Freenet is indeed safe enough to distribute updates over. However, it is an emergent system, and rapid development (which I hope we are all in favour of at this stage) *requires* that we be able to change the parameters of that emergent system at reasonably short notice. Thus we have mandatory upgrades.
Now, in my view, allowing nodes to upgrade from their peers (having asked all their peers to check the revocation key, and having checked the signature on the binary), is an important step forward, simply because 23% of nodes connected to the ubernode are running incompatible builds. For the same reason the installer (or the post-install web interface setup screen) should ask the user whether they want to auto-update freenet. On Wed, Jul 12, 2006 at 06:47:20AM +0200, Magnus Eriksson wrote: > On Tue, 11 Jul 2006, Ken Snider wrote: > > >Colin Davis wrote: > > >>Wouldn't the easiest way to solve this just be to let the node continue > >>to use the network, at degraded speed? > > Alternatively, at full speed. It could be argued that the majority of > nodes will update anyway, *if it is easy enough*. > > > >But what if one of the reasons for the Mandatory build is that the prior > >client was doing something unhealthy to the network? Or that some > >fundamental routing change was made that causes them to be unable to > >"speak" the same protocol any longer? > > > >That's why I had suggested some form of updates-only protocol that could > >be long-lived. > > Or in other words, "some form of new attack vector that could be hard to > fix". > > > I'm puzzled by the attitude towards this. We have a network designed to > safely disseminate data. Periodically, the node needs to safely fetch > data. I'm sorry, is the solution too obvious? > > Face it. Either the network is good enough (and robust enough) to allow > people to get their updates through the network itself, or it isn't. And > if the developers don't trust the network enough to even distribute > updates to the software, why should I as a user even bother? > > > The fact that this is even an issue (and that the mandatory builds are > so common) should be a cause for any potential user to think twice if > this, that is, Freenet, really is the way to go. > > > > Some sort of disclosure: I do not currently use Freenet. I do like > Freenet though, I think it's the best thing currently available (more or > less..) for anonymous communication and publication. And I would very > much like to use it in the future, if I can. I'm not here to flame. > > > MAgnus > > _______________________________________________ > Tech mailing list > Tech at freenetproject.org > http://emu.freenetproject.org/cgi-bin/mailman/listinfo/tech > -- Matthew J Toseland - toad at amphibian.dyndns.org Freenet Project Official Codemonkey - http://freenetproject.org/ ICTHUS - Nothing is impossible. Our Boss says so. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: Digital signature URL: <https://emu.freenetproject.org/pipermail/tech/attachments/20060712/f962993f/attachment.pgp>
