On Saturday 03 May 2008 01:58, Jim Cook wrote: > At 01:11 PM 4/30/2008, Matthew Toseland wrote: > > >* PGP Signed by an unknown key > > > >On Wednesday 30 April 2008 00:27, Jim Cook wrote: > > > At 06:18 AM 4/29/2008, Matthew Toseland wrote: > > > > > > >> Old Signed by an unknown key > > > > > > > >On Tuesday 29 April 2008 03:44, Jim Cook wrote: > > > > > Thank you again, Matthew (and Volodya) for your patience with my > > > > > naive questions. Regarding the Firefox issue, I've found a Win BAT > > > > > file <http://www.mouserunner.com/FF_Tips_Multiple_Fx.html> that > > > > > facilitates running multiple instances with different profiles. > > > > > > > >Running multiple instances with different profiles is trivial, > > the problem > >is > > > >that if you don't want unpleasant surprises you have to change > > the link the > > > >user normally launches FF from to include -no-remote. Which is not > >something > > > >we really want to do... > > > > > > In retrospect, it's trivial. And I get why you've included a freenet > > > Firefox profile and made it difficult to edit. > > > >You mean in that we disable the config related menu items? > > Yes. As I understand it, there are two key issues: (1) users need to > know which browser is accessing Freenet, and which is accessing the > net; and (2) users need to avoid opening 200 connections to public > webservers. Right?
Pretty much. There are also security issues e.g. you should use a separate browser for freenet so that sites you browse on the first one don't know about your freenet browsing (link colors, visible-if-visited attributes etc). > > > > However, given the > > > default "Don't ask at startup" setting in Firefox's profile manager, > > > and the fact that I'd never run multiple profiles, I was blindsided, > > > and thought that Freenet had trashed my Firefox setup. > > > >Yeah, Firefox is a problem. Not using it is a worse problem. Hopefully we can > >find a better solution... > > > > > Now I know to > > > create Firefox shortcuts for my normal and freenet profiles with > > > targets of the form "<path to firefox.exe>" -P <profile name> > > > -no-remote. What's the downside of doing that during Freenet > > > installation? Or, if that's hard to implement, it'd be great to > > > include an explanation of how to do that in the readme or FAQ. > > > >It is difficult to implement. It is also unnecessary if you do what you're > >told! We open a browser window with a page explaining that it's a really bad > >idea to close this page before closing the browser running Freenet ... if you > >close it anyway, Bad Things happen - namely your firefox profile default gets > >reset. > > Yeah, I got that. And I'm not very good at doing what I'm told ;-) > > > > > > I've had a node up on a Win NT box for ca. 24 hours in promiscuous > > > > > mode. It's connected to ca. 20 nodes, and is slow but > > > > > acceptably-responsive. When I'm not browsing, input and output rates > > > > > are 16.1 KiB/sec and 18.6 KiB/sec respectively. Although output > > > > > tends to mirror input, there are frequent output spikes that seem to > > > > > originate from my node. In other words, my node seems to be working. > > <snip> > > My node's been up continuously now for about three days, with ca. 20 > peers, 25.1 KiB/sec average input rate, 27.1 KiB/sec average output > rate (of 50.0 KiB/sec) and 13.9 KiB/sec average payload output rate > (51%). Is that reasonable? With 20 connected/backed off peers? It's a bit low, mine's been a bit low lately too though... > > However, in order to achieve that, I've had to stay logged on Win > NT. If I log off while sleeping or away, which has been my practice, > Freenet appears to keep running (based on network activity) for a > while. However, when I log on the next day, I find that the node > isn't connected to any peers, and also that it won't connect until I > stop and restart it. That is really bizarre. File a bug on https://bugs.freenetproject.org/ . Include wrapper.log and any ERRORs in logs/ ... > > Freenet runs as user ".\freenet", and I get that y'all switched from > running as LocalSystem to improve security <https://bugs.freenetproject.org/view.php?id=1231>. Yes. > Am I correct in > guessing that ".\freenet" is linked to my user account, and so the > Freenet service hangs after I log off? No, it's a separate user. > Could Freenet run safely as > LocalService or NetworkService? No idea. Probably. Would it be better? > > > > > > I have a relatively underutilized Win SBS 2003 server, and I'm > > > > > thinking of setting up a node in Ubuntu/VMware via a dedicated > > > > > physical NIC. And I'm thinking of running in nonpersistent mode, so > > > > > that the node and all traces of its activity are lost when I shut it > > > > > down. Would that be problematic for Freenet, if the node were up for > > > > > at least a few weeks per instance? > > > > > > > >Not if it was online for a reasonable time, although obviously it would be > > > >better for the network if it was just up. > > > > > > Would it be better for the network if I paused it as a snapshot > > > whenever I needed to reboot? I don't reboot often, just as part of > > > installing updates or when messing with hardware. > > > >Why not just restart it each time? The only reason to recreate it on each > >startup is in case the datastore contains something incriminating... > > Although I have no interest in seeing for myself, I gather that > Freenet contains truly awful stuff. If that's so, it's quite likely > that "the datastore contains something incriminating". Right? Yes, but it's encrypted, and you don't have the key. To find the key you would have to go looking for such filth. This provides a reasonable degree of plausible deniability. > But > given that I'm running Freenet, I've obviously accepted that as a > necessary cost of freedom. Also, I get that the datastore is > encrypted, and that I cannot be expected to know what's > there. Conversely, the contents of my download folder are not > encrypted, but arguably I must have put them there intentionally. Right, that's the difference. > > Even so, I'm nervous. Perhaps there are flogs with driveby > downloads. I was thinking of running in nonpersistent mode as an > additional safeguard. But I do appreciate how doing that would > partially defeat Freenet's data routing and retention logic. Anyway, > I'm now thinking that running an encrypted virtual machine may be an > acceptable alternative. Possibly. If it's transient it would be recreated on startup; if it isn't, it would obviously be possible to investigate it if the computer was taken away. > > Thanks again for your contributions and support. This is fun :-) -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available URL: <https://emu.freenetproject.org/pipermail/support/attachments/20080503/ae9742df/attachment.pgp>
