough donations". Also, to 
reduce your work, this could be batch-payment of at least one monthly invoice 
at a time. You don't need to bother to send $ 10 to me.
I'd say as a compensation I'd like to sometimes arbitrarily reduce my hour 
count somewhat when I need more real life time for the stuff which is 
explained in the following section. I'll try to keep the reduction at less 
than 30%.

Reasons for the decision to not get a new job are:

1) I love Freenet.
I want to keep the job. We haven't even tried to do a fundraiser yet, and I 
think if we do actually try, we should be able to get funding.
Also, I want to finish fixing WoT performance. The stuff has become part of my 
personal life goals and I want to get it done. The fact that the performance 
has been annoying users for years is something which I just cannot take 
anymore. I someday want to get to the point where Sone/Freetalk and all the 
other nice applications built on top of it are bundled by default.

2) Me and my mom's plans to move to Berlin:
She's at the point in her life where she cannot maintain her house anymore, so 
it needs to be sold off. Emptying it out is a lot of work (~ 1-2 years left I 
suppose) - which by the way is one of the reasons for my previous hour count 
not reaching full-time work.
I also personally cannot take living at the end of the world much longer, I 
want to get to a place where there is life.
It would be stupid to get another job now: This would require churning out 
crazy hours to prove my worthiness, which would only delay moving to Berlin. 
And every month we still live here is an annoyance for us.
So if Freenet cannot afford to pay me for a while, I should rather use this as 
an opportunity to lower my sitting-at-the-computer-time a bit and speed up the 
moving. My mom for sure would lend me my very basic living costs if I became 
her part-time "employee" to clean her place out.

If you wonder why I don't just volunteer then, please notice that it would 
make me feel very bad personally at my age to actually live off my mom's money 
without paying it back. I would feel huge guilt. So I need to continue working 
for money to pay her back someday, even if I don't get it right away.

> We have a new website in the works, which is great, and many people have
> been working valiantly to support the project, but it's hard to escape the
> feeling that we're almost in a "maintenance mode".   The problem with that
> is that you just can't generate enough excitement to attract funding in
> that situation.

First of all, Freenet isn't *that* dead. The mailing list looks dead, but IRC 
is quite alive. People just prefer IRC. And there, I feel like the influx of 
new people has increased a lot the past years.

With regards to funding:

I think finishing the new website definitely is something we should do before 
a fundraiser.
But nevertheless, I would say that the reason we don't get funding is much 
more simple than "website sucks" / "code is too difficult to understand":
We just didn't even really ask for money yet!

Steve and Arne did ask a few people which I am thoroughly thankful for.
But a real fundraiser can be much larger:
- Big red alert on the website, like Wikipedia does it.
- Contact dozens of potential funders instead of 2-3.
- Do a press release & contact dozens of news sites.

To get a grasp of how many people we could ask, just have a look at how many I 
could enumerate on the Wiki in a day's work without even doing real googling:
https://wiki.freenetproject.org/Fundraising

I would say we wait another 2-3 weeks to see whether a volunteer steps up to 
contact many people; and if none does, I move from code-writing to 
fundraising.

I would of course prefer to keep 

Re: [freenet-dev] Project Status

[Matthew Toseland]

On 15/10/15 00:44, Steve Dougherty wrote:
> I think another thing being staffed by volunteers has done is made the
> project rather directionless. By their nature volunteers tend to work
> on what they find interesting, and it doesn't build toward a focused
> goal. Volunteers are great at polishing and adding small things, but
> usually can't have the focus and time that paid / full-time developers
> do to make large changes.
Dire mistakes can be made in the opposite direction too. Everything from
writing unmaintainable code to meet deadlines and get new users to
trying to facilitate volunteers and getting pulled in every direction
simultaneously resulting in nothing getting done.

IMHO to be successful we need most of the work to be done by volunteers,
even if we *do* have paid staff too. It *is* useful to have paid staff,
to do things that wouldn't get done otherwise, either because they are
too big and need a sustained effort, or because they are important but
not of interest to volunteers.

As for the rest, I absolutely agree we suck at raising funds, but we
could be a lot more active about it.



signature.asc
Description: OpenPGP digital signature
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Project Status

[Matthew Toseland]

On 15/10/15 00:53, Hunter Poe wrote:
> Hi, there
>
>
>
>  I have been a user of Freenet for several years now, and am at this point
> still a pretty junior develop, but finally feel my capabilities have
> advanced to the point where I would feel comfortable starting to do some
> work with Freenet and contributing my, albeit limited, skills.
>
>  As consequence of this I have been following the mailing list a little
> more closely the past week or two and it seems to me that one of the big
> issues is as Ian pointed out Freenet is rather aged, and so are many of the
> development methodologies, tools, and libraries, and it appears in
> consequence of that, as well as several other hurdles, have made it
> difficult for developers to join in the work.
>
>  This has resulted in a state where as Ian stated, we are basically running
> in maintenance mode with a backlog of bugs, and trying to keep things
> mostly working. Which at least in my limited experience is often one of the
> less exciting tasks in a developers life. In addition because Freenet has
> been able to stand so long on its own (15 years is quite the lifetime for
> an application) but has resulted in numerous patches, and as Brookes points
> out in the “Mythical Man Month” that when we fix a bug we end up just
> introducing more bugs that are subtler.
>
>  It seems to me that the best way to revitalize Freenet would be to
> re-architect and rebuild Freenet, starting with documenting how Freenet is
> actually working according to the code. I have found in my rather limited
> experience that often times when I am forced to verbalize or articulate
> what my code is doing can sometimes bring epiphanies that help me make
> major breakthroughs (source:
> http://story.fund/post/114720918282/debugging-teddy-bea
> r). The Freenet
> 2.0 as it were could include a modernized build system, if we are concerned
> about pulling down insecure dependencies we could look at creating our own
> Freenet specific libraries that although this would cause us to reinvent
> the wheel in some cases it could also help us reevaluate the need for the
> specific component reducing software bloat, and give us the guarantee of
> security. We could also move to a more compartmentalized and separated
> model for Freenet, separating the deamon, and clients, changing the way we
> handle plugins. As well as standardizing testing and development
> procedures.
>
>  An expanded and more concise documentation and a modernization of build
> tools could lower the bar for entry for new developers which would in turn
> cascade into more devs contributing.
>
>  Ultimately we may need to make sacrifices in philosophical purity,  and
> some compromises on how we want to handle certain aspects of our
> development or methodology in order to ensure the continued survival of
> Freenet, because regardless of how secure Freenet is, or how well the
> source code has been vetted, or how much we trust the repositories we are
> pulling from. If no one is running it because it has become to kludgy or
> unwieldy to use or run, we are failing at our fundamental mission of
> providing secure, anonymous, censorship resistant communication.
>
>
>  Like I said I am still a fairly inexperienced and junior developer and
> could be quite off base, but these are just my thoughts. I think the other
> option we could do is just send the entire code base and administration and
> everything else over to the NSA and the FBI and ask them to start
> maintaining them, I’m sure they would totally dig that. ;)
>
>
> Sincerely,
>
> A concerned citizen opposed to a surveillance state.
It is perfectly possible to resolve problems without rewriting from
scratch. Sometimes we need to rewrite a subsystem. Documentation does
not automatically come with a new design, and many problems can be
solved by incremental refactoring.

One big problem at the moment is lack of review capacity: Rewrite a
whole subsystem and it may take a year to get merged because the release
manager doesn't have time to review it. This happened with my rewrite of
the client layer last year. This is an area where paid staff could be
really helpful (although obviously that shouldn't be their sole role).

As for the rest, IMHO a lot of it is simply because Freenet is an open
source project, which hasn't reached the critical mass - and in fact
never will - that Linux, Apache, Bitcoin, LibreOffice and Firefox have
reached. In most of these cases there are major corporations
contributing full-time developers. That will never be the case for
Freenet. As for the rest, the internet hype and fundraising machine
(Kickstarter, the wider dot com bubble, and the press) is largely around
start-ups - profitable businesses. Doing something as a non-profit means
we need to be good at fund-raising - either on the micro- level, or on
the funding application level.



signature.asc
Description: OpenPGP digital signature

Re: [freenet-dev] Project Status

[salutarydiacritical23]

I am a Freenet user and want you to succeed so look at my words from 
that angle.


You are missing out on an obvious natural alliance with Tor that can 
bring in many benefits from funding, users, publicity and manpower. The 
Tor project also invested a lot in private client side applications like 
the Tor browser and Tor birdy that you can combine.  Not to denigrate 
your work but its fact, their anonymity transport layer is more advanced 
and has undergone more scrutiny and is trusted. I've talked with people 
who love the Freenet concept but are reluctant to use it because they 
don't feel its powerful enough to withstand NSA. I find it hard to 
convince them otherwise when there is a trickle of papers about 
Freenet's anonymity protection and no mention of it being a challenge to 
NSA like the Tor slides and they trust what Snowden used.


With that said, Freenet's real power is resilient and distributed data 
hosting, unmatched by Tor hidden services that were designed as an 
afterthought. Together both technologies are a perfect fit. They should 
not compete.


My point here is to keep the parts of the protocol where Freenet users 
can automatically find each other and request data but to offload the 
traffic hiding part to Tor. Don't put users in a situation where they 
have to choose between both. Each project does one thing well and 
together they give users the cypherpunk vision of freedom.


More users means more technical people who will become interested and 
help out. It becomes self sustaining. You've built it but you need to 
integrate it right and they will come.

___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Project Status

[salutarydiacritical23]

Step back and take a deep breath. I'm not telling you to shutdown your 
website and foundation and host your project on Tor' s site.


I'm questioning if the overhead of designing and maintaining yet another 
anonymity protocol makes sense given Freenet's current situation. You 
can concentrate on polishing Freenet UX and storage algorithms instead 
and leave the anonymity to Tor. Its an intensive process coming up with 
something that stands up against serious enemies. Tor gets most of the 
academic community's attention improving against attacks all the time. 
You get this for free by switching to their protocol for transport.


Not every developer that designed their app to communicate over Tor or a 
socks proxy, stuck their software with theirs. It's a more sensible 
decision than everyone rolling a custom anonymous protocol every time 
they wanted such services. Just like crypto, its better to go with a 
standard cipher checked the most by researchers than writing your own. 
Again I'm not criticizing your effort but your wiki page on attacks 
against Freenet does not inspire confidence in your target audience of 
investigate journalists and whistleblowers.




On 2015-10-15 23:57, Ian wrote:

Software isn't like playdough, you can't take two different software
projects and just stick them together, and expect the result to make 
sense

(even if the projects have related goals).

In terms of the benefits of an alliance with Tor I'm afraid you're 
being

naive.  From Tor's perspective, an "alliance" with Freenet would make
absolutely no sense.  They'd essentially just be diverting developers,
users, and funding away from their own project.  Don't get me wrong,
they're  nice guys, but it would simply be irrational.

Tor and Freenet might be related at a high-level, but this whole idea 
that
separate software projects should all be glued together into one huge 
mass

of bloatware is very misguided.  It's the polar opposite of the Unix
philosophy .  I wish 
people

would stop suggesting it.  It wouldn't solve any problem and would be a
massive waste of time and resources.

Ian.



On Thu, Oct 15, 2015 at 4:35 PM, 


wrote:

I am a Freenet user and want you to succeed so look at my words from 
that

angle.

You are missing out on an obvious natural alliance with Tor that can 
bring

in many benefits from funding, users, publicity and manpower. The Tor
project also invested a lot in private client side applications like 
the
Tor browser and Tor birdy that you can combine.  Not to denigrate your 
work

but its fact, their anonymity transport layer is more advanced and has
undergone more scrutiny and is trusted. I've talked with people who 
love
the Freenet concept but are reluctant to use it because they don't 
feel its
powerful enough to withstand NSA. I find it hard to convince them 
otherwise
when there is a trickle of papers about Freenet's anonymity protection 
and

no mention of it being a challenge to NSA like the Tor slides and they
trust what Snowden used.

With that said, Freenet's real power is resilient and distributed data
hosting, unmatched by Tor hidden services that were designed as an
afterthought. Together both technologies are a perfect fit. They 
should not

compete.

My point here is to keep the parts of the protocol where Freenet users 
can
automatically find each other and request data but to offload the 
traffic

hiding part to Tor. Don't put users in a situation where they have to
choose between both. Each project does one thing well and together 
they

give users the cypherpunk vision of freedom.

More users means more technical people who will become interested and 
help
out. It becomes self sustaining. You've built it but you need to 
integrate

it right and they will come.

___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl


___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Project Status

[Ian]

Software isn't like playdough, you can't take two different software
projects and just stick them together, and expect the result to make sense
(even if the projects have related goals).

In terms of the benefits of an alliance with Tor I'm afraid you're being
naive.  From Tor's perspective, an "alliance" with Freenet would make
absolutely no sense.  They'd essentially just be diverting developers,
users, and funding away from their own project.  Don't get me wrong,
they're  nice guys, but it would simply be irrational.

Tor and Freenet might be related at a high-level, but this whole idea that
separate software projects should all be glued together into one huge mass
of bloatware is very misguided.  It's the polar opposite of the Unix
philosophy .  I wish people
would stop suggesting it.  It wouldn't solve any problem and would be a
massive waste of time and resources.

Ian.



On Thu, Oct 15, 2015 at 4:35 PM, 
wrote:

> I am a Freenet user and want you to succeed so look at my words from that
> angle.
>
> You are missing out on an obvious natural alliance with Tor that can bring
> in many benefits from funding, users, publicity and manpower. The Tor
> project also invested a lot in private client side applications like the
> Tor browser and Tor birdy that you can combine.  Not to denigrate your work
> but its fact, their anonymity transport layer is more advanced and has
> undergone more scrutiny and is trusted. I've talked with people who love
> the Freenet concept but are reluctant to use it because they don't feel its
> powerful enough to withstand NSA. I find it hard to convince them otherwise
> when there is a trickle of papers about Freenet's anonymity protection and
> no mention of it being a challenge to NSA like the Tor slides and they
> trust what Snowden used.
>
> With that said, Freenet's real power is resilient and distributed data
> hosting, unmatched by Tor hidden services that were designed as an
> afterthought. Together both technologies are a perfect fit. They should not
> compete.
>
> My point here is to keep the parts of the protocol where Freenet users can
> automatically find each other and request data but to offload the traffic
> hiding part to Tor. Don't put users in a situation where they have to
> choose between both. Each project does one thing well and together they
> give users the cypherpunk vision of freedom.
>
> More users means more technical people who will become interested and help
> out. It becomes self sustaining. You've built it but you need to integrate
> it right and they will come.
>
> ___
> Devl mailing list
> Devl@freenetproject.org
> https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
>
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Project Status

[Zlatin Balevsky]

> Maybe so, but it means a full rewrite every few years, which we are
> unlikely to have the resources for. Even if we did, it would mean
> throwing out years of hard-won expertise.

That's not necessarily a bad thing.  It forces the accumulation of new
expertise, keeps bringing in new generations of developers and makes sure
the project takes advantage of whatever language advancements have taken
place.  Encourages forking and pits the different implementations against
one another so that the fittest may survive.  OTOH having a single
platform/toolset dictated discourages contributions.  Yes, java is the most
popular language by many metrics, but that popularity does not translate to
a large pool of passionate volunteers.

> But there are other trends that might favour us, e.g. cheap but powerful
router boxes, Raspberry Pi /
> Arduino hobbyist stuff etc.

Every trend can bring more volunteers passionate about it, so all venues
are worth pursuing :)

zab/topiltzin

On Thu, Oct 15, 2015 at 8:57 PM, Matthew Toseland  wrote:

> On 15/10/15 20:40, Zlatin Balevsky wrote:
> > I first got involved in Freenet when it was 0.2.  At the time it was
> using
> > cutting edge technologies and an contributing was an opportunity to learn
> > valuable skills.  Contributing was fun and that was the driving factor.
> >
> > If Freenet was to start fresh, it should do whatever it takes to regain
> the
> > coolness factor.  That means embracing new tools and technologies even if
> > there is no strict technological advantage in doing so.  For better or
> > worse Java will never be hip with the open-source crowd, and personally,
> > after 10 hours of looking at Java code for my day job the last thing I
> want
> > is to look at more Java code in my free time.  Some exotic new language
> > like Scala or Go or whatever the $COOL_LANGUAGE_DU_JOUR is would be a
> > different story.
> Maybe so, but it means a full rewrite every few years, which we are
> unlikely to have the resources for. Even if we did, it would mean
> throwing out years of hard-won expertise.
>
> Can we make it more attractive to new devs without needing to take such
> a drastic step?
> > Yes this can lead to fragmentation as various contributors veer off each
> > into their own direction; it's the job of the leader to keep things
> > coherent and aligned with the project vision.  It's very easy to
> > underestimate how difficult the job of the leader is.
> Agreed.
> > Lastly, I'd like to point out that mobile is the future - not that I like
> > that a single bit.
> If mobile is the future, we're stuffed. Mobile simply can't do p2p. The
> networks will do everything necessary to stop it, and it drains power,
> storage and above all scarce bandwidth. The only realistic options for
> mobile are pure client nodes ("transient mode"), which is what mobile is
> designed for, or variants on Sneakernet. But there are other trends that
> might favour us, e.g. cheap but powerful router boxes, Raspberry Pi /
> Arduino hobbyist stuff etc.
> > zab/topiltzin
>
>
> ___
> Devl mailing list
> Devl@freenetproject.org
> https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
>
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Project Status

[Arne Babenhauserheide]

Am Donnerstag, 15. Oktober 2015, 11:48:14 schrieb Dan Roberts:
> Regarding fundraising, perhaps it's time to reconsider Patreon,
> Gratipay, and/or Bountysource?

We’re at bountysource now, since they now offer Salt: monthly pay
instead of bounties. https://www.bountysource.com/teams/freenet

I added it, but it isn’t consensus whether we want to keep using it.

Patreon would be great, too. It only works for people who provide
consistent work, and I can’t currently do that. It could be a good fit
for Steve, though.

Best wishes,
Arne


signature.asc
Description: This is a digitally signed message part.
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Project Status

[Arne Babenhauserheide]

Am Donnerstag, 15. Oktober 2015, 18:33:15 schrieb Florent Daigniere:
> On Wed, 2015-10-14 at 14:22 -0500, Ian Clarke wrote:
> > I think it's time for us all to take a step back and have a serious
> > conversation about where we are, and where we are going.
> > 
> 
> Sounds good. So let's sum it up:
> 
> Yesterday we thought we were in a world where we didn't need Freenet
> and where we couldn't possibly face a passive global adversary.
> 
> Today we know that we need Freenet more than ever... and that we face
> at least one active, global adversary.
> 
> Is "pretending that Opennet can work" still the official project's
> line?

I’ve been saying for quite some time “Opennet is what we need to make
it possible for users to join, Darknet is where we want them as soon
as possible”. And I did not hear anyone argumenting against that. Not
in the past year.

I’m actively using Darknet features so I see where they
suck. Node-to-Node messages are pretty cool, but plagued by usability
issues. And the one thing we need to spread Darknet has been living in
plan-land for years: Darknet invites which connect automatically (via
one-time tokens).

I want to be able to give every one of my friends a USB stick with a
Freenet installer which auto-connects to my Freenet node or my
friends. We have everything needed for that — except for the actually
important code (one-time tokens + FOAF-connecting).

Though, to stop the complaining, I didn’t manage to do that myself
either. I have sufficient skills for that nowadays, just the free
creative time is missing.

Best wishes,
Arne


signature.asc
Description: This is a digitally signed message part.
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Project Status

[Florent Daigniere]

On Wed, 2015-10-14 at 14:22 -0500, Ian Clarke wrote:
> I think it's time for us all to take a step back and have a serious
> conversation about where we are, and where we are going.
> 

Sounds good. So let's sum it up:

Yesterday we thought we were in a world where we didn't need Freenet
and where we couldn't possibly face a passive global adversary.

Today we know that we need Freenet more than ever... and that we face
at least one active, global adversary.

Is "pretending that Opennet can work" still the official project's
line?

Florent

signature.asc
Description: This is a digitally signed message part
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Project Status

[xor]

On Thursday, October 15, 2015 06:33:15 PM Florent Daigniere wrote:
> Is "pretending that Opennet can work" still the official project's
> line?

What is it you request here?
A) Remove Opennet?
B) Keep Opennet but improve Darknet features? This could be things such as 
finishing the code to establish connections to friends of friends.

If it is A:

Is pretending that average humans will know enough Freenet users to make pure 
Darknet work a reasonable estimate?

Is it acceptable to limit freedom of speech to those who have many friends? 
Users for sure won't accept modem speed in the age of upcoming GBit cellphone 
networks.

Is it acceptable to limit freedom of speech to those who want perfect 
security; instead of also providing it to those who accept medium security?

Isn't it enough that we allow people to disable Opennet if they don't want it?

Isn't "pretending that Opennet can work" already proven since it in fact does 
work? I haven't heard of people get legally convicted thanks to Opennet 
security issues.


If it is B:

Yes, it'd be nice to improve Darknet.
I think finishing the FOAF code would be a good idea, given that it is half-
finished already anyway.
However, I think we've spent too much time upon core work while neglecting 
deployment (Debian packages) and client applications; so this should only be 
done if a volunteer steps up to do it, not something which we can do with the 
limited funds we have.


signature.asc
Description: This is a digitally signed message part.
___
Devl mailing list
Devl@freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Project Status

[Dan Roberts]

Hi Everyone,
Regarding fundraising, perhaps it's time to reconsider Patreon,
Gratipay, and/or Bountysource? Personally, I think Patreon may be
promising. Afaict it has the largest volume of funding. Somehow the public
has found money to support lots of silly entertainment projects on a
recurring basis (not to denigrate those projects). With the right pitch, by
appealing to privacy concerns and freedom of expression, I think Freenet
has a chance of capturing funding through that platform. Funding software
seems to be a difficult proposition to users in general, but it can be done.

I doubt these would be sufficient to pay for development but they could
keep the lights on. Obviously these suggestions are just suggestions, but
from my quick perusal of the archives, it didn't look like Patreon or
Gratipay have received serious consideration, and bountysource appeared to
be more or less ruled out (but bountysource has changed enough to warrant
reconsideration too?).

If there's interest in any of these options, but lack of time, perhaps I
could contribute in that capacity by writing first passes of the requisite
campaigns, since I doubt I'll be up-to-speed on the code base any time soon.

Cheers,
Dan

On Thu, Oct 15, 2015 at 8:41 AM, Matthew Toseland  wrote:

> On 15/10/15 00:53, Hunter Poe wrote:
> > Hi, there
> >
> >
> >
> >  I have been a user of Freenet for several years now, and am at this
> point
> > still a pretty junior develop, but finally feel my capabilities have
> > advanced to the point where I would feel comfortable starting to do some
> > work with Freenet and contributing my, albeit limited, skills.
> >
> >  As consequence of this I have been following the mailing list a little
> > more closely the past week or two and it seems to me that one of the big
> > issues is as Ian pointed out Freenet is rather aged, and so are many of
> the
> > development methodologies, tools, and libraries, and it appears in
> > consequence of that, as well as several other hurdles, have made it
> > difficult for developers to join in the work.
> >
> >  This has resulted in a state where as Ian stated, we are basically
> running
> > in maintenance mode with a backlog of bugs, and trying to keep things
> > mostly working. Which at least in my limited experience is often one of
> the
> > less exciting tasks in a developers life. In addition because Freenet has
> > been able to stand so long on its own (15 years is quite the lifetime for
> > an application) but has resulted in numerous patches, and as Brookes
> points
> > out in the “Mythical Man Month” that when we fix a bug we end up just
> > introducing more bugs that are subtler.
> >
> >  It seems to me that the best way to revitalize Freenet would be to
> > re-architect and rebuild Freenet, starting with documenting how Freenet
> is
> > actually working according to the code. I have found in my rather limited
> > experience that often times when I am forced to verbalize or articulate
> > what my code is doing can sometimes bring epiphanies that help me make
> > major breakthroughs (source:
> > http://story.fund/post/114720918282/debugging-teddy-bea
> > r). The
> Freenet
> > 2.0 as it were could include a modernized build system, if we are
> concerned
> > about pulling down insecure dependencies we could look at creating our
> own
> > Freenet specific libraries that although this would cause us to reinvent
> > the wheel in some cases it could also help us reevaluate the need for the
> > specific component reducing software bloat, and give us the guarantee of
> > security. We could also move to a more compartmentalized and separated
> > model for Freenet, separating the deamon, and clients, changing the way
> we
> > handle plugins. As well as standardizing testing and development
> > procedures.
> >
> >  An expanded and more concise documentation and a modernization of build
> > tools could lower the bar for entry for new developers which would in
> turn
> > cascade into more devs contributing.
> >
> >  Ultimately we may need to make sacrifices in philosophical purity,  and
> > some compromises on how we want to handle certain aspects of our
> > development or methodology in order to ensure the continued survival of
> > Freenet, because regardless of how secure Freenet is, or how well the
> > source code has been vetted, or how much we trust the repositories we are
> > pulling from. If no one is running it because it has become to kludgy or
> > unwieldy to use or run, we are failing at our fundamental mission of
> > providing secure, anonymous, censorship resistant communication.
> >
> >
> >  Like I said I am still a fairly inexperienced and junior developer and
> > could be quite off base, but these are just my thoughts. I think the
> other
> > option we could do is just send the entire code base and administration
> and
> > everything else over to the NSA and the FBI and ask them to 

Re: [freenet-dev] Project Status

[Hunter Poe]

Hi, there



 I have been a user of Freenet for several years now, and am at this point
still a pretty junior develop, but finally feel my capabilities have
advanced to the point where I would feel comfortable starting to do some
work with Freenet and contributing my, albeit limited, skills.

 As consequence of this I have been following the mailing list a little
more closely the past week or two and it seems to me that one of the big
issues is as Ian pointed out Freenet is rather aged, and so are many of the
development methodologies, tools, and libraries, and it appears in
consequence of that, as well as several other hurdles, have made it
difficult for developers to join in the work.

 This has resulted in a state where as Ian stated, we are basically running
in maintenance mode with a backlog of bugs, and trying to keep things
mostly working. Which at least in my limited experience is often one of the
less exciting tasks in a developers life. In addition because Freenet has
been able to stand so long on its own (15 years is quite the lifetime for
an application) but has resulted in numerous patches, and as Brookes points
out in the “Mythical Man Month” that when we fix a bug we end up just
introducing more bugs that are subtler.

 It seems to me that the best way to revitalize Freenet would be to
re-architect and rebuild Freenet, starting with documenting how Freenet is
actually working according to the code. I have found in my rather limited
experience that often times when I am forced to verbalize or articulate
what my code is doing can sometimes bring epiphanies that help me make
major breakthroughs (source:
http://story.fund/post/114720918282/debugging-teddy-bea
r). The Freenet
2.0 as it were could include a modernized build system, if we are concerned
about pulling down insecure dependencies we could look at creating our own
Freenet specific libraries that although this would cause us to reinvent
the wheel in some cases it could also help us reevaluate the need for the
specific component reducing software bloat, and give us the guarantee of
security. We could also move to a more compartmentalized and separated
model for Freenet, separating the deamon, and clients, changing the way we
handle plugins. As well as standardizing testing and development
procedures.

 An expanded and more concise documentation and a modernization of build
tools could lower the bar for entry for new developers which would in turn
cascade into more devs contributing.

 Ultimately we may need to make sacrifices in philosophical purity,  and
some compromises on how we want to handle certain aspects of our
development or methodology in order to ensure the continued survival of
Freenet, because regardless of how secure Freenet is, or how well the
source code has been vetted, or how much we trust the repositories we are
pulling from. If no one is running it because it has become to kludgy or
unwieldy to use or run, we are failing at our fundamental mission of
providing secure, anonymous, censorship resistant communication.


 Like I said I am still a fairly inexperienced and junior developer and
could be quite off base, but these are just my thoughts. I think the other
option we could do is just send the entire code base and administration and
everything else over to the NSA and the FBI and ask them to start
maintaining them, I’m sure they would totally dig that. ;)


Sincerely,

A concerned citizen opposed to a surveillance state.

On Wed, Oct 14, 2015 at 5:44 PM Steve Dougherty  wrote:

> On 10/14/2015 03:22 PM, Ian Clarke wrote:
> > I think it's time for us all to take a step back and have a serious
> > conversation about where we are, and where we are going.
> >
> > Our current bank account balance is US$1,184.32, our current PayPal
> balance
> > is $1,201.60.
> >
> > Even at Xor's very low hourly rate (he could get a lot more commercially
> > given his skillset - which we should all appreciate him for) this is less
> > than 100 hours of remaining availability.  He needs to prepare for
> finding
> > an alternate income source.
>
> Agreed.
>
> > We have a new website in the works, which is great, and many people have
> > been working valiantly to support the project, but it's hard to escape
> the
> > feeling that we're almost in a "maintenance mode".   The problem with
> that
> > is that you just can't generate enough excitement to attract funding in
> > that situation.
>
> It's true that with a small handful of part-time and almost entirely
> volunteer developers the project has moved very slowly. I can say that
> when I talk with people at cryptoparties about Freenet they are
> generally interested, but that has yet to result in anyone contributing
> code. In addition to the things you mentioned in "Behind the times,"
> another thing that doesn't help is messy code keeps some developers from
> joining the project, but we'd need developers to 

[freenet-chat] Re: [freenet-dev] Project status update, and request for your help

[Matthew Toseland]

On Fri, Sep 16, 2005 at 07:48:02PM +0100, Michael Rogers wrote:
> Matthew Toseland wrote:
> 
> >Ouch, that is serious. They are using the definition from the Terrorism
> >Act 2000?
> >
> Looks like it - see page 15 of this PDF:
> 
> http://www.homeoffice.gov.uk/docs4/Print-02C.PDF
> 
> I guess we have to be careful what we say about the Great Firewall from 
> now on. Ho hum.

ROFL, seeking to hack the Great Firewall a criminal offence in the UK!
> 
> Michael
-- 
Matthew J Toseland - toad at amphibian.dyndns.org
Freenet Project Official Codemonkey - http://freenetproject.org/
ICTHUS - Nothing is impossible. Our Boss says so.
-- next part --
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: 

Re: [freenet-dev] Project status update, and request for your help

[Ed Tomlinson]

On Thursday 15 September 2005 07:21, Matthew Toseland wrote:
 On Wed, Sep 14, 2005 at 08:44:44PM -0400, Ed Tomlinson wrote:
  On Wednesday 14 September 2005 17:08, Matthew Toseland wrote:
  
   I'd like to talk to them. I am told that there is much going on on the
   Frost boards, and we have seen some new apps e.g. pm4pigs, but people
   seem to avoid talking directly to us for some reason.. probably this
   would be helped by working freemail integrated into the lists, some sort
   of CVS replacement that works over freenet, etc.
  
  Take a look at git.  Its file store is immutable and its all open source.  
  IMHO
  cvs is g*e.  Something like git should be easily adaptable to freenet 
  and
  makes a better source control system to boot.
 
 Preferable to arch? We would obviously want something where everyone has
 a full copy of the repository, if possible...

When the Linux kernel switched to git lots of performance testing was done.  
With
large projects the existing systems were just too slow.  Some have improved 
since but
git has just got faster...

The major problem with git from a freenet pov is that it is unix only so far.  
There is
Mercurial (http://www.selenic.com/mercurial/wiki/index.cgi) which was started at
the same time as git with the same goals.  There is a windows version and it is 
being
used by the Xen project.  From what I understand its storage model is not quite 
as
freenet friendly as (unpacked) git.  Either of these managers would make 
distributed
development easier.

Ed
___
Devl mailing list
Devl@freenetproject.org
http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Project status update, and request for your help

[Ian Clarke]

On 17 Sep 2005, at 12:36, Ed Tomlinson wrote:
The major problem with git from a freenet pov is that it is unix  
only so far.  There is
Mercurial (http://www.selenic.com/mercurial/wiki/index.cgi) which  
was started at
the same time as git with the same goals.  There is a windows  
version and it is being
used by the Xen project.  From what I understand its storage model  
is not quite as
freenet friendly as (unpacked) git.  Either of these managers would  
make distributed

development easier.


Subversion seems like the obvious choice to me.  It was created by  
the same people that created CVS, and thus switching to it should  
cause minimal disruption.  It has cross platform support, and there  
is a Subversion plugin for Eclipse.  I have personally used  
Subversion on a number of projects and have no complaints about it.


Ian.

___
Devl mailing list
Devl@freenetproject.org
http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/devl

[freenet-chat] Re: [freenet-dev] Project status update, and request for your help

[Michael Rogers]

Matthew Toseland wrote:

>Ouch, that is serious. They are using the definition from the Terrorism
>Act 2000?
>
Looks like it - see page 15 of this PDF:

http://www.homeoffice.gov.uk/docs4/Print-02C.PDF

I guess we have to be careful what we say about the Great Firewall from 
now on. Ho hum.

Michael

[freenet-chat] Re: [freenet-dev] Project status update, and request for your help

[Matthew Toseland]

Interesting URL, I had seen some of that before...

Don't terrorist investigations require that an organization be already
proscribed? That is the main restraint on the more serious powers in the
2000 Act - proscription of an organization requires a vote in parliament.

The new powers then become rather alarming... according to the media,
the offence is that you said something that a reasonable person might
interpret as glorification of a terrorist act. If a terrorist act is
defined as broadly as in the 2000 Act, this could be anything from
motorway sabotage to GM crop destruction to hacktivism to the firemens'
strike a couple years back.

On Fri, Sep 16, 2005 at 03:44:00PM +0100, Michael Rogers wrote:
> Jei wrote:
> 
> >Clarke's draft bill proposes new offence of glorification 
> 
> It's also worth noting that the British definition of terrorism is 
> extremely broad, covering politically-motivated vandalism and computer 
> crime. So glorifying those things would also be illegal.
> 
> http://www.magnacartaplus.org/bills/terrorism/#definition
> 
> Cheers,
> Michael
-- 
Matthew J Toseland - toad at amphibian.dyndns.org
Freenet Project Official Codemonkey - http://freenetproject.org/
ICTHUS - Nothing is impossible. Our Boss says so.
-- next part --
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: 

[freenet-chat] Re: [freenet-dev] Project status update, and request for your help

[Matthew Toseland]

Ouch, that is serious. They are using the definition from the Terrorism
Act 2000?

On Fri, Sep 16, 2005 at 03:44:00PM +0100, Michael Rogers wrote:
> Jei wrote:
> 
> >Clarke's draft bill proposes new offence of glorification 
> 
> It's also worth noting that the British definition of terrorism is 
> extremely broad, covering politically-motivated vandalism and computer 
> crime. So glorifying those things would also be illegal.
> 
> http://www.magnacartaplus.org/bills/terrorism/#definition
> 
> Cheers,
> Michael
-- 
Matthew J Toseland - toad at amphibian.dyndns.org
Freenet Project Official Codemonkey - http://freenetproject.org/
ICTHUS - Nothing is impossible. Our Boss says so.
-- next part --
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: 

[freenet-chat] Re: [freenet-dev] Project status update, and request for your help

[Michael Rogers]

Jei wrote:

> Clarke's draft bill proposes new offence of glorification 

It's also worth noting that the British definition of terrorism is 
extremely broad, covering politically-motivated vandalism and computer 
crime. So glorifying those things would also be illegal.

http://www.magnacartaplus.org/bills/terrorism/#definition

Cheers,
Michael

[Tech] Re: [freenet-dev] Project status update, and request for your help

[Matthew Toseland]

On Thu, Sep 15, 2005 at 09:03:14PM -0400, S M wrote:
> > 
> > I'd like to talk to them. I am told that there is much going on on the
> > Frost boards, and we have seen some new apps e.g. pm4pigs, but people
> > seem to avoid talking directly to us for some reason.. probably this
> > would be helped by working freemail integrated into the lists, some sort
> > of CVS replacement that works over freenet, etc.
> 
> If there was a freemail and CVS over Freenet that would be good. Anonymous 
> email (freemail) might be a killer application, like hushmail but even 
> better security.

Well not CVS as such, probably Arch or some Git derivative. Something
that's fully distributed, where everyone has a full repository.

Oh and third party bundles are a good idea, yes.
-- 
Matthew J Toseland - toad at amphibian.dyndns.org
Freenet Project Official Codemonkey - http://freenetproject.org/
ICTHUS - Nothing is impossible. Our Boss says so.
-- next part --
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: 

[Tech] Re: [freenet-dev] Project status update, and request for your help

[Caco Patane]

What about Darcs?

http://abridgegame.org/darcs/

On 9/16/05, Matthew Toseland  wrote:
> On Thu, Sep 15, 2005 at 09:03:14PM -0400, S M wrote:
> > >
> > > I'd like to talk to them. I am told that there is much going on on the
> > > Frost boards, and we have seen some new apps e.g. pm4pigs, but people
> > > seem to avoid talking directly to us for some reason.. probably this
> > > would be helped by working freemail integrated into the lists, some sort
> > > of CVS replacement that works over freenet, etc.
> >
> > If there was a freemail and CVS over Freenet that would be good. Anonymous
> > email (freemail) might be a killer application, like hushmail but even
> > better security.
> 
> Well not CVS as such, probably Arch or some Git derivative. Something
> that's fully distributed, where everyone has a full repository.
> 
> Oh and third party bundles are a good idea, yes.
> --
> Matthew J Toseland - toad at amphibian.dyndns.org
> Freenet Project Official Codemonkey - http://freenetproject.org/
> ICTHUS - Nothing is impossible. Our Boss says so.
> 
> 
> -BEGIN PGP SIGNATURE-
> Version: GnuPG v1.4.1 (GNU/Linux)
> 
> iD8DBQFDKtILHzsuOmVUoi0RAoqmAJ936+id0ewOGfMe22g4tOz/A/+znACfW5en
> 1eks7W5L51q7iZkL9d7nAKY=
> =ODgB
> -END PGP SIGNATURE-
> 
> 
> ___
> Devl mailing list
> Devl at freenetproject.org
> http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/devl
> 
> 


-- 
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GIT dpu s:-- a-- C++ UL+++ P-- L++ E--- W+++ N o-- K- w---
O M V- PS+++ PE-- Y+ PGP t+ 5-- X+ R+++ tv-- b++ DI-- D++
G++ e h+ r-- y**
--END GEEK CODE BLOCK--

[freenet-chat] Re: [freenet-dev] Project status update, and request for your help

[Jei]

On Wed, 14 Sep 2005, S M wrote:

> Freenet is starting to look invigorated which is good. There seems to be a
> slow crackdown on freedom of speech such as against blogging in Iran and the
> army / police preventing reporters from taking picture of Katrina's
> aftermath. Thus I am sure people would agree the need for a Freenet has been
> growing over time.

The British seem to be anxiously cracking down on freedom of speech as 
well..

http://politics.guardian.co.uk/terrorism/story/0,15935,1571350,00.html?=rss

Clarke's draft bill proposes new offence of glorification

? Defendants found guilty could face five years in jail
? Liberty warns loose talk will become a criminal act

Alan Travis and Rosie Cowan
Friday September 16, 2005
The Guardian

The government's proposed anti-terrorism laws published yesterday are so 
widely drawn that anyone who "glorifies, exalts or celebrates" any 
terrorist act committed over the past 20 years could face a sentence of up 
to five years in prison.

But the small print of the draft terrorism bill published yesterday shows 
that the home secretary is preparing to go even further and draw up a list 
of historical terrorist acts which if "glorified" could mean a criminal 
offence being committed.

  A Home Office spokeswoman said 9/11 was such an example; it would become 
a "listed event", the appropriate ban lasting longer than 20 years. 
However, the 1916 Irish Easter Rising would be exempt.

Shami Chakrabarti, the director of Liberty, said the offence of 
"glorification" was so broad it meant the home secretary was now acquiring 
powers to determine which historical figures were terrorists and which 
freedom fighters.

The home secretary, Charles Clarke, said the power was needed because the 
"celebration of despicable terrorist acts over the past weeks has only 
served to inflame already sensitive community relations in the UK". But he 
acknowledged that the proper exercise of freedom of speech meant the 
offence had to be carefully drawn. His proposals came as it emerged that 
the Crown Prosecution Service was preparing guidelines for 
"intelligence-only" interviews, whereby terrorism suspects could give 
information which would not be used against them. Senior prosecutors are 
convinced that this, plus other measures such as intercept evidence and 
plea bargaining, would strengthen their hand against international 
terrorism and organised crime.

The CPS set up a dedicated counter-terrorism division in May. The crucial 
timing of terror-related arrests, when there is evidence to prosecute but 
before an atrocity happens, means that specialist prosecutors now liaise 
closely with police and security services from the start of inquiries. But 
prosecutors believe that formalising intelligence-only interviews could 
persuade suspects to turn informant.

The anti-terror proposals published yesterday also contain a criminal 
offence of "dissemination of terrorist publications", which the home 
secretary said was aimed at radical material distributed by extremist 
bookshops.

"We wish to make it clear that it shall be illegal to disseminate both 
material that may incite terrorism, and material that may be of use to 
terrorists, such as training guides," Mr Clarke said in a letter to the 
shadow home secretary, David Davis, and to his counterpart, the Liberals' 
Mark Oaten. An earlier draft of the letter made clear that powers allowing 
the police "to close down places of worship used to foment extremism" had 
been dropped.

Two other measures outlined by the prime minister - refusal of asylum to 
anyone who connected with terrorism anywhere in the world, and a maximum 
time limit on extradition cases - were also absent from yesterday's 
package.

But the cross-party consensus on anti-terrorism legislation is likely to 
be put under strain by the decision to push ahead with plans to extend the 
time, from 14 days to up to three months, for the time that suspects can 
be held without charge The draft bill says the police will have to apply 
to a district judge for an extension every seven days.

Both the Conservatives and the Liberal Democrats voiced strong concern 
about this proposal yesterday and an earlier draft of Mr Clarke's letter 
revealed that even he was not fully convinced. Mr Davis said he welcomed 
the package but his party was concerned about the three months of 
detention. Mr Oaten said the proposal was "totally unacceptable".

Liberty said the draft bill would reintroduce internment and make loose 
talk a criminal offence. Justice, the all-party law reform group, said the 
proposed offences were largely redundant and the extension for detention 
was excessive.

Clampdown and controls

Encouraging and glorifying terrorism: Two offences, carrying a jail 
sentence of up to seven years. Covers published statements, including 
internet ones, which amount to the "direct or indirect encouragement" of 
terrorist acts or those which "glorify, exalt, or celebrate" such 

Re: [freenet-chat] Re: [freenet-dev] Project status update, and request for your help

[Matthew Toseland]

Interesting URL, I had seen some of that before...

Don't terrorist investigations require that an organization be already
proscribed? That is the main restraint on the more serious powers in the
2000 Act - proscription of an organization requires a vote in parliament.

The new powers then become rather alarming... according to the media,
the offence is that you said something that a reasonable person might
interpret as glorification of a terrorist act. If a terrorist act is
defined as broadly as in the 2000 Act, this could be anything from
motorway sabotage to GM crop destruction to hacktivism to the firemens'
strike a couple years back.

On Fri, Sep 16, 2005 at 03:44:00PM +0100, Michael Rogers wrote:
 Jei wrote:
 
 Clarke's draft bill proposes new offence of glorification 
 
 It's also worth noting that the British definition of terrorism is 
 extremely broad, covering politically-motivated vandalism and computer 
 crime. So glorifying those things would also be illegal.
 
 http://www.magnacartaplus.org/bills/terrorism/#definition
 
 Cheers,
 Michael
-- 
Matthew J Toseland - [EMAIL PROTECTED]
Freenet Project Official Codemonkey - http://freenetproject.org/
ICTHUS - Nothing is impossible. Our Boss says so.


signature.asc
Description: Digital signature
___
Devl mailing list
Devl@freenetproject.org
http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-chat] Re: [freenet-dev] Project status update, and request for your help

[Michael Rogers]

Matthew Toseland wrote:


Ouch, that is serious. They are using the definition from the Terrorism
Act 2000?


Looks like it - see page 15 of this PDF:

http://www.homeoffice.gov.uk/docs4/Print-02C.PDF

I guess we have to be careful what we say about the Great Firewall from 
now on. Ho hum.


Michael
___
Devl mailing list
Devl@freenetproject.org
http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/devl

Re: [freenet-dev] Project status update, and request for your help

[S M]

Freenet is starting to look invigorated which is good. There seems to
be a slow crackdown on freedom of speech such as against blogging in
Iran and the army / police preventing reporters from taking picture of
Katrina's aftermath. Thus I am sure people would agree the need for a
Freenet has been growing over time.

A few things I'd recommend and they come from looking at I2P's project
(might as well borrow good ideas when they present themselves):

*More support / communication for developers of applications for Freenet. As jrandom said about I2P/IP/TCP: I2P by itself is pretty useless, but in the way
IP by itself is pretty useless - who cares whether you can send packets
on the internet if you don't have good applications to
send them with?  Freenet is ok, but as much support as is possible
should be given to people interesting in making applications that work
with Freenet. You'll have to talk to the developers of these
applications to see what their needs are, many are coming back so it
can be a good time to ask them.

*Applications more easily found or included with Freenet. I2P appears,
and correct me if I am wrong, to be including software bundled with it
such as their anonymous blogging software (Syndie) and other
useful software (anonymous data storage, organizers, mail etc. etc.).
If the goal is helping people communicate anonymously then you don't
scatter relevant applications all over the place and make them hunt for
them.

*Support for 0.5, don't but all the eggs on one basket. I expect 0.5 to
be around for a few more years, it would be good if 0.5 wasn't
abandoned (which no on said it was) but it would be good to confirm
that 0.5 will be supported. Once people see that 0.7 is good, if it is
good, then they will move there but shouldn't be forced (antiforbidden
fruit syndrome, you force someone to do something (even if they would
have normally like it) they will predisposed to reject it.)

*Communication (Meetings, forums, request board, road map). A forum
would be good where people could discuss instead of just a mailing list
(I2P has one if you want to look at their setup, looks like Slyck's).
Since Freenet is on sourceforge, and their system isn't that bad, their
forums can be used. As well SF's request system seems to work well and
using a request system would hopefully reframe the communication from
Freenet lacks this, it sucks, why doesn't this work to more
productive I would like to request this, can the developers of Freenet
add this, does anyone want to work on adding this feature with me with
a sourceforge request board. A bug board (SF also has it) would be good
too.

Very good work,

SM
On 9/14/05, Ian Clarke [EMAIL PROTECTED] wrote:
It has been quite some time since I last sent a status update to themailing lists.This is an exciting time for the project, we are essentiallyrewriting Freenet from the ground up, embracing that which has
worked, and throwing out that which hasn't.Furthermore, we arefundamentally improving Freenet's security, functionality, andusability.Version 0.7 of Freenet aims to create a scalable darknet, where
users only connect directly to other users they know and trust. Thepurpose of this change is to protect users who may be placed at risksimply by using the software, irrespective of what they are using itfor.
In this new approach, only people you choose to connect to will knowthat you are running the software. Previous attempts at dark P2Pnetworks, such as WASTE, have been limited to relatively small
disconnected networks, allowing you to exchange information with afew of your friends, not beyond that.The core innovation in Freenet 0.7 will be to allow a globallyscalable darknet, capable of supporting millions of users, nobody has
ever achieved anything like this before. This is made possible by theobservation that human relationships tend to form small-worldnetworks, a property that can be exploited to find short pathsbetween any two people. The work is based ona talk given at DEFCON
13 in July by Oskar Sandberg and myself [1].Other modifications include switching from TCP to UDP, which allowsUDP hole punching along with faster transmission of messages betweenpeers in the network.This will greatly simplify the task of getting
a Freenet node up and running, our goal is that you run the software,and it just works, with no mucking around with firewalls orcomplicated configuration files.We have learned much over the past few years.One of those things is
that it is difficult to simultaneously do experimental research,while at the same time deploying a working usable piece of software.As a result, 0.7 will in may ways be a simplification of Freenet,sticking more closely to that which we know works, and for which
there is a strong mathematical basis, and leaving the more far outideas to the academic community.Having said that, from the user's perspective 0.7 will havesignificant new functionality.While previously Freenet only
supported the insertion and retrieval 

Re: [freenet-dev] Project status update, and request for your help

[Matthew Toseland]

On Wed, Sep 14, 2005 at 01:29:13PM -0400, S M wrote:
 Freenet is starting to look invigorated which is good. There seems to be a 
 slow crackdown on freedom of speech such as against blogging in Iran and the 
 army / police preventing reporters from taking picture of Katrina's 
 aftermath. Thus I am sure people would agree the need for a Freenet has been 
 growing over time.
 
 A few things I'd recommend and they come from looking at I2P's project 
 (might as well borrow good ideas when they present themselves):
 
 *More support / communication for developers of applications for Freenet. As 
 jrandom said about I2P/IP/TCP: I2P by itself is pretty useless, but in the 
 way IP by itself is pretty useless - who cares whether you can send packets 
 on the internet if you don't have good applications to send them with?  
 Freenet is ok, but as much support as is possible should be given to people 
 interesting in making applications that work with Freenet. You'll have to 
 talk to the developers of these applications to see what their needs are, 
 many are coming back so it can be a good time to ask them.

I'd like to talk to them. I am told that there is much going on on the
Frost boards, and we have seen some new apps e.g. pm4pigs, but people
seem to avoid talking directly to us for some reason.. probably this
would be helped by working freemail integrated into the lists, some sort
of CVS replacement that works over freenet, etc.
 
 *Applications more easily found or included with Freenet. I2P appears, and 
 correct me if I am wrong, to be including software bundled with it such as 
 their anonymous blogging software (Syndie) and other useful software 
 (anonymous data storage, organizers, mail etc. etc.). If the goal is helping 
 people communicate anonymously then you don't scatter relevant applications 
 all over the place and make them hunt for them.

We cannot bundle Frost for political reasons. And in general it is a bad
thing to include code you can't support or debug.
 
 *Support for 0.5, don't but all the eggs on one basket. I expect 0.5 to be 
 around for a few more years, it would be good if 0.5 wasn't abandoned (which 
 no on said it was) but it would be good to confirm that 0.5 will be 
 supported. Once people see that 0.7 is good, if it is good, then they will 
 move there but shouldn't be forced (antiforbidden fruit syndrome, you force 
 someone to do something (even if they would have normally like it) they will 
 predisposed to reject it.)

They can do what they want. But I won't spend significant time debugging
0.5.
 
 *Communication (Meetings, forums, request board, road map). A forum would be 
 good where people could discuss instead of just a mailing list (I2P has one 
 if you want to look at their setup, looks like Slyck's).

And the difference is...?

 Since Freenet is on 
 sourceforge, and their system isn't that bad, their forums can be used.

We used to have forums, IIRC they were used very rarely.

 As 
 well SF's request system seems to work well and using a request system would 
 hopefully reframe the communication from Freenet lacks this, it sucks, why 
 doesn't this work to more productive I would like to request this, can the 
 developers of Freenet add this, does anyone want to work on adding this 
 feature with me with a sourceforge request board. A bug board (SF also has 
 it) would be good too.

Same as above.
 
 Very good work,
 
 SM
 
 
 On 9/14/05, Ian Clarke [EMAIL PROTECTED] wrote:
  
  It has been quite some time since I last sent a status update to the
  mailing lists.
  
  This is an exciting time for the project, we are essentially
  rewriting Freenet from the ground up, embracing that which has
  worked, and throwing out that which hasn't. Furthermore, we are
  fundamentally improving Freenet's security, functionality, and
  usability.
  
  Version 0.7 of Freenet aims to create a scalable darknet, where
  users only connect directly to other users they know and trust. The
  purpose of this change is to protect users who may be placed at risk
  simply by using the software, irrespective of what they are using it
  for.
  
  In this new approach, only people you choose to connect to will know
  that you are running the software. Previous attempts at dark P2P
  networks, such as WASTE, have been limited to relatively small
  disconnected networks, allowing you to exchange information with a
  few of your friends, not beyond that.
  
  The core innovation in Freenet 0.7 will be to allow a globally
  scalable darknet, capable of supporting millions of users, nobody has
  ever achieved anything like this before. This is made possible by the
  observation that human relationships tend to form small-world
  networks, a property that can be exploited to find short paths
  between any two people. The work is based on a talk given at DEFCON
  13 in July by Oskar Sandberg and myself [1].
  
  Other modifications include switching from TCP to UDP, which allows
  UDP hole 

Re: [freenet-dev] Project status update, and request for your help

[Matthew Toseland]

I vaguely remembered the name but not specifics.

On Wed, Sep 14, 2005 at 11:31:56PM +0100, Volodya Mozhenkov wrote:
 Matthew Toseland wrote:
 What's fuqt?
 
 I just lost all respect i had for you after that question... (smile i'm 
 kidding), but you should keep track of the applications that use freenet 
 closer than that.
 
 https://sourceforge.net/projects/fuqt
 
 Basically think FUQID for Linux.
-- 
Matthew J Toseland - [EMAIL PROTECTED]
Freenet Project Official Codemonkey - http://freenetproject.org/
ICTHUS - Nothing is impossible. Our Boss says so.


signature.asc
Description: Digital signature
___
Devl mailing list
Devl@freenetproject.org
http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/devl