random babcom
A copy of my freenet site random_babcom, converted via pandoc. Most of the resources on this page are downloaded from Freenet using the inproxy at d6.gnutella2.info/freenet/.
Port-scanning by websites you visit is commonplace now.
See Why is This Website Port Scanning me?
(I got the permission by Charlie Belmer to upload his article into Freenet)
Port-scanning to detect locally running services has become commonplace now. Please use freenet via the proxy method.
Here’s the same as simple script.
Original article about the port-scanning: https://nullsweep.com/why-is-this-website-port-scanning-me/
Rechtsextremisten haben seit 1990 über 190 Menschen ermordet
Sie versuchen immer wieder die Gleichsetzung mit Linksextremisten. Diese Gleichsetzung ist unehrlich, denn Linksextremisten haben seit 1990 niemanden ermordet, Rechtsextremisten dagegen haben seit 1990 über 190 Menschen ermordet.
Die Gleichsetzung von Gruppen, die morden (Rechtsextremisten), mit Gruppen, die nicht morden (Linksextremisten), ist verlogen.
Auf FMS regen sie sich über diese Fakten auf, daher hier nochmal die Quellen:
Gesamtliste der Todesopfer Rechtsextremer Gewalt: https://de.wikipedia.org/wiki/Todesopfer_rechtsextremer_Gewalt_in_der_Bundesrepublik_Deutschland#Gesamtliste Karte: https://www.belltower.news/die-liste-193-todesopfer-rechtsextremer-und-rassistischer-gewalt-seit-1990-36796/ Rechtsextremistische und rechtsterroristische Gewalt in Europa: https://www.bpb.de/politik/extremismus/rechtsextremismus/151753/rechtsextremistische-und-rechtsterroristische-gewalt-in-europa-ein-ueberblick?p=all
Ja, auch Rechtsextreme können Freenet nutzen. Ich werde sie aber weder unterstützen, noch wissentlich mit ihnen zu sprechen. Sie haben zwar das Recht und die Möglichkeit zu reden, aber kein Recht, mich zu zwingen, sie zu hören.
Wer sich schon selbst Rechtsextrem nennt, kann mir gestohlen bleiben.
web 1-2-IoT-AI
I hope this will prove Aral wrong 10 years from now.
Terminal phase: space shooter live development in Scheme/Racket
Make at least three identities
I suggest to anyone to have at least three identities here:
- One official that might or might not carry your real name (this is the one I'm writing from right now, you need to stick to official statements with that one),
- one only your friends know to be you (there you can still write more
or less freely, but you might want to change it from time to time so
accidental doxxing by friends or yourself won't be too big a problem),
and
- one of which no one knows that it's connected to you (there you even have to watch your writing style and avoid all personal topics that could lead someone to you; this is where you can write stuff people might be angry about, for example writing against the close consensous of your community or whistleblowing).
This also applies to Sharesites.
please go and vote
If you live in the EU, please vote. There is real power in elections, please make sure to give your share of that power to people who fight for things you care about.
fetchpull with lifetime plots
I added a small improvement to the fetchpullstats: It now has plots that show the lifetime. They show that large files (bulk = CHK splitfile) live somewhat reliably up to 16 days, small files live reliably up to 32 days (small = SSK splitfile) and tiny files can survive up to 128 days (realtime = raw SSK).
You can see that in the plots: When they get spotty, three separate files have fallen out. Currently the plots do not show when the first files start to fall out.
The EU parliament just adopted uploadfilters
They decided 317-312 not to discuss article 13 individually.
I find no words to describe that.
…
The filtering does not apply to noncommercial platforms yet. Get your friends on Freenet so we can continue to organize in a space they cannot censor at the touch of a button.
If you speak german, please share these cards with all people you know, so we can keep organizing:
writeup about the vulnerability fixed in 1484
Freenet Content Filter Vulnerability
Up to 1483 this vulnerability could result in Firefox asking the user to open an unfiltered file in an external program while skipping the warning typically shown by fproxy that the file might be unsafe.
Big thanks to thesnark/phage for finding it and to operhiem1/Steve for creating an elegant fix!
watch 1484 spread
- 1484 spreading graph
- first for Java 7
- after 1 hour the java 8 key starts
testing release for build 1484
I inserted Freenet build 1484 to the following testing update key.
If
you want to test it, you can use the key as auto-update key (please
remember to switch back tot he official key after testing!):
USK@fXwqbboBEN1s2AEOaxhtya4nh6ASGlrDbcYMlKJZcTI,Xw6DyVWgSkRccUc4XqHPD0St95JjQsC-cPK8rzwjp64,AQACAAE/jar/1483
The build included here is a followup build from several tests already
released as pure jar+sources over the past weeks and has been on
github
since yesterday evening:
https://github.com/freenet/fred/releases/tag/build01484
The planned data was last weekend, and I'm sorry that it got delayed
by
one more week. The release VM only works well enough to release, when
virtualization is enabled in the BIOS so qemu can use KVM. That took
quite a few hours to find out …
If we don't find new blockers, I'll release to the official
auto-update
keys (Java 7 + Java 8) this weekend. After release, please run the
verify-build to ensure that what is released as jar corresponds to the
released sources.
requirements for porting Freenet to mobile phones
It would be great to have Freenet working well on phones or tablets. However for that it has to be adjusted for the very different requirements of the platform:
- Freenet on mobile must only be connected when either both on
wall-power and on wifi, or when the user is actively browsing Freenet.
Otherwise it would drain the battery and bandwidth much too quickly.
And
- It must use a small in-memory store to avoid wearing down the sdcard. That also means that Freenet on mobile will only route and store small amounts of data, but will not store much, because whenever the phone would be shut down for real or get fully empty (which is not that often …), the data would be lost.
If you want to do it, go for it. I'd love to see it.
There's also a longer writeup in the bugtracker. I don't agree with all the requirements (I think not all are a necessary precondition), but it's a good reference anyway: https://freenet.mantishub.io/view.php?id=6765
Saturday 23rd of march are the demonstrations against Article 13
- Amsterdam - Dam square: 5:00 PM
- Arad - Bulevardul Revoluției 75: 1:00 PM
- Athen - Syntagma-Platz: 1:00 PM
- Aussig - Ústecký kraj Pařížská 5: 2:00 PM
- Berlin - Potsdamer Platz: 2:00 PM
- Bielefeld - Hauptbahnhof: 2:00 PM
- Bielsko-Biala - plac Bolesława Chrobrego: 4:00 PM
- Bucharest - Fântâna de la Universitate: 3:00 PM
- Budweis - náměstí Přemysla Otakara II.: 2:00 PM
- Chemnitz - Johannisplatz: 2:00 PM
- Dortmund - Europabrunnen: 2:00 PM
- Dortmund - Friedensplatz: 2:00 PM
- Dresden – Goldener Reiter Dresden: 2:00 PM
- Düsseldorf - Friedrich-Ebert-Straße 34: 1:00 PM
- Dębica - Rynek: 5:00 PM
- Erfurt - Anger: 2:30 PM
- Frankfurt - Paulsplatz: 2:00 PM
- Freiburg - Platz der alten Synagoge: 2:30 PM
- Fürth - Grüner Markt: 1:00 PM
- Gdańsk - Długi Targ: 5:00 PM
- Glasgow - The Donald Dewar Statue, Top of Buchanan Street: 1:00 PM
- Göteborg - Gustav Adolfs torg: 12:00 PM
- Göttingen - Am Nabel: 12:00 PM
- Hamburg - Gänsemarkt: 1:00 PM
- Hannover - Ernst-August-Platz: 11:00 AM
- Helsinki - Senaatintori: 6:00 PM
- Hof - Wörthstr. vor dem Scala: 1:00 PM
- Innsbruck - Annasäule: 1:30 PM
- Jena - Holzmarkt: 2:00 PM
- Karlsruhe - Stephansplatz: 1:30 PM
- Katowice - Rynek: 5:00 PM
- Kiel - Landtag Kiel: 1:00 PM
- Koblenz - Löhrrondell: 1:30 PM
- Krakow - Rynek Glowny: 5:00 PM
- Köln - Neumarkt: 2:00 PM
- Leipzig: 2:00 PM
- Liberec - náměstí Dr. E. Beneše: 2:00 PM
- Lissabon - Praça de Luís de Camões: 5:00 PM
- Ljubljana - Prešernov trg: 12:00 PM
- Luxembourg - Place de l'Europe: 2:00 PM
- Magdeburg - Landtag/Domplatz: 1:00 PM
- Malmö - Sankt Johannesplan: 12:00 PM
- München - Marienplatz: 1:30 PM
- Münster - Servatiiplatz: 1:30 PM
- Nikosia - Πανεπιστήμιο Κύπρου | University Of Cyprus: 1:00 PM
- Osnabrück - Gewerkschaftshaus: 3:00 PM
- Ostrava - Masarykovo náměstí: 2:00 PM
- Plzeň - náměstí Republiky: 2:00 PM
- Potsdam - Luisenplatz: 10:00 AM
- Poznań - Plac Adama Mickewicza: 5:00 PM
- Praha - Palackého náměstí: 2:00 PM
- Ravensburg - Marienplatz: 1:00 PM
- Rostock - Universitätsplatz: 12:00 PM
- Saarbrücken- Tbilisser Platz vor dem Staatstheater: 2:00 PM
- Saloniki - Άγαλμα Μεγάλου Αλεξάνδρου: 2:00 PM
- Salzburg - Hauptbahnhof: 2:00 PM
- Stockholm - Rosenbadsparken: 12:00 PM
- Stuttgart - Rotebühlplatz: 2:00 PM
- Tallinn - Freedom Square: 3:00 PM
- Ulm - Hans-und-Sophie-Scholl-Platz: 3:00 PM
- Villingen-Schwenningen - Latschariplatz: 12:00 PM
- Warsaw - Jasna 14/16: 5:00 PM
- Wałbrzych - plac Magistracki 1: 12:00 PM
- Wien - Christian Broda Platz: 3:30 PM
- Wrocław - Rynek 1: 5:00 PM
- Würzburg - Bahnhofsplatz: 3:00 PM
- Zürich - t.b.a Zentrum: 1:30 PM
- České Budějovice - náměstí Přemysla Otakara II.: 2:00 PM
- Łódź - Plac Wolności: 5:00 PM
Please join them, and pass on the info!
Updates in the clearnet: https://savetheinternet.info/demos
still saving the world tomorrow
Even if you are fighting to save the world, keep in mind that it will still need saving tomorrow. Please stay around. — ArneBab
In life, as in kernels, the most important thing is that the system stays up. — operhiem1 in IRC
new 1484 test jars (pre-6)
A small crowd-funding, RPG, non-freenet, but free licensed
If you want to help out on one of my other projects: I just started a short 3-day crowdfunding to print a free roleplaying game for the German free RPG day on march 23rd 2019.
RPGGeek says about it:
All the rules needed to play the Zettel-RPG, a small universal game system designed to be played with minimal preparation. The rules take a few minutes to read, character generation even less. Simple and portable.
Jens Stengel's photographs of everything from dice to walnut shells provide a refreshingly unorthodox backdrop.
If you want to support that, please join the crowdfunding at https://www.startnext.com/zettel-rpg-grt2019
And remember to also take to the street on march 23rd against Article 13 of the new copyright directive of the EU! Let's combine the German free RPG day with the demonstration and give double meaning to our gathering!
please test 1484 pre1
freenet-build01483-180-g5e5ff7d548-snapshot.jar
freenet-build01483-180-g5e5ff7d548-source.tbz
It should be able to play FLAC songs directly in the browser: infinite-hands-free-software.flac
… and in an audio-tag:
how fetchpullstats avoids a database
As noted on FMS, the old fetchpullstats used quite a powerful database backend to track inserted keys:
The downside to running this kind of thing is having to keep track of eventually many thousands of keys for months at a time while waiting for the trigger to try and fetch them for the first time after 2^n days.
The new fetchpullstats avoids that, since Freenet already provides this information.
The keys are simple KSKs with a long prefix followed by the target retrieval date and the days they were inserted before. Example:
KSK@WwL6-UXTu-sa5n.fAk2-s7kj.5Kp6—2018-11-23-uploaded-008-days-before-using-realtime
Therefore if the current date is 2018-11-23 to check the lifetime of a key inserted 8 days before using realtime mode, I simply request the key above.
The prefix is generated at random (and saved) when the script is run at a place where there is no configured prefix.
That's how I can do this without a database backend. Freenet is a decentralized database and we can avoid a lot of complexity by using that. The state the fetchpullstats keeps is a single KSK prefix along with the measured results (on the order of 100 lines of text per day).
run your own fetchpullstats
If you want to run your own fetchpull stats, too, you can get a snapshot of the code from SSK@P2fn~pFtoAPOeMQ4YZYZMelB2Q6IUHEskj8gGtZN3Vs,lql1C3-YiVgK3KVYf~ClATgNhgMTBb~MkS7NJwbb6KI,AQACAAE/fetchpullstats-d110ae753eaf.tgz
You need to install Guile on a GNU/Linux system, then you can simply run
./fetchpull.w
to collect data (run it daily, for example with a cron-job), and create the site with (needs gnuplot):
./fetchpull.w --site SITENAME ; cp fetchpull*.png SITENAME/
The latter command is only needed because there's still a bug which causes some of the files to have zero length when copied directly from the fetchpull.w script.
new fetchpullstats
I've been direly missing the fetchpullstats by bertm, therefore I decided last weekend to recreate them. They aren't as fancy as the old ones, but all state except for a KSK prefix is stored in Freenet.
Also there's now a multithreaded message-multiplexing Scheme-library for FCP, though with only few message types implemented.
(this is a smaller version of the tool I built which avoids any external dependencies except for Guile)
If the cron-job works out, this should update daily, and in a few weeks time the info should be actually interesting.
watch 1482
with 1481 Windows users had some sever performance problems. The initial workaround for that will be to reduce the peer-count. We got 3 reports that this fixes the problems.
Regarding anonymity, this should have little effect. You have fewer peers that mask HTL18 requests, but it will also be much less likely that an attacker connects to you, and statistical analysis which can theoretically break the HTL18 check will have to cope with much more noise because the fewer peers will reduce the smoothing of data from other peers, so it gets harder to ignore.
(and I have not yet seen any calculation which actually took into account that actual peer-counts are far from homogenous in Freenet)
I plan to insert 1482 tomorrow. You can watch what happens on the following status page. It should keep updating, but the script which creates the site isn't very robust, so no panic if it stops.
verify-build, demystified
Now that we're on gradle, verifying that what I release is actually what's tagged in the source is much easier than before. These instructions are for GNU/Linux, and maybe other *nixes.
Firstoff: to verify 1482 you NEED Java 7 - in general you need the Java version I release with.
Start by downloading the jar: SSK@dLxKiIFKlfhgdgkYNlHoGoSO~KWRYPTkdbWfznZyatg,OwghtrmoY5Mj~1pfUHbo308FHZyTVwXfEXNX5C2EKT8,AQACAAE/jar-1482
Copy it to /tmp/freenet-1482.jar
Then run the following:
failureWarning="FAILED TO VERIFY. If you determine that this failure is not due to build environent differences, then the source files used to build the published version of Freenet are different from the published source files. The build has been compromised. Take care to only run version of Freenet with published, reviewable source code, as compromised versions of Freenet could easily contain back doors."
cd /tmp/ git clone git@github.com:freenet/fred.git cd fred git checkout build01482 ./gradlew jar mv build/libs/freenet.jar ../freenet-built.jar cd .. mkdir unpacked-built unzip freenet-built.jar -d unpacked-built (cd unpacked-built; find -type f) | sort > unpacked-built.list mkdir unpacked-official unzip freenet-1482.jar -d unpacked-official (cd unpacked-official; find -type f) | sort > unpacked-official.list if ! cmp unpacked-official.list unpacked-built.list; then echo FAILED TO VERIFY: Different files in official vs built echo Files in official but not in built are marked as + echo Files in built but not in official are marked with - diff -u unpacked-built.list unpacked-official.list echo "" echo "$failureWarning" fi while read x; do if ! cmp "unpacked-official/$x" "unpacked-built/$x"; then if [[ "$x" = "./META-INF/MANIFEST.MF" ]]; then echo "Manifest file is different; this is expected." echo "Please review the differences:" diff "unpacked-official/$x" "unpacked-built/$x" else echo "File is different: $x" echo "$x" >> "differences" fi fi done < unpacked-official.list if [[ -s "differences" ]]; then echo VERIFY FAILED: FILES ARE DIFFERENT: cat differences echo "" echo "$failureWarning" fi
PS: This is a shorter version of the verify-build script: https://github.com/freenet/scripts/blob/master/verify-build#L169
Test for Freenet 1482 emergency release
This release addresses increased CPU load in 1481 by reducing
the peer-count. The lower number of peers should reduce
the necessary work for routing. Since all nodes reduce their
peercount,
the bandwidth per peer rises, so the speeds should stay the same.
If you give Freenet 100kiB/s upload speed, it will now
request only 13 opennet-peers.
Also 1482 applies the winterfacey theme adaptions by poet.
You can test the winterfacey theme by activating it in
Configuration -> Web interface.
To help with testing 1482, please set the following as your auto-update key:
USK@dLxKiIFKlfhgdgkYNlHoGoSO~KWRYPTkdbWfznZyatg,OwghtrmoY5Mj~1pfUHbo308FHZyTVwXfEXNX5C2EKT8,AQACAAE/jar/1481
This is also available on github as pre-release: https://github.com/freenet/fred/releases/tag/build01482
We especially need testers using Windows, ideally in a setup where Freenet 1481 caused extremely high CPU load.
Freenet 0.7.5 build 1481 released
Freenet 0.7.5 build 1481 is now available
The Freenet Team is proud to release Freenet build 1481, the first
build to be compiled from gradle! This concludes work during the past
two years to make it easier for new developers to start hacking on
Freenet.
Your Freenet node should update itself from Freenet via the auto-update.
This release rekeys the update URIs to ensure they are compliant with
RFC6979. It also splits off java 7 into its own update key for 1482,
so we can use java 8 starting with 1483. The updated keys have been
split into shares using ssss-split and distributed among core
developers to maximize our release management bus factor:
https://en.wikipedia.org/wiki/Bus_factor
We also added the Winterfacey theme and set sky-static as default
theme until Winterfacey got more testing. You can test switch between
themes on Configuration -> Web Interface
Thank you for using Freenet!
And a special thank you to DC* (desyncr) who tracked down an OOM so we
could finally fix it and release after 6 weeks of fruitless search!
- Arne Babenhauserheide, current release manager
Basic Values around the world
I think it is useful to understand that other people value other things than I do. My current best reference of that are the 18 values of the "Lebe Balance" program:
Act | Self | Want |
---|---|---|
Freedom in thinking | Pleasure | Prosperity |
Self-determination | Power | Social prestige |
Variation | Influence | Security |
Tradition | Modesty | Tolerance |
Willingness to adapt | Caring | Justice |
Follow rules | Reliability | Environmental Protection |
These values exist around the world, but the values which give you strength is only a subselection of them: your personal core values. When you act in accord with your values, you are happier and can more easily go forward. Note that you cannot easily change what you value.
When someone does something alien to you, he or she might just put different weights on these values.
Only one of them is prosperity (getting richer).
Freenet World Domination Plan
This is a high-level roadmap.
We had several roadmaps in the past. They focussed on releases and on "when are we done". This one is different. It focusses on visions to find a stronger audience. It does not shun controversial topics and it is not a request for input.
These are the powerful visions I see, ordered alphabetically:
- Beautiful Freenet: Winterfacey by default, clean up UI warts (i.e. first time wizard). Get rid of those UX hurdles which are likely to cost us the most users.
- Hosted Freenet: provide images (i.e. docker) to make it easy to run a Freenet node for all the transparent Freenet stuff which does not need highest security but which should still be available to people who need highest security.
- Icicle Freenet: a crystal seed for darknet via mobile. Try the icicle app. Improve it. Show it. It's how we devs should be able to ping other devs on their mobiles.
- Mobile Freenet: transient nodes without storage which only connect while on wifi and external power (~40% of the time) — and while the user browses. Announcement is fast enough for that nowadays, and median uptime of desktop nodes is lower (only two to four hours).
- Multimedia Freenet: add more content filters and media tools. I want to stream songs over Freenet with <2 minutes delay => m3u + opus + tools to make that easy. Streaming video works well if pre-recorded. Must avoid recently failed.
- Stronger Freenet: Increase security against attackers, i.e. with simple channels to hide activity from directly connected nodes.
- Transparent Freenet: backend to other apps, installed and started on-demand. Makes Freenet available from any technology stack. Get Freenet into all major distributions, so programs can use it there, and provide a freenet-browser script and a run-with-freenet script which does all the steps needed to start Freenet and connect the browser or app securely (i.e. to Freenet with random IP and Port).
- Unblocked Freenet: fix the pitch black attack and scale WoT. Makes Freenet interesting to tech-savvy folks with >10 years of experience.
addition from FMS
- Traceless Freenet: GNU/Linux LiveCD .iso image that can run entirely on a CD or USB stick, like Tails for Freenet. Locked down with all ports blocked except Freenet's opennet and darknet ports for that node*. Preconfigured with a locked-down browser. Distro: 1) nice-looking, 2) easy to use for people not used to Linux, and 3) work on older computers including 32-bit ones.
1481 test release
If you saw a message by me about 1481, that was me. We have the hopefully final test release!
optimizations for a chat app over Freenet
Some info how to optimize inserts for a chat app:
some optimizations that could help: DontCompress=true, use PriorityClass 1, ExtraInsertsSingleBlock=0, RealTimeFlag=1
take your Freenet node, go to plugins, enable KeyUtils, then open one of
the inserted messages with the KeyExplorer:
http://127.0.0.1:8888/KeyUtils/
what you need is for the key to NOT have a CHK redirect
this is how it should NOT look for a chat app: http://127.0.0.1:8888/KeyUtils/?key=SSK@sUm3oJISSEU4pl2Is9qa1eRoCLyz6r2LPkEqlXc3~oc,yBEbf-IJrcB8Pe~gAd53DEEHgbugUkFSHtzzLqnYlbs,AQACAAE/random_babcom-368&hexwidth=32
this is how it SHOULD look for a chat app: http://127.0.0.1:8888/KeyUtils/?key=SSK@YOeUMvHNyr2RY1dQB0-4cppO2Ip-8zKf7CaszRhPqU4,OaISGGFz52FaD98m2JZo-2gQ2XErr0pb3DPkpvDkKxs,AQACAAE/changelog-1481&hexwidth=32
make the uploaded files small enough that you get an upload like the
second one.
jamesaxl: the effect is that Freenet then only downloads one single 1KiB
key and is done.
If you get a redirect (like the first link), then Freenet has to download the SSK, then download the 32KiB CHK referenced in the SSK. You NEED such a redirect if the data you upload is bigger than 1KiB.
For text messages, better split them into two than go above the 1KiB
(1KiB is one A4 page of ASCII text)
You will WANT a redirect if your file is larger than 100KiB, because the redirect also adds redundancy: You then only need to download half the fileparts, so your file will live much, much longer.
Do NOT split your file if it is larger than 32KiB. At that size the redundancy added by splitfiles increases the lifetime of the complete message a lot. You will most likely want that.
That's it. I hope it is helpful for some of you out there!
Changes in stats from bandwidth changes
I noticed big changes in the network size estimate from the probes
These correlate with changes I did to the bandwidth of the stats collecting node, so most of them are likely bogus. To get better stats, we'll need to re-check the algorithm which scales from probe results to the size estimate. It seems to have some dependency on the peer-count of the collecting node. More testing required …
Wow, we won for now.
Das EU-Parlament hat das Zensurgesetz vorerst gestoppt | The EU Parliament stopped the fast-tracking censorship law: https://twitter.com/Senficon/status/101481446048841318
Great success: Your protests have worked! The European Parliament has sent the copyright law back to the drawing board. All MEPs will get to vote on #uploadfilters and the #linktax September 10–13. Now let's keep up the pressure to make sure we #SaveYourInternet! — Julia Reda (Senficon)
Petition against censorship in the EU, still open today; Parliament vote is tomorrow
Tomorrow the EU Parliament decides about censorship in the EU. Please sign today to ask them to stop the censorship directive which would let chinese censorship look like kindergarden!
Info: https://saveyourinternet.eu/ and https://savetheinternet.info/
Petition: https://www.change.org/p/european-parliament-stop-the-censorship-machinery-save-the-internet
(you're not anonymous there — you can't be in a petition — but you'll be one of almost one million petitioners, and it needs every single voice)
Talk about Freenet by Aaron Jones in Phoenix Linux User Group
Aaron Jones permitted me to upload his talk about Freenet. I enjoyed watching it, so I thought you might, too:
"Aaron_Jones_+/Introduction_To_Freenet-zu9gM3_gIfM-vp9.webm":/CHK@cxNRV0398Q5xebr5L~J0JKDNRXxMMZ4WQ03ZsYJgUg0,tsiIOJEZNBWwa146PvTjEWo-JRPx5bYmErVjiGbG4~k,AAMC—8/Aaron_Jones/+_Introduction_To_Freenet-zu9gM3_gIfM-vp9.webm
Quotes for Freenet
Last year I wrote "we should quote presidents and the Guardian". I found a better quote by CNN — and by presidents. Here they go:
»there is no central server and no one knows who's using it so it can not be shut down … where there is a message it is likely to find a medium.« — CNN, 2005-12-19
»The liberty of the press is essential to the security of freedom in a state: it ought not, therefore, to be restrained in this commonwealth.« — John Adams, 1780, second president of the USA.
»When people talk of the Freedom of Writing, Speaking, or thinking, I cannot choose but laugh. No such thing ever existed. No such thing now exists; but I hope it will exist. But it must be hundreds of years after you and I shall write and speak no more.« — John Adams Letter to Thomas Jefferson (15 July 1817)
»No experiment can be more interesting than that we are now trying, and which we trust will end in establishing the fact, that man may be governed by reason and truth. Our first object should therefore be, to leave open to him all the avenues to truth. The most effectual hitherto found, is the freedom of the press.« — Thomas Jefferson, Letter to Judge John Tyler (June 28, 1804)
»Our liberty depends on the freedom of the press, and that cannot be limited without being lost.« — Thomas Jefferson, letter to Dr. James Currie (28 January 1786) Lipscomb & Bergh 18:ii.
»What makes it possible for a totalitarian or any other dictatorship to rule is that people are not informed; how can you have an opinion if you are not informed?« — Hannah Arendt, 1974
»And that is why our press was protected by the First Amendment — the only business in America specifically protected by the Constitution — … to inform, to arouse, to reflect, to state our dangers and our opportunities, to indicate our crises and our choices, to lead, mold, educate and sometimes even anger public opinion.« — John F. Kennedy's Address before the American Newspaper Publishers Association (27 April
»Without general elections, without freedom of the press, freedom of speech, freedom of assembly, without the free battle of opinions, life in every public institution withers away, becomes a caricature of itself, and bureaucracy rises as the only deciding factor.« — Rosa Luxemburg, Reported in Paul Froelich, Die Russische Revolution (1940).
»A popular Government without popular information, or the means of acquiring it, is but a Prologue to a Farce or a Tragedy, or perhaps both.« — James Madison, Letter to W.T. Barry (1822-08-04).
»A critical, independent and investigative press is the lifeblood of any democracy.« — Nelson Mandela on freedom of expression, At the international press institute congress (14 February 1994).
»we believe that when governments censor or control information, that ultimately that undermines not only the society, but it leads to eventual encroachments on individual rights as well.« — Barack Obama, Rangoon, Burma on November 14, 2014
»If in other lands the press and books and literature of all kinds are censored, we must redouble our efforts here to keep them free.« — Franklin D. Roosevelt, Address to the National Education Association (30 June 1938).
»The liberty of the press is no greater and no less than the liberty of every subject of the Queen.« — Lord Russell of Killowen, Reg. v. Gray (1900), L. R. 2 Q. B. D. 40.
Also added on my clearnet page: http://www.draketo.de/english/freenet/answer-to-cannot-use
Why freesites below 2 MiB live longer
A rule of thumb which works for well-designed sites: As long as its below 2 MiB, every bookmark referencing the activelink of the site will keep the whole site alive. This goes double for crawlers. That way the site will live almost forever.
However, a site larger than 2 MiB will fall out about one month after people stop browsing it: Once the site surpasses the 2 MiB limit, it must be split into multiple containers and the activelink will only keep one of the containers alive.
//
Building Freenet next branch offline
While being offline for 6 weeks I had to build Freenet offline. The following tarball contains fred prepared with gradle so you can run it offline. Just check the README. This should allow all our anon devs to hack on next.
Say something about finding something good in every problem :-)
freenet-clean-build-environment.tar
(the tarball is uncompressed, because freenet will do the compression transparently — it's around 330 MiB uncompressed)
And if you value your anonymity, please use something which is actually offline: I did not check this setup for not trying to access the web, only for being able to operate without internet access.
EU wants to filter all uploads, action tuesday 20th, with GitHub!
EU wants to require platforms to filter uploaded content (including
code).
Yes, this is bad, and we have a chance to reach them next tuesday. With
GitHub:
https://blog.github.com/2018-03-14-eu-proposal-upload-filters-code/
More details: https://juliareda.eu/2018/02/voss-upload-filters/
(from Julia Reda)
//
changing ISPs, some downtime
I'll be offline for a few days to weeks: Our current ISP is ceasing operations in the area and the new one might take some time to connect us.
Watching 1479 spread over a day
75% of nodes update within a day. The gap up to 2000 represents about 9 more days.
Generated with:
for i in {2000..3440}; do wget -O $i-"$(date -u +%Y-%m-%dT%H-%M-%S)".html http://127.0.0.1:8889/strangers/; sleep 60; done
(VERSIONS="$(echo {1468..1479})"; echo index datafile $VERSIONS; for i in *.html; do for j in $VERSIONS; do grep -A1 peer-version $i | grep -cP '\t'$j\$ ; done | xargs echo $(echo $i | sed "s/-/ /") ; done) > /tmp/frac.dat
gnuplot set xlabel "time / minutes since insert" set ylabel "peer count / strangers" set title "Freenet update propagation (seen from a non-updating node)" plot for [n=3:8] '/tmp/frac.dat' u (15+$1):(column(n)/column(n)*column(n)) w points title columnhead(n), \ for [n=9:14] '/tmp/frac.dat' u (15+$1):(column(n)) w lines title columnhead(n)
Reduced peer count in 1479 is expected and good
1479 connects to less peers. This is an adaption which improves bandwidth utilization for fast nodes while allowing slower nodes and nodes with much weaker CPU to join and keep connected.
The node count is calculated such that the limited upload bandwidth is distributed among the peers. I know that it is tempting to fake raised bandwidth to get a higher number in the status bar, but this will do more harm than good for you: If you take more peers than the count, you won't be able to keep up with the demand and peers will be more likely to drop you.
The peers are set network wide and using a different algorithm will likely cause you to either have less bandwidth usage (peers give you a fixed speed for that connection) or getting dropped (peers expect a certain bandwidth per connection).
The higher bandwidth utilization for fast nodes should benefit you by increasing the bandwidth available for routing in the whole network. The same should be true for the lower churn of slow nodes (i.e. on a Raspberry Pi) due to being able to keep connections.
The scaling is calculated from the expected utilization due to the number of peers: you get peers proportional to the square root of your bandwidth because the more peers you have the more likely a request will be sent along the connection to you. The higher likelihood to receive a request times the number of peers gives scaling of traffic with your bandwidth.
Whether this worked will be verifiable by the peer count distribution from the statistics page.
Before 1479:
After 1479 (once the new upload finishes, until then it's the same as the graph above):
so much for the probes: I found that postgresql had died a month ago. I now restarted my probes, so robust data should be available within a few days. The probes by Steve show no drop in users today: https://asksteved.com/stats/, so there should at least be no emergency.
I expect a less sharp drop at 95 peers (this cutoff-point is caused by the small network size: fast nodes cannot find enough close peers to utilize their full bandwidth) and that the peak at 10 peers moves left to 7 peers.
A freenet update propagates within two hours
After inserting the release, I did some statistics of the stranger nodes I saw. They suggest that the result of the fetch-pull-stats that an update propagates to most of the network within just a few hours is still valid.
Here's a preliminary evaluation of what I have until now:
This is generated very primitively:
Data:
cd ~/freenet-watch-update-to-1479 for i in {0001..1440}; do wget -O $i-"$(date -u +%Y-%m-%dT%H-%M-%S)".html \ http://127.0.0.1:8889/strangers/ sleep 60 done (echo datafile 1478 1479; for i in *.html; do echo $(echo $i | sed "s/-/ /") $(grep -c 1478 $i) $(grep -c 1479 $i); done) > /tmp/frac.dat
Plot with gnuplot:
set xlabel "time / minutes since insert" set ylabel "peer count / strangers" set title "Freenet update propagation (seen from a non-updating node)" plot "< tail -n +2 /tmp/frac.dat" using (15+$1):3 with lines title "1478", \ "< tail -n +2 /tmp/frac.dat" using (15+$1):4 with lines title "1479"
releasing 1479 now
Short notice: I am working on doing the release right now.
the reason for the different peer counts
The only reason why you can have anything between 10 and 140 peers is that bandwidth is distributed very unevenly across the globe. Freenet has to work well for users from Japan/Korea/HongKong (their internet speed is awe inspiring!) as well as for users with the equivalent of a double-ISDN line.
(a reply I gave on FMS)
snapshot pre-release for 1479
I created a preliminary snapshot of the first round of changes planned for 1479. It's built from https://github.com/freenet/fred/pull/621 — please give it some testing!
CHK@azFEEEuDpDBBsOKkhvL5vfkVnOem9OBd6lXNKXkeLpA,lRfvSQ54DyeYLMYHOyV3npdh-Od8IzFQ4elkcpaQX3Y,AAMC—8/freenet-20171010-r1-snapshot.jar
CHK@fIp8QFC2-iBxP~–5pWEdtkUZgxPARSvH8efKYqDcDC8,inlD8D~adR1ynt4481CDObstBimGcFayqQZshvNqr-s,AAMC—8/freenet-20171010-r1-source.tar.bz2
CHK@nOVBNOQTOH~MbUWenwlFVi0DDiJ6VT2QbHEg0N8WdJo,1J96YQ3~~bOtrAnnv9S3UiIPB1edY0Ux99DCDJudUPU,AAMC—8/freenet-20171010-r1-snapshot.jar.sig
CHK@Vsaj-0-wGiX-Rr2i2aSml0b3CY7852yoOoCxP2rNgd0,6KpzZQJeJJzfAnRdloXD4d5api9fsqMJJRmwM2HSSfw,AAMC—8/freenet-20171010-r1-source.tar.bz2.sig
Here's the high-level changelog:
New FMS ID for my role as release manager
Up till now, if a user on FMS posted stuff I can't take, I could unsee him, but if he or she would have chosen to unsee me, he or she would not have seen freenet release discussions anymore. That's a power disbalance I don't want.
Therefore I just created a freenet-release-manager account. Key: freenet-release-manager@vPuRconm3n2mbkhU~ZvrSg8DSJm3NAgX-dP4l-h4b2U,LndUgYvJSC-iNfE~xAOwRE1NYcoHqlUSfQ8ISbPIhrM,AQACAAE
If you don't want to see my personal opinion, you can now set my FMS trust to 0 and still see my posts about freenet release management.
Thanks goes to FreedomForever for alerting me of that power disbalance. He did not actually make this point, but I think it is the reason why he got upset — and it is a good reason.
Finally a clarification: I am release manager, not "the manager of Freenet". I take care of getting stuff released, but otherwise I do not have any more power than anyone else, and I don't want it.
I hold it with Casilda (Kass) Aguero:
My
father got busted for getting into a central position where too much
rested only on him. I don't plan to make that mistake.
(german site)
the zen of tolerance
You are entitled to voice your opinion. — freedom of speech
You are not entitled to force it upon everyone. — freedom from noise
You are not entitled to force it upon a subgroup repeatedly. You are not entitled to force your opinion upon someone if you are part of a group and each of you wants to do that. — freedom from harrasment
You are also not entitled to hurl hate towards participants, since that would disrupt communication. — freedom from injury
If you cannot stay respectful and friendly after being asked to, I will unsee you and advise others to do the same with a clear and brief explanation, so they can take an informed decision. — freedom to ignore
I will use technical means to realize the zen of tolerance. Tolerance for intolerance is self-defeating. Continuous disruption of communication is censorship.
Constant outrage disrupts communication. As does constant mocking.
This could also be called the paradox of free speech: your freedom of speech is worth as much as mine. It ends where it impedes on mine. And vice versa. FMS and the WebOfTrust plugin implement a technical method which can be used to realize this.
Freenetproject website mirror updated
I found a way to make the freenetproject website mirror much nicer:
make html SITEURL=/USK@0iU8[…public key]/freenetproject-mirror/490/
My Freenet talk for the SUMA award 2015
Here's a re-encoded version of the talk I gave to thank the SUMA folks for the award they gave to Freenet (in German):
State of the climate
Mike_Perry-comic-roll-a-die-2014-climate-new-text-cropped.png
I was seriously freaked out by a paper which showed significant increases in arctic emissions. Mike Perry (nodicemike.com) created this strip for me to finally visualize how I see the two main pathways of our future.
The license is cc by.
It's crazy to think that even in the best case scenario (humans keeping total CO₂ concentration below 470 ppm) the probability of staying below 2°C warming is just about 80%.
More details are available on my website (http://www.draketo.de/english/politics/roll-a-die) and its Freereader mirror: draksites
What is needed to release next?
update: seems we need to switch to a new TUF tool for updates. This might take more time than I had hoped, since I'll have to dive into the release scripts and adjust what they do.
- fix update.sh/.cmd (the last-line-of-defense failover updaters) in an
on-freenet update¹ (requires fixing sha1test.jar from the java_installer)
- prepare shipping JNA
- check and use the new release scripts from operhiem1/Steve
- create an on-freenet test release from gradle
- include the new Windows tray with 64bit support from
mrsteveman/Stephen
- document how to release to the AWS-based website
- do a test release to the website which works with ./update.sh
testing
- do a real release
While I work on the release this list might get a bit longer with stuff I missed.
¹: they were broken during the switch to AWS because the old links no longer work.
That said, my pyProbe-based statistics site (based on the work from operhiem1) is finally not-completely-broken anymore, and suddenly its node-count makes sense: Freenet Statistics
Here's the working probe.config
Unicorn shitting in my backyard
Your unicorn is shitting in my backyard, would it please not?
A talk by Aral Balkan. License: cc by.
"what if I have no friends?"
"I have no friend. How do you help people without friend?"
Use opennet; and find friends, or at least comrades. People you meet to play scrabble, chess or skat — or my favorite pasttime: fantasy roleplaying games. Or just watch the sunday football game. Seriously. You'll need them if the shit hits the fan, and be it only that you have someone who calls you if you don't turn up some day.
Given that you already worry enough that you're using Freenet, the shit might just hit the fan some day, without relation to Freenet, so go and try to make some friends.
As a side effect that will increase your life expectancy and improve your health. Humans are terribly social creatures, even down to their immune system.
security: darknet vs. opennet
In Darknet your friends can launch the attacks which any stranger can launch in Opennet.
In Darknet attackers have to corrupt your friends or invade your longterm social circle while in opennet they can simply wait till they get a connection to you (and there are ways to speed that up).
So please use darknet. Build it one ref at a time
Nowadays more than ever before: it is a time for darknet
And if you cannot go darknet-only right away, start in hybrid. It is the path towards a global darknet
What's announcement?
who announces what to whom about what?
Announcement means that you talk to the seednodes and tell them that you'd like to have references of other opennet nodes which fit to your position in the keyspace.
Essentially you say "tell me who's close to this location".
Then the seednodes send a request to that location and they tell you of all the nodes the request reaches.
That way the nodes you get already fit the small world structure quite well (which is needed for efficient routing in Freenet).
copied from an answer I gave on IRC
Delay tolerant networking references
This provides a sneakernet, but as far as I see it, it is without strong censorship prevention. It's still pretty interesting, though.
Also Delay Tolerant Networking is getting ESA grants right now: They want to make satellites communicate reliably via non-permanent and high-latency links.
Standard Score and Prediction Interval
Standard_score_and_prediction_interval.svg
From Wikipedia, Public Domain.
Better proxying freenet-browser script
After creating the freenet profile, simply launch your freenet like this:
firefox --profile ~/.config/freenet/firefox-profile --no-remote --new-instance http://somewhere.else
Infinite Hands Sheet Music
This is a two-page version of the Infinite Hands Sheet Music, fit for printing and playing at a campsite.
Freenet als Proxy, praktisch (in German)
Tut mir Leid, dass mein letzter Post komplizierter war: Er ist nur
unter
GNU/Linux automatisch umsetzbar, unter Windows geht das etwas anders
(ich habe nur GNU/Linux).
Praktisch:
- In freenet.ini sollte irgendein zufälliger Port als fproxy.port stehen
(zwischen 5001 und 32767). Ich nenne ihn mal NNNNN.
- Die IP address to bind to sollte 127.x.y.z sein, mit x und y
zufälligen Zahlen zwischen 0 und 255 und z zwischen 1 und 254.
- In deinem Firefox stellst du in deinem Freenet-Profil¹ unter
Erweitert->Netzwerk einen Proxy ein (den gleichen für alle Protokolle). Für diesen nimmst du Host 127.x.y.z und Port NNNNN (die Zahlen aus der freenet.ini)
Dazu brauchst du noch die Einstellung, dass DNS über den Proxy gehen
soll.
Freenet-Links sollten jetzt im Freenet-Profil funktionieren (mit
beliebigem Host und Port: das geht damit alles über den Proxy), aber
im
nicht-Freenet-Profil nicht mehr. Dafür kann das Freenet-Profil jetzt
nicht mehr auf das Clearnet zugreifen. Auch das ist gewollt (ich habe
schon mehrfach ausversehen nach einem Freenet-Link gegooglet, was fast
schon der Worst-Case an Privatsphärenverlust ist).
Viel Erfolg und weiter viel Spaß mit Freenet!
Danke an den Nutzer, der mich darauf hingewiesen hat, dass mein Post zu kompliziert war!
¹: Der Nutzer verwendet JonDoFox, um einfach Profile wechseln zu können. Ich starte im vorigen Post Firefox via Befehlszeile mit dem anderen Profil. Die Befehlszeile steht bei mir auch in
Der Grund dafür, dass das nicht Standard ist, ist übrigens, dass manche
Nutzer sich beklagt hatten, dass sie nicht wussten, wie sie aus dem
Freenet-Profil rauskommen. Wenn Firefox einfach neue Fenster im gleichen
Profil startet, muss man alle Firefox-Fenster schließen (oder es mit
--new-instance
aufrufen).
Ich starte meinen Freenet-Browser seit neustem mit dem folgenden Skript: freenet-browser
Use Freenet as proxy (secure against spying attacks)
By using Freenet as a proxy instead of connecting via HOST:PORT (i.e. 127.0.0.1:8888), you can avoid most attacks which try to find your freenet node by randomizing host and port (i.e. bind to host 127.15.19.2 and port 25678), but in your proxied browser all the standard links will work (i.e. http://127.0.0.1:8888/…).
IP: 127.x.y.z with x y being random numbers between 0 and 255 and z between 1 and 254)
PORT: a number between 5001 und 32767 (inclusive interval)
If you forward it via SSH, also change your ssh forward to
ssh -NL IP:PORT:IP:PORT HOST
with IP and PORT as the new 127.x.y.z and port you defined in http://127.0.0.1:8888/config/fproxy?fproxyAdvancedMode=2 as "IP address to bind to" and "Web Interface Port". The first IP:PORT pair is the local one, the second the remote one.
(this might require additional work on MacOSX, since it might only use 127.0.0.1 as local IP)
- Firefox
This setup should be the strongest, because it uses a special profile for Freenet which should not interact with your normal browsing profile. Remember using private window mode, though, if you worry about your computer being infiltrated in some way.
Setup:
rm -r ~/.config/freenet/firefox-profile/ mkdir -p ~/.config/freenet/firefox-profile echo '//Firefox Default Settings //set proxy server settings user_pref("network.proxy.http", "127.0.0.1"); user_pref("network.proxy.http_port", 8888); user_pref("network.proxy.ssl", "127.0.0.1"); user_pref("network.proxy.ssl_port", 8888); user_pref("network.proxy.gopher", "127.0.0.1"); user_pref("network.proxy.gopher_port", 8888); user_pref("network.proxy.ftp", "127.0.0.1"); user_pref("network.proxy.ftp_port", 8888); user_pref("network.proxy.socks", "127.0.0.1"); user_pref("network.proxy.socks_port", 8888); user_pref("network.proxy.no_proxies_on", "127.0.0.1:8080"); // allow FMS user_pref("network.proxy.type", 1); user_pref("network.proxy.socks_remote_dns", true); user_pref("network.proxy.share_proxy_settings", true); ' > ~/.config/freenet/firefox-profile/prefs.js
(Replace 127.0.0.1 with the new "IP address to bind to", and 8888 with the new "Web interface port").
Usage:
firefox --profile ~/.config/freenet/firefox-profile --new-instance --private-window http://somewhere.else/
- Chromium
Chromium with proxy is easier to setup, but does not separate the two browsing modes as strongly:
chromium --proxy-server=127.0.0.1:8888 --incognito http://somewhere.else/
New FMS ID
I just switched to a new FMS ID. Find me at SSK@t-YmshUm43nS16QFieoZMfBdfieb9Opy0a2aMWsoH8o,7NqDX88r1R4SC~elmpW4SuKbnAOka~MKUuBufUWa2xQ,AQACAAE/
Please re-send your freemails
Due to my recent loss of my node, I also lost my old freemails. If you sent me a freemail in the past 2 months, please re-send it (I most likely did not see it and now cannot access it anymore).
Privacy Handbuch (german)
Just found at privacy-handbuch.de, with latex sources:
It's public domain (it says).
New attack against Freenet
Update: The solution to this attack should be using a samesite cookie and as fallback for browsers without samesite support a check whether the referrer is a freesite (from Freenet). If both are missing, present a click-through (click to activate).
There's an attack against Freenet and other networks. It allows one attacker to identify which freesites were visited, however if there are multiple attackers, each of them will see what other attackers checked as visited sites, so for freesites the false positives rate will be huge. The vulnerability was reported responsibly but then the reporter was pushed to publish before we had a mitigation ready :(
I inserted a mirror of the attack description: timebleed
As first measure, change the fproxy port:
- shut down freenet,
- go to
~/Freenet
(GNU Linux) or%appdata%\Freenet
(Windows) or the
relevant OSX folder,
- edit freenet.ini to contain
fproxy.port=N
with N a random number
between 5001 and 49151
- start Freenet again.
- You can now access your node at http://127.0.0.1:n (change the port
from 8888 to N).
This is not a perfect solution, it just makes the attack harder (an attacker needs on average 22000 requests to identify you as Freenet user — and must run them against all visitors — instead of needing just one).
All help to mitigate this attack is welcome! (please write in FMS, freenet board)
Unterstützung gegen Selbsthass
Der Getriebene: http://www.zeit.de/2012/44/Sexualitaet-Paedophilie-Therapie/komplettansicht
Kann ein Mensch seine Sexualität sein Leben lang unterdrücken? Wenn Jonas ein guter Mensch sein will, wird er es müssen – er ist pädophil. Wir haben ihn bei seiner Therapie begleitet.
Ein Bericht über die Erfolge eines Unterstützungsprogrammes der Bundesrepublik. Der Sinn des Deutschen Strafrechts ist nicht die Rache, sondern der Schutz der Gesellschaft und die Resozialisierung der Verurteilten. In dieses Programm kommt aber nur, wer noch nicht straffällig wurde.
Dieser Artikel ist Gewinner des Henri-Nannen-Preises 2013. Meiner Ansicht nach zurecht.
Das Hilfsprogramm der Charité findet sich im Netz unter
https://www.kein-taeter-werden.de/
Es bietet inzwischen Zweigstellen in fast allen Bundesländern.
Eternal Flame: Lisp
(it's allowed to spread this as non-commercial + verbatim)
Also known as "I'm sorry to inform you that Earth is about to be been
eaten
by a fire demon." :)
Image CC by-sa by Ben Brockert:
https://www.flickr.com/photos/wikkit/10212337584
the site was back after 6 hours
We're up and running again on https://freenetproject.org — now with the new design.
Have fun and Happy Hacking!
HSTS and expired cert: our site is down for now
The SSL certificate expired and we use HTTP Strict Transport Security
(HSTS). That means: Our old site is down until the DNS can be switched
over to the AWS site.
Let's treat this as a test of what would happen if an attacker were to
take down our clearnet infrastructure.
1478: add pinned certs
I released 1478. It just adds pins to our new CA certs for the
failover download if no Freenet connection can be established (via
Amazon Web Services).
This should allow us to switch to the new infrastructure, but it will
not avoid short-term breakage.
Infrastructure …
This evening our certs run out. I uploaded a new update.sh which
includes the new AWS certs. I'll make a release with the new certs in
Freenet. We will have to get stuff working again after the certs run
out, but there will be a chain of trust with the new certs having
initially been released from infrastructure verified by the old certs
(so people can compare what they get).
(changes noted in https://github.com/freenet/fred/pull/611/files )
If you do not need to hide that you use Freenet, please test
./update.sh testing
(accesses the clearnet site!)
I posted a news item on the website that there are infra changes
incoming: https://freenetproject.org/news.html#20170405-infra-changes
I wish we could have done this much cleaner. We're still doing this as
clean as our time constraints permit, but keeping to hard deadlines as
volunteers with real-life obligations requires some trade-offs (this
is
my personal stance, not the position of the project. We cannot do what
we cannot do so we have to make do with what we can do).
On the upside: Updates over Freenet should keep working regardless of the clearnet infrastructure.
Freenet infrastructure migration
(from https://titanpad.com/yKe1kGH902 )
This lays out the steps needed to migrate to our new infrastructure with the new SSL certs. It is a short-term plan, but it should be compatible with moving to gradle and signed jars for validation of downloads (instead of sha1 files).
If you find any problem in this plan, please say so — ideally with a
suggested fix!
If there's something missing, please do likewise!
I plan to send this in an email to devl this evening.
Basics:
The new repo should be compatible with both plain file storage and retrieving and verifying dependencies from maven via gradle. I suggest a maven structure, but we won't be able to push that to maven central without changing our package to org.freenetproject — which would break all plugins and scripts and pull requests (which I think it's a no-go¹). Nextgens is preparing an S3 bucket at mvn.freenetproject.org. We'll start by uploading the binaries there, as https://mvn.freenetproject.org/org/freenet/build%3C#%3E/freenet-build%3C%23%3E.jar%7B,.sha1,.sig}
Tasks:
- release a new build to the new and the existing infrastructure:
- adjusted paths in updater.sh, updater.cmd, sha1test.jar and fred.
- adjusted release scripts to upload to the new repo (and create the
directories as needed).
- adjusted gradle to allow publishing to the new repo (with full maven
metadata)
-
- adjust download paths on the website
paths: https://mvn.freenetproject.org/org/freenet/build%3C#%3E/freenet-build%3C%23%3E.jar%7B,.sha1,.sig}
¹: it took us more than one year to partially recover from the db4o purge. We still have plugins which aren't adjusted to working without db4o, so I don't think we're currently in a position to do large refactoring with side-effects like that.
Wiki and old-wiki, full backup
I crawled the old-wiki and the wiki to avoid losing any content in the transition to the new wiki on github. The following are the tarballs.
The actual source data is in /raw (old-wiki) or.raw (wiki).
I also uploaded a clone of the new github wiki, as well as a tarball of the most current version. If you want to help to ensure that we do not lose any content, please grab the tarball or clone the repo with infocalypse or gitocalypse and add what is still missing. Then leave a note in FMS or Sone or FLIP/flircp with either a link to your repo or a tarball with the added files.
- freenet-wiki-49be69181d1c9b01fad72c6c28f4b69d213c7bd1.tar
- Infocalypse repo: freenet://ArneBab/freenet-wiki
- Infocalypse repo without WoT:
USK@6~ZDYdvAgMoUfG6M5Kwi7SQqyS-gTcyFeaNN1Pf3FvY,OSOT4OEeg4xyYnwcGECZUX6~lnmYrZsz05Km7G7bvOQ,AQACAAE/freenet-wiki.R1/1
Note that some pages where combined, so not every missing sub-page is actually missing content.
Freenet 1477 imminent: fixes regressions
- fix clickjacking vulnerability
- patch open redirect and header injection vulnerability introduced in
1476
- fix SSL which broke with Java7 due to missing cypher
Sorry about that.
Freenet 1476 released
This is my first release as release manager.
Main changes:
- efficiency improvements: routing for fast nodes and sparse bitmaps
- a new gif filter with improved security
- improved maintainability by replacing custom code with standard code
- show update info alongside bookmarks
- ssl fixes
- update plugins: Sharesite 0.4.4, Library v37, Freereader 6
Release notes with details:
Thank you for using Freenet!
Release information for the website is upcoming, but might wait till monday so we can give the press a fair "warning" (see https://github.com/freenet/website/pull/77/ ).
Mailing list archives
I uploaded the mailing list archives for devl and support:
flircp: chat as plugin
I built the flircp plugin from SeekingFor with fixes from TheSeeker and some experiments for speed hacks. If you want to try it, you can load the plugin from the following key:
CHK@o1eRsD8vV5PM~wZzAxoT4IiTiZ0Ucub7uGtGZdTQRGs,mepNADzOVopYoTsRgb0fcmdVc4W949nC3TDao5nNMSc,AAMC--8/FLIRCP.jar
Here's an example session with timing information:
[01:00:25] ArneBab I see myself!
[01:01:38] ArneBab_flircp_10578 not seeing myself right now…
[01:03:28] ArneBab I just got the outdated information that I don't see myself :)
[01:09:13] ArneBab_flircp_10578 and read it here
[01:09:49] ArneBab which I just learned about
[01:10:06] ArneBab_flircp_10578 do your own timing
[01:10:36] ArneBab it seems like my inserts from FLIP are seen almost instantly by flircp, but my inserts from flircp are seen by flip after more than 6 minutes
[01:11:28] ArneBab_flircp_10578 :)
[01:12:46] ArneBab_flircp_10578 just 22 seconds until I see my FLIP-insert in flircp!
[01:15:06] ArneBab now 2 minutes until I see my flircp insert
[01:15:10] ArneBab getting better :)
(ArneBab is from FLIP, ArneBab_flircp_10578 from flircp)
Current source:
CHK@Dgm9KyIg1Ajw96IEJ3NTefWxQjPHGVnneNmS6WachBU,QITJtIWRXZJJ0dGsoMKYn8xSuh1n5wxVSYT34hwxij8,AAMC--8/flircp-2017-03-01.tar CHK@ySDd~JlBeCYfbyRV-fJH3C0Z-qxEMveAurC9-BL0ZgU,IUMz6YUo8OIJVBGOZnB53YpY~X45jwEZ1Sfye4-GZyY,AAMC--8/flircp-2017-03-01.zip
To build the source, copy freenet.jar and freenet-ext.jar from your
freenet folder to ../
and then run ant. If building fails, please use
the pre-built jar and tell us in flircp!
(repo: https://github.com/ArneBab/flircp/ )
deciphering flip datastructures (just a short pointer)
flip identities are for example at
flip messages for example at
Note that they are inserted without any manifests or other added cost to keep latency low. This is from current work on FLIRCP thanks to TheSeeker (see https://github.com/ArneBab/flircp/ ).
Use KeyUtils to check the keys.
Theft! A history of Music
On Paranoid Release Management
When I published the first version of
Freenet
Release Management
users on FMS harshly criticised that I did not check hashes of jars I
downloaded, nor of GPG signatures — I violated well-known good
practice (which is rarely followed, but should be). In response I did
all the tests possible to check whether files were corrupted — i.e.
using a man-in-the-middle attack — and now the release VM is as well
checked as I can make it.
Thank you for this.
Taking all possible precautions is less convenient than just downloading stuff from the clearnet, but it is good practice for a reason: The more care we take on securing our environment — the more paranoid we act where we can actually change things — the less likely we are to be attacked. And I don't want to be attacked. I want to make myself so utterly replaceable for Freenet that taking me out would only cost someone else 30 minutes of setup until we have a new release manager in place. And then maybe someone anonymous.
Yes, this feels paranoid. But acting paranoid does not mean you're not followed. And thanks to GPG, hashed data and version tracking, we can ensure that attacking the release manager does not allow attacking Freenet users.
I do not want to be in a position where I could de-anonymize Freenet users.
As long as we can provide that, I can feel safe as release manager. Please help me with that by holding me to high standards.
Freenet release test (help needed)
I just made my first full Freenet release, using a test key to avoid disrupting the network in case I made a mistake (so your node will not update to this automatically).
If you want to help test whether everything works, please go to the auto-update config page in advanced mode ( http://127.0.0.1:8888/config/node.updater?fproxyAdvancedMode=2 ) and replace the key with
USK@82nyT~XJlSSX6pK0MBfJ8Qg4VB8BftFkUiE6KdA77GE,B3PZFyjq90O~zpzS8Dx0DC8KlTmAlWqr9Bzx3tiQlsE,AQACAAE/jar/1475
There are no changes compared to 1475, except that I did the release.
For information about my release process, see
documentation for releasing freenet
The past few months I've been building my release manager setup and documenting the path to get there. I'm now almost there (I hope) and uploaded a freesite with all the steps I did till now (I plan to update it with anything else I have to do):
The instructions on the site include a full set of fake key and server setups to allow for safe experimentation without actually needing the real freenet update keys. Also I just started uploading the freenet release disk image (for qemu, documentation for using it is on the site linked above) to make it easy for anyone to experiment with doing fake freenet releases. However it's 5.5 GiB compressed, so the upload will take a while :)
FMS Discussion about Freenet on Android
The past few days there were repeated questions about Freenet on Android. There was a discussion with practical experiments using Freenet on Android:
You can also find this in FMS archive
Look there for the current answers.
Überwachungsmaßnahmen 2016
FOSDEM 2017
I'll be at FOSDEM 2017-02-04 in devroom K.3.201 with my talk starting 17:00!
Full Schedule: https://fosdem.org/2017/schedule/day/saturday/
This is not a Freenet talk but a Guile talk, but might be interesting anyway.
Who else will be at FOSDEM?
money poll: robust top 20
The most robust result of the poll is: we should definitely do these five tasks:
- Darknet invitation bundles (requires single use references)
- Improve FProxy CSS3 support to allow better Freesite UI
- Friend requests, like in Facebook
- Short node references
- Keepalive
…
- Finishing the first iteration of Web of Trust speed fixes (1)
- Fixing the installers (2)
These 7 tasks together are already estimated as 17 person-weeks, which
would leave us 15% buffer for unforseen problems.
Details in Alternate evaluations to get a robust top 20
As well as in the discussion threads from December 2016
been there done that
Dear citizens of the USA… — The Germans who hope that we won't have to repeat history with switched roles.
Unsurprisingly the other side answers with long-exposed lies and FUD.
Thinning Arctic Ice, 34 years visualization
Older_Arctic_Sea_Ice_Disappearing-Vj1G9gqhkYA.webm
Download the original at http://svs.gsfc.nasa.gov/4510
Thanks for all the fish
AGU publications published "The world's biggest gamble", a short commentary on how to go on with climate change.
(Open Access: cc by)
I am hard pressed not to become sarcastic. Not because the commentary is wrong. It's spot on. But because we, as a species, are …
I'll stop speaking my mind for now. Let's hope that hope wins against frustration and our children don't have to pay too dearly for the idiocy of my generation and the generation before.
"Building the darknet one ref at a time" - ts
That's what we have to do. If you invite three people and help those of your friends with similar interests to connect¹², and the people you invited then do the same, we get exponential growth.
¹: Helping your friends connect works as follows:
- ask: First ask your friends whether they want to connect to others.
Just go to the friends page, tick the checkbox next to each of the
friends you want to ask and click the drop-down list at the bottom named
-- Select action --
. Select "Send N2NTM to selected peers" and click
"Go". A text field opens with which you can send a message to all the
peers you selected. I typically ask something like "Hi, do you want to
connect via darknet to fellow pirate party members?" (replace "pirate
party members" by whatever unites the group of people you're asking).
- noderefs: Go to the friends page in advanced mode (
http://127.0.0.1:8888/friends/?fproxyAdvancedMode=2 ). There you find a link named "noderef" next to each name. Just download the noderefs of the people who want to connect.
- introduction file: Then copy them into a text file and add a short
description of each person before the persons noderef.
- upload: Now upload that text file. I use freenetupload from
pyFreenet for that, but regular insert via the browser ( http://127.0.0.1:8888/insertfile/ ) works as well. When the upload finishes, you'll find the link on the uploads page ( http://127.0.0.1:8888/uploads/ - see the column "key").
- message: Go to the friends page again (I'm lazy and use simple mode:
http://127.0.0.1:8888/friends/?fproxyAdvancedMode=1 ), tick the checkbox
next to each of the friends you want to help connect and click the
drop-down list at the bottom named -- Select action --
. Select "Send
N2NTM to selected peers" and click "Go". A text field opens with which
you can send a message to all the peers you selected.
- write and send: Write something like "The following link includes
the noderefs of people you might want to connect to. Just copy the noderef (from 'identity' to 'End') into the text field on http://127.0.0.1:8888/addfriend/ if you want to connect. If both of you do that, your freenet nodes will connect". Copy the link to the uploaded introduction text file into the text field (below your text) and click "Send message".
²: Only connect those with similar interests (who might in the real world meet in a club or at work or who are related by blood or association). This is needed for efficient routing in Freenet.
fniki is much easier to use than I thought
EFF Whitepaper on IP Addresses
Celebrating FMS
People on FMS are right now writing a big thank you to SomeDude for writing FMS. And I think that is great!
From me, too: Thank you, SomeDude!
If you do not run FMS yet, you can access the currently written messages directly via Freenet:
A clean way to devise a roadmap democratically
Something I only understand now, which I wish I had had before.
Steps to devise a roadmap democratically, which avoid the problems of the current process:
- Propose this method. Only go for the next step if there are no strong disagreements or alternatives (including "let's not do this") which get more support.
- Clearly define the scope (i.e. decide on a roadmap or spend a fixed amount of money or get a clearer picture of the wishes of the community)
- Define who takes part in the vote (i.e. active contributors or active developers or donators or long-term users or all users)
- Gather tasks. Ideally use existing roadmaps.
- Refine tasks: complete list of non-overlapping tasks. Described briefly.
- Add effort estimates to tasks, i.e. in person-weeks - from developers. If no consent can be reached for the effort of a given task, you can provide the range of the effort estimates. Now the tasks have a short description and the required effort.
- Ask users "in which order should we do these tasks?" (i.e. assign letters A to Z)
- Decide with a clearly defined flavor of the Condorcet method (i.e. Benham).
With this, users know beforehand how many of the tasks in their list could be done with the amount of development time available. If we have money for 20 weeks, people are unlikely to choose a 30 week task as first task, because then nothing will be done when the money runs out. That way it's transparent what a given vote stands for.
You can find a Python-implementation of different evaluation methods in freenet-task-planning-poll-methods/browse/evaluation.py.
If we don't have time for clean gathering, revising and cost estimation, do not use a democratic decision for such a complex task. Complex Democratic decision making takes time, because it is necessary to ensure that all who are eligible to vote have all information necessary to take an informed decision.
Instead, reduce the scope to just getting a sorted wishlist. That’s quick and easy to do democratically.
Only ask people to decide on things we can deliver with the resources we have.
I was targeted by an attack on GnuPG/PGP
See the details on the Sharesite gnupg-attack
Or check my website in the clearnet: draketo.de/english/gnupg-attack
20 years of KDE, the book
Infocalypse repo:
hg clone freenet://ArneBab/20-years-of-KDE
If you like it, donate or buy it: https://20years.kde.org/book/
fms 77 vs. 78
Just as short note:
- st=m_db->Prepare("SELECT IdentityID FROM tblIdentity WHERE IdentityID NOT IN (SELECT TargetIdentityID FROM vwCalculatedPeerTrust);"); + st=m_db->Prepare("SELECT IdentityID FROM tblIdentity WHERE (PeerMessageTrust IS NOT NULL OR PeerTrustListTrust IS NOT NULL) AND IdentityID NOT IN (SELECT TargetIdentityID FROM vwCalculatedPeerTrust);");
In short: Now only checks identities which are actually trusted. That should give quite a nice speedup.
Here's the full diff: fms-src-77-to-78.html
Created with:
diff -ur fms-0.3.7*/src > fms-src-77-to-78.diff
And parsed to html with:
cat fms-src-77-to-78.diff | pygmentize -l diff -f html -O full -o fms-src-77-to-78.html
My csv's in the task planning thing
If you are interrogated by police, do not ever talk.
They might be using the Reid technique to get you to confess a less evil crime than what they claim to be able to prove. And you won't find out before they get an emotional handle on you.
From Wikipedia: Reid technique
Under the Reid method used since the 1950s, falsely accused suspects were treated aggressively and told lies about the amount of evidence proving their guilt. Such exaggerated claims of evidence, such as video or genetics, led to potentially innocent suspects becoming overwhelmed.
Juan Rivera…was wrongfully convicted of the 1992 rape and murder of 11-year-old Holly Staker. A number of pieces of evidence excluded Rivera, including DNA from the rape kit and the report from the electronic ankle monitor he was wearing at the time while awaiting trial for a non-violent burglary. However, he confessed after being interrogated for several days using the Reid Technique.
You have the right to a lawyer. That's the only thing which is useful to say (until police stops using abusive methods).
The GPL fixes copyright law
BoringName@EL514xEcIshLabg0L556n7fvQxKpReu3c41Dr042zpY wrote on FMS:
> Even ignoring the viral nature of the GPL, you can't even legally mix
LGPLv3 code with GPLv2 code!
To be precise: You cannot mix LGPLv3 with GPLv2-only (when developers explicitly declared that they do not want GPLv3). The default GPLv2 header as provided by the FSF is GPL verson 2 or (at your option) any later version.
> It's crazy.
It is crazy to say GPLv2-only, yes. That's like declaring that you will only ever use the current version of some software, even if it should have security vulnerabilities. The GPLv2 did have these, which is why GPLv3 was created.
> LGPLv3 and GPLv3 are a cancer and blight on the face of open source
software.
>
> Even with the more permissive LGPLv2.1, you can't mix it with
Apache2.0 code.
That's essentially a bug in the v2 licenses of GPL. It was fixed in GPLv3 and LGPLv3.
> I hate licensing. ;_;
I actually like licensing: Under the current (broken) copyright laws, without a license you have no right at all. The GPL takes the copyright law and turns it on itself to undo the damage copyright law normally causes.
If you hate copyright, the GPL is the place to be: If you use something which is licensed under the GPL and developed several by different authors, you know that you have and will continue to have all rights and abilities you would have if you had the full source-code without any copyright-restrictions.
That protects you against betrayal by single developers.
With non-copyleft licenses, single developers can try to break down the community by withholding their contribution from others while selling it to select users.
If you hate licensing complications, the GPL is also the place to be: Simply check whether some code is GPL-compatible. If it is and you don't intend to betray your users, you're good to go and no one can pull any uglies at you. It doesn't get simpler than that.
A friend of mine writes a game with a few friends. They did not have any licensing rules set for contributors. After two years a core contributor suddenly stated "I don't want my stuff in this game anymore. Remove it all at once". The team then wished they had just used the GPL.
If you don't like complications or if you're not a lawyer, just use GPL.
That licensing is necessary to use software is the cancer and blight on the face of software (and all culture) - the result of the horrifying swamp which is copyright law. The GPL is fixing that.
Why there are few people on FLIP / IRC over Freenet
Today a user joined the #freenet channel in FLIP and asked why there are so few people there. The answer are timing attacks: Any realtime communication method allows correlation with your physical activity. Just by watching when you come online people can try to single you out. A note like "I'm going to buy something" could suffice to tie you to a PayBack card, or to a video surveillance recording — especially with Opennet where all users who take part are known, but not their Pseudonyms.
That means people in a high-threat environment cannot use realtime communication.
But for all than naysaying: For the majority of people here who want a pseudonym which cannot easily and provably be correlated to their reallife ID, FLIP is a pretty nice tool.
FLIP makes us independent of IRC networks. We can self-host our realtime discussions. And in theory (from its protocol and the data available) it could be improved to have delayed message support (for high-threat environments) and to re-read history on startup. It just has to be done by someone.
pyFreenet 0.4.1 with auto-spawn support in fcpupload
I just put up a new pyFreenet release:
If you have Python3 and pip >= 8 you can get it with
pip3 install -U --user pyFreenet
. It provides a cleaned up fcpupload
script with —spawn support (requires GNU/Linux):
pip3 install -U --user pyFreenet echo 1 > testfile fcpupload --spawn --fcpPort 9486 testfile # add -p 1 (high prio) and -e (realtime) for higher speed
It creates a Freenet node which listens at port 9486 (except if one already exists there), inserts the testfile, waits until the upload finishes, gives you a CHK link to the file and stops the node afterwards.
Also fcpupload now works again when used with a remote node.
This is tested by doublec, but still has rough edges (For example pip3 install can fail with error: option —single-version-externally-managed not recognized). But it works: people who have Java and Python3 installed on GNU/Linux can now upload files into Freenet without having to worry about Freenet at all — even without ever seeing it.
EWS 3.0 nimmt langsam Form an
Efficient commandline multiprocessing with Python3
Assume you want to run multiple commandline programs, but since you have odd file names, GNU parallel would subject you to lots of quoting hassles.
Using Python3 you can do it efficiently - both in terms of always having a process running on each processor as well as in terms of being fast and easy to write.
import subprocess as sp # for calling your program import shlex # to split a command as the shell would, but without the security issues of a real shell import concurrent.futures as con # for a thread pool # first get the thread pool with con.ThreadPoolExecutor(max_workers=4) as e: # 4: number of processors for i in range(100): # any kind of tasks cmd = shlex.split("echo '{}'".format(i)) e.submit(sp.check_output, cmd, shell=False)
That's it. Ensure to have readline activated in your Python so you can build these commands incrementally.
Happy Hacking!
Activate readline in Python
No commandline interface is complete (or even remotely usable) without readline support.
This is what I have in my ~/.pystartup:
# Add auto-completion and a stored history file of commands to your Python # interactive interpreter. Requires Python 2.0+, readline. Autocomplete is # bound to the Esc key by default (you can change it - see readline docs). # # Store the file in ~/.pystartup, and set an environment variable to point # to it: "export PYTHONSTARTUP=/home/user/.pystartup" in bash. # # Note that PYTHONSTARTUP does *not* expand "~", so you have to put in the # full path to your home directory. # import atexit import os import readline import rlcompleter # historyPath = os.path.expanduser("~/.pyhistory") # def save_history(historyPath=historyPath): import readline readline.write_history_file(historyPath) # if os.path.exists(historyPath): readline.read_history_file(historyPath) # readline.parse_and_bind('tab: complete') # atexit.register(save_history) del os, atexit, readline, rlcompleter, save_history, historyPath
Happy Hacking!
Using –1 as USK version number also gets 0
This was discussed recently in FMS and someone claimed that it's not possible to always just get the latest version because –1 cannot redirect to 0.
I tested it: That statement was wrong: USK=…/-1/ happily redirects to USK=…/0/ if that is the latest version.
However I'm not sure whether this only works if your node already knows the key version 0.
Freenet over Tor
See the article by doublec: Freenet over Tor
An efficient way to remove content from freenet…
… is to upload large quantities of content many people in Freenet wish to access, so they keep the data alive and your subsequent uploads have a larger chance of displacing remaining blocks of some content you actually want to remove.
To say it with XKCD:
cc by-nc, from Randall Munroe via xkcd 810
☺
It's not quite a perfect solution, because those answers might be constructive, but still bury answers which are more constructive, so mediocre answers could drown out great answers. But it gives people the chance to find good things.
in case anyone thinks voting is easy…
Here's an implementation of the debian voting system I just found:
(from http://www.seehuhn.de/pages/vote — I chose that one because it has a tarball)
Just unpack and ./configure
Then create a file which looks as follows
V: 123 V: 213 V: 3--
With each line being a vote which orders a set of options from most preferred to least preferred (in this case 3 options).
Then run ./debian-vote [your file]
Task planning value poll documents
The following are the documents for task planning. Fill out either of them and post them or a Freenet-Link to them on FMS, Sone, a freesite, FLIP or the devl-list.
In the files there is one value at 10, because the original version used a value of 14.925 to fit the 1000. This is not a hint that you should put 10 there, just a simple measure to ensure that you can distribute points without having to calculate the total value - as long as you always add only what you subtract.
If it goes as I think best, this is just an opinion poll, not a binding vote. So please give your honest opinion about the value you think completing a given point would provide for Freenet.
there's no temporary mitigation; opennet is the temporary mitigation
That's from Florent / nextgens. Perfectly captures the relation between darknet and opennet.
If you want to be safe, get people you know to start using Freenet and connect to them over Darknet. Confidential N2N messages to your friends are a nice bonus you gain from that.
(context: over the years many people suggested to make a semi-trusted darknet to mitigate the problem that some people do not know enough friends to connect. That's what Opennet provides)
Stats down: stats node was heavily loaded
Short note: The stats page shows a heavy drop of IDs online IDs. That's an artifact of overload on Steves node. He fixed it and it will be up at the value from a week ago within a few days.
Die Principia Diskordia
Eins der Werke, die ich hier her kopieren darf, und die eigentlich längst hier hätten sein müssen :)
CC by-nc — zum Werk passend die umstrittenste der CC Lizenzen :)
Video Contact Sheet, a free video thumbnailer
I looked for video thumbnail generators, and this is the best I found — the LGPL licensed bash-script vcs
(be sure to use —anonymous)
From http://p.outlyer.net/vcs/
Full sources: vcs-1.13.2.tar.gz
Requirements (most desktops should have all, or most, of them): ImageMagick (at least version 6.3.5-7) (convert, montage and identify commands), mplayer or FFmpeg (preferably both), and some common stuff available on most sane desktops: bash (≥ 3.1) (for bash v2.05b use vcs 1.12.2), sed, grep/egrep, getopt and cut.
What would be even better is if someone could create a thumbnailer which chooses frames based on a measure of interestingness — for example gradients in the stills, as it is done for images. Examples (sadly the full versions are all paywalled, but the abstracts should give you a hint what I mean):
- http://link.springer.com/chapter/10.1007%2F978-3-319-23192-1_6
- http://dl.acm.org/citation.cfm?id=2502109
EU digital copyright consultation, last chance (please take part!)
An important EU public consultation on copyright closes on Wednesday. As well as the official consultation page from the European Commission, there is an easy-to-use site set up by the Copyright for Creativity group that aims to facilitate the process by explaining what the questions really mean. It takes only a few minutes to complete, and automates the entire submission process. There are versions in English, French, German, Spanish, Italian, and Polish.
Help fix copyright in the EU via the site from fixcopyright: http://youcan.fixcopyright.eu/limesurvey/index.php/591338?lang=en&newtest=Y
Explanatory videos:
Copy explains Freedom of Panorama
Meet Copy's Cousin: Ancy short for Ancillary Copyright
1475 is risky: If you don't want it to break your setup, please test it!
Florent released 1475-pre1 last saturday. Please test it — especially if you use Windows (since no core dev uses that) but also on GNU/Linux and MacOSX!
https://emu.freenetproject.org/pipermail/devl/2016-June/039045.html
./update.sh testing
Fun with stenography
(not quite steganography, but without the text around it, it's pretty close to steganography for those who don't know the shorthand system Deutsche Einheitskurzschrift (DEK) ☺)
More info in German: Die Ranmex
the audio tag (in 1474)
//
Fun:
Thanks to the mp3 fixes from bertm and thanks to Florent merging my audio-tag work, the above now works (if you run next built from source or at least build 1474 which is not yet released at the time of writing). We finally have convenient music in Freenet!
(the song is the Hero of Freenet, adapted from the Hero of Canton from Firefly)
Use it like this:
<audio src="https://d6.gnutella2.info/freenet/CHK@isWfMMvheTKf37kgQi~CM82Xtgo5D5J8p-Q0C61T5~E,RaXwRgxI5DzMP9WqCClvIn5mWKt-GiUYKx1CVCAwGhs,AAMC--8/the-hero-of-freenet.mp3" type="audio/mpeg" style="height: 20px" controls="controls" preload="auto" ></audio>
Omnia kommt nach Karlsruhe! 23. July 2016! Vorverkauf bis 11. Juni!
http://spectaculum.de/termine/karlsruhe/
Mittelalterbands:
- „Saltatio Mortis”
- „Faun”
- „Mr. Hurley & Die Pulveraffen”
- „Omnia”
- „Saor Patrol”
- „Cobblestones”
- „Rapalje”
- „Cultus Ferox”
- „Metusa”
- „Duivelspack”
Stelzentheater:
- „Feuervögel”
Gaukler:
- Kontaktjonglage „Kerry Balder”
- Kraftjongleur „Bagatelli”
- „Jeremias”
- „Lupus”
Feuerformationen:
- „Cross Fire”
- „Danse Infernale ”
Weitere:
- Kindertheater Zauberer „Heiko”
- Fechtkampfgruppe „Fictum”
- „Dudelsack- und Drehleierworkshops”
- „Tanzworkshop”
hotfix testing release, please test!
There's a testing release with hotfixes for three pressing problems:
- When a bandwidth less than the minimum bandwidth is configured, the
node no longer fails to start, but uses the minimum bandwidth instead.
This fixes a regression introduced in build 1473.
- Selecting the monthly bandwith limit failed and only allowed
setting
the minimum bandwidth.
- A metadata validation bug that has plagued Frost users for the past
two days is fixed, which caused most of the affected node's requests
to
stall after a malicious splitfile is fetched.
Update with ./update.sh testing
(this will connect over the internet, don't do this if you're using
pure darknet)
For details, see the mailing list or the fms message:
Planning Freenet tasks in Freenet
bertm is regularly uploading the task-planning Freesite to enable anonymous users to take part in the discussion:
Submit your comments to the following FMS thread so they can be integrated by non-anonymous folks:
I don't agree on using Google Docs for this, but as long as it isn't important to the workflow (though only because people proxy — thanks go to Ademan and bertm), I'll take part.
Today I'll be 34
let's see what this day has in store ☺
Material to understand Freenet
For the basics, have a look at some slides I wrote: http://www.draketo.de/proj/freenet-funding/slides.pdf
If you want to go somewhat deeper, you can look at the articles I wrote about Freenet, as well as the wiki:
- http://www.draketo.de/stichwort/freenet
- http://www.draketo.de/stichwort/freenet?page=1
- https://wiki.freenetproject.org/Main_Page
And if you want to go really deep, look at the papers:
https://freenetproject.org/about.html#papers
After that, there's only the source, the one true source of truth:
https://github.com/freenet/fred/
//
1w6 Ein-Würfel-System in Freenet
Ich habe die Deutsche Druckfassung von 1w6.org in Freenet hochgeladen:
Die Seite enthält nicht nur die Beschreibungen, sondern auch das komplette Technophob-Regelwerk und 10 Jahre Charakter-Logs. Und sie funktioniert in Freenet gut.
Als Ergänzung habe ich das Grundregelwerk als PDF hochgeladen: 1w6-regeln-2.6.1i.pdf
The Hero of Freenet (Thank you, Firefly!)
Inspired by Hero of Canton (The Ballad of Jayne) from Firefly:
http://www.browncoats.com/index.php?ContentID=468740c2b0ff2
Update: seconds -> seasons, breakage -> problems.
Steve, the man they call Steve!
Ref:
He worked for a switch and he worked for the poor
Stood up for the man and he gave him what for
Our love for him now ain't hard to perceive,
The hero of Freenet, the man they call Steve.
Now Steve saw the gaters nodes breaking,
he saw the Mac folks lament,
And he saw that Oracle takin'
Every dollar and leaving five cents.
He said "you can't do that to my people!"
"You can't grab our folks by their throats!"
So Steve strapped on his hat
and in five seasons flat
fix the problems which sunk Freenet nodes.
Ref
Now here is what separates heroes
from common folk like you and I,
the man they call Steve
gave his grudges a leave
and fixed Windows boxes to fly.
He ran the Microsoft devtools,
He got those MacOSX bars,
The man they call Steve
gave his grudges a leave
then used Linux to head for the stars.
Here we go!
Ref
Head over to Youtube to hear how this could sound:
- https://www.youtube.com/watch?v=DOQ5m4btECM
- https://www.youtube.com/watch?v=vEIDvgapTw8
- https://www.youtube.com/watch?v=QAo-1U7doLk
- https://www.youtube.com/watch?v=B5yHlP5yQyk
PS: If you plan to record this, please make a new, separate identity for that. Your voice and playing style are never anonymous. Chords are at the official Firefly website shown above (browncoats). I can already sing it OK, but I cannot yet play it right — maybe you'll beat me to it :)
PPS: And thanks to whoever once shared Masterharper of Pern mp3s in Gnutella, through which I found Filk music from which I now buy quite a few CDs every year and which became a home for me! Music which is shared on websites which are already being dropped from the Google index. Where else do you think would you meet 100 people who sing about everything from Pern to Lord of the Rings, DnD, Witchcraft, Hacking, Shadowrun and Harry Potter?
Goals for Salt donations at Bountysource
Hi,
I now set the Bountysource Salt goals I proposed in the previous mail (contained after this text):
See https://salt.bountysource.com/teams/freenet
copied here:
conference travel costs $250
We can now cover the expenses to get Freenet developers to conferences
for spreading Freenet
- yearly Freenet Hackathon $750
In addition to the conferences, this finances a yearly Freenet Hackathon to allow the farspread development team to actually meet in person and dedicate a weekend to the most efficient way of hacking: an in-person hackathon.
- one paid part time developer $3,050
If we reach this goal, we can hire a part time developer (after taxes it's about 1.2k$ / month net salary).
- one paid full time developer $10,000
At this point we can hire a dedicated full itme developer and push Freenet core forward much stronger, as well as ensure that contributions get reviewed and merged promptly (after taxes it's about 3-4k$ / month net salary).
It's now also linked on the donation page (
https://freenetproject.org/donate.html#donate ), so Salt for Freenet
is
now as official as it gets.
Please comment!
Best wishes,
Arne
> Steve Dougherty writes:
>> On 03/07/2016 05:50 AM, Arne Babenhauserheide wrote:
>>> I'd like to revisit the discussion about monthly donations via salt
on
>>> bountysource.
>>>
>>> We have an account with currently one anonymous monthly supporter
and
>>> one non-anonymous supporter:
>>> https://salt.bountysource.com/teams/freenet/supporters
>>>
>>> This allows us setting actual monthly targets which people can check
---
>>> for example sufficient monthly donations to support a developer.
>>>
>>> If we want to make salt part of Freenet donations, I will put it on
the
>>> donation page. If I remember correctly, the previous discussion
was
>>> inconclusive, so I'd like to get your opinions again:
>>>
>>>
>>> Will we take salt money?
>>
>> I'd be fine with that.
>
> Since there were no other opinions, I consider this as general
> agreement. We will take Salt money.
>
> I added a pull-request to link Salt from our donation page:
> https://github.com/freenet/website/pull/51
>
> While I was at it, I also reworked the donation page a bit:
> https://github.com/freenet/website/pull/52
>
> So the next question rises: Do we set targets? Some ideas:
>
> - $250: cover expenses to spread Freenet at conferences.¹
> - $500: cover expenses for a yearly Freenet Hackathon.¹
> - $2300: one paid part time developer.²
> - \(7000: one paid full time developer.²\\
>\\
> Do you have other ideas?\\
>\\
> ¹: I'm not sure whether my cost estimate is correct. Does it fit
your\\
> experiences?\\
>\\
> ²: Note that this includes tax --- it's about 1.2k\) / 3-4k$ net
salary.
>
> Best wishes,
> Arne
I am darknet only again
There is now a detailed report⁰ how law enforcement tracks opennet downloaders (though the statistics are flawed pretty badly¹²). Since this is not only usable against criminals but also to track down anyone who accesses websites in Freenet, allowing censorship by threatening people with punishment for reading something, I decided to go dark again, so I can see which problems still exist in pure darknet.
However I have roughly 10 darknet friends (not all online at the same time), so my performance isn't actually that bad.
⁰: I'm not allowed to upload the report here, so I can only give a clearnet link to the white paper: https://www.ncjtc.org/ICAC/Courses/trngres/Freenet%20Investigations%20White%20Paper%20-Black%20Ice%20%20%28090413%29.pdf
¹: : the vulnerability to HTL18 they use has already been addressed in 2008, so any probability they claim using that is false. For every connection there is a 50% chance that all the requests (not only a single one) did not originate from the node from which we received them but were forwarded one step. So for 10 connection (the lowest value), there are 5 other nodes whose HTL18 requests are forwarded with HTL18, so the probability that a given HTL18 request originated at the node from which we received it is only about 17% (1 in 6). And this probability does not get better when gathering more requests of chunks from a specific file or a specific kind of files, because they can reasonably all be forwarded from a different node — the one which really sent them. The only way to get good statistics would be to connect to this node over and over again at different times when the peers of the node changed (that requires waiting at least 2 hours to change a significant number of peers — the only way to be sure would be to wait for the other node to go offline for more than 5 minutes and then to connect to it again). However screening out every node which ever sent a HTL17 or HTL16 request could improve the reliability a lot, though with significant cost. That doesn't change that their probabilities are calculated incorrectly, but could give them a pretty good hit rate on people downloading a large volume of material.
- Code:
https://github.com/freenet/fred/blob/next/src/freenet/node/PeerNode.java#L1603
- Commit:
https://github.com/freenet/fred/commit/4aaa08f11656af1dd857e45612763c9bd2d89fc2
²: Despite the flawed statistics they used, there are correlation
attacks which are pretty easy in Opennet. Just have a look at a random
selection of toads flog entries:
Toad's
Flog
The solution to these is to use Darknet mode (pure friend-to-friend) and
to make using Darknet mode easier.
Also we can change the Opennet Port at every restart of Freenet to make continuous tracking harder.
logs from working two-step UOM
Thanks to pull request 514 by yadevel, two-step UOM as needed for the next release seems to work! https://github.com/freenet/fred/pull/514
These are my logs from the second working UOM update, gathered from the UpgradeTarget:
freenet-1470-2016-03-16-01.log.gz
freenet-1471-2016-03-16-01.log.gz
freenet-1472-2016-03-16-01.log.gz
freenet-1472-2016-03-16-02.log.gz
radio over Freenet… works!
my playlist plays!
This currently needs a custom built Freenet, since it relies on 3 not yet included pull-requests. To test it, see https://github.com/freenet/fred/pull/510#issuecomment-192769133 (sorry for the clearnet link, I don't have anything better right now)
mp3-based radio (thanks to bertm) with a simple m3u playlist for multiple song support. Und it seems to have that evil recursive playlist thing working :)
Trusted Friends, thanks to det
//
Trusted Friends, thanks to Libertatem Pugnator
This text was written by Libertatem Pugnator on FMS. It's the best explanation for whom to trust which I read till now. License public domain, WTFPL or by-nc-sa. "(link)":/SSK%40CHXMTXj-hXFhjjxBctNCHDfi4bHR-RwfHMimdnXHKZY%2CUTv54OQKNpnNLAkbEVEQMvLXuMOIfKZAvsLjKKCy25k%2CAQACAAE/fms|2016-02-28|Message-2?type=text/plain
Anyone you interact in over Freenet is just with text and binary information.
While any one you know in meatspace is more then that you have subtle facial cues when someone lies about their job or heritage, you can always follow them home and see what their personal space looks like.
Unlike over Freenet where every word you read is potentially engineered for you.
If you have enough evidence in meatspace that the person you know understands the need for anonymity and wants to help create more spaces for it, while not turning against you. Only in that case you have found a Darknet peer.
With that being said you can also do the same for people you met and
have interacted with online only for several years.
Most would safely assume they do not have a plan to arrest/spy/fuck you
over after so much time and memories you have shared.
To add: time and memories you have shared in a context where or when you weren't interesting for an attacker.
WoT trust list, anony-anonymized
nextgens called me up on not passing out the trust list with the literal IDs to make it easy for researchers to do analysis on the trust lists without having to bother that their results might de-anonymize people via correlation attacks. So I replaced all IDs with numbers (and deduplicated the trust relationships — some IDs were downloaded twice). The nice side-effect is that the file is now only 3.6MiB, uncompressed.
A WoT dumper in 129 lines of Guile Scheme (fixed)
(because I wanted to try)
Usage: guile -e main -s crawl-wot.scm
Dependencies: GNU Guile: http://gnu.org/s/guile — guile-2.0.11.tar.gz
//
//
Answers for "I can't use Freenet"
Answer to a message in FMS
psst@GdwOemQBWXsp4XV0QKBmzn9-3p06AdYCQw—rfL5DYI wrote :
> ArneBab@-jtTqLLTLaRaqqNx4Jq9Kxw5ejhGDxkeCdlDN9ckH1w wrote :
>
>> Yes. And that's one of the reasons why we need Freenet: to wrestle
back control over our communication channel.
>
> Good luck getting people to use it though.
Yes, that's something we need to fix. And there's a lot we can do for that. It's just a lot of boring work.
And thank you for that list!
Let's go through these and see which we could fix:
> I can't use Freenet. It's illegal! It isn't? How do you know?
It's created by a registered tax-exempt charity, how can it be illegal?
> I don't want people to think I'm some kind of paranoid nutjob.
Maybe we could quote the New York Times or the Guardian on the frontpage?
> Why don't you grow up, and just accept that you have to be ruled by authority? It's just the way the world works!
Democracy without free press is meaningless. Let's quote some presidents on this. Does anyone have a quote at hand?
> There's no need for Freenet, because nothing is wrong, otherwise my daily commute in my gas guzzler and my TV would be bad, and I like those!
You don't have to change your life to use Freenet. You do harm yourself quite a bit if you let others control your communication, though. They might make you think your life is bad.
> Get a life, you fat neckbeard.
Let's play some games on Freenet. We need more fun and life here, that's true.
> Why are you being so distrustful and negative? What are you hiding?
Did you see what they did to Edward Snowden?
> If I use it, then I'm helping terrorists blow us up!
If you let terrorists listen in on your communication, you help them
scout out their targets!
(maybe that's a bit too aggressive…)
> It's slow!
Let's not advertise sending movies. Chat over Freenet is nice (FLIP/FLIRCP).
> I have to install two programs?
Need to recover flircp and enable it by default. Also advertise node-to-node textmessages (friend-to-friend talk).
Same for Sharesite and Darknet Chat.
> I'm not good with computers!
Freenet is easier to install than Starcraft.
> im confuse can i install without thinking loll??? I don't care enough to bother.
Yes you can. Most times it actually works.
> My computer says it's a dangerous virus!
Need to get fred whitelisted in more anti-virus databases… the new C# based installer should help. Needs released 1471.
> I'm not a hacker!
I don't break into computers either. And I don't want others to publish what I tell you in private.
> Is there an app for my iPhone?
There is something for your Android:
> Can't you just send me the files on Skype?
Sure, but I won't send anything I wouldn't also send to the local newspaper. Microsoft has been shown to actually try out login links sent by skype.
> I don't have time for this I have to go to work.
Just try again a few weeks or months later.
Short term solutions (stuff which should take less than 6 months to deploy):
- Website
- put more prominently on front page that Freenet Project Inc. is a
registered charity.
- quote the guardian or so about the importance of secure communication.
- quote a US president and the UN secretary on the importance of free
speech for democracy.
- quote Edward Snowden.
- quote someone on the importance of secure communication to fight
terrorists.
- make the download page look easy. Maybe a big button instead of a
text-link?
- link the icicle app on the webpage. With an image.
- promote the use of node-to-node messages in friend-to-friend mode.
- ask people every few months to try to invite their friends again. Hey,
how about sending another note to your friends today?
- Using Freenet
- get more positive, friendly content on Freenet.
- play fun games over Freenet.
- get more positive, friendly content on Freenet.
- Freenet development
- release 1471.
- recover flircp. Make flircp, Sharesite and Darknet Chat official.
Activate by default.
- polish the user interface. A lot.
So, what do you think, would that help you invite some of your friends?
Pitch Black Attack Defense using median distance
(details some other time…)
fred infocalypse repo working again
I had broken the updating of the infocalypse repo. It's now fixed:
hg clone freenet://USK@3Xvf~RI-N8YC-xFtQIEnEwR~ZLC05UhQjQzKAS0lL4Y,PqTg9Y5Me6~WthiW5FoHG9Mq18c7oRbe0owRutJJJZc,AQACAAE/fred1.R1/129
Decentralize Everything
A great talk by Aral Balkan: Decentralize Everything
With Freenet Darknet we're already fully decentralized, but we miss the kind of interface shown here for Heartbeat. Anyone up for a design challenge?
Recover your keys from a broken WoT database
My WoT DB broke a few times. This is how I once recovered a private key I had forgotten to put into my (external) encrypted key file:
grep --text 'A.Q.E.C.A.A.E' WebOfTrust/WebOfTrust.db4o
(in reply to a question by baffled from FLIP)
Happy Hacking!
Fixed simulation shows that Sandbergs fix stops the Pitch Black attack
I found a bug in the simulation by Michael Grube. Fixing that shows that the Sandberg fix blocks the pitch-black attack. That the link length distribution isn't great but much better than random shows that routing should still work well enough (I did not test that, though).
Download:
- pitch-black-attack-fix-works-with-a-fix-to-the-algorithm.pdf
- pitch-black-attack-fix-works-with-a-fix-to-the-algorithm-node-positions.pdf
Compare this to the link length distribution we had in opennet before the link length fix (where routing still worked, though not optimally): 6.2 Link length distribution before and after deployment
The code is here:
- https://github.com/ArneBab/pbsim
- https://github.com/mgrube/pbsim/pull/1
- pbsim-fix-pitchblack.tar
- Infocalypse-key:
USK@qteH9dWOu8cnCWCLdii8Ht-7oI889zd5zbeRbVnbVNo,nI355HUzDsj~Ord1g8684—~iK8LNwbeX-DGcQWRo5Y,AQACAAE/pbsim.R1/1
(run ./testfixpitchblack.py )
The Oracle Java update breaks Freenet on Windows
nextgens: for those who wonder why we have an influx of windows users with broken JVM setups... nextgens: it looks like oracle has decided to auto-migrate java1.7 32bit into java 1.8 64bit where possible nextgens: maybe we should document that users should reinstall a 32bit java1.8 to keep a functional setup
If your Freenet breaks, reinstall a 32bit java1.8.
I hope I did not make Linkageddon stop :(
You might have noticed that Linkageddon stopped updating. I hope that isn't because I wrote that we should have censored indexes. If it is, I'm sorry. That wasn't my intention.
Observed Climate Change Indicators
//
I'm a tiny bit worried
STOA-privacy-Break-out_sessions-allocation_03-12-2015.pdf
//
If you have something which you think should be said there, please condense it into less than 270 letters and write it in FMS, Sone or Freemail. I plan to check them on monday and write it down into my paper notebook.
misinformation about Freenet
Some of you might have seen the discussions on devl. If you read my messages, you know my opinion about them. This is my answer to a user who attacked the project with misinformation. It shows one more point why such discussions are problematic.
> A centralized model of authority servers run by trusted project
> members is the way to go.
This would be dumb, because it would turn us into central points of
failure.
> Freenet users have to trust you to not backdoor the program.
This is wrong, since users can check the code and test whether the
code release corresponds to the binary release with the verify-build
scripts: https://github.com/freenet/scripts/blob/master/verify-build
> Darknet is private not anonymous and lacks the quality of data
> availability after the publisher is offline.
This is wrong.
The rest of your message does not get better so I won't spend more
time on it.
Your message here shows clearly, however, that when we're wasting time
on rehashing discussions of things which we already found to be
contraproductive, we're giving ammunition to people who want to
disrupt Freenet development.
I agree with Ximin here. I answered the three most glaring
misinformations in the message to avoid others stumbling over them. I
should blog about them. (I hereby did)
For all who don't understand what Ximin means with psy-ops:
http://draketo.de/english/freenet/de-orchestrating-phk
De-Orchestrating Freenet with the QUEEN program
hybrid: towards a global Darknet
After I wrote It is a time for Darknet, someone asked me whether that means that Freenet is only for those who have at least 5 Friends running Freenet. That's not the case.
Adding a single Darknet friend while keeping Opennet enabled already increases your safety.
Even a single Darknet friend makes you less dependent on the seednodes. That's the hybrid mode. It's an important milestone on the road to pure Darknet, since as soon as most people run hybrid, using pure Darknet becomes much easier. Most of your Darknet friends will have other Darknet friends, and if you connect via pure Darknet, your requests will exit into Opennet at many different points.
So by adding Darknet connections you don't only increase your own safety, you also contribute to making Freenet safer for whistleblowers.
Florent/nextgens asked me on the devl list what I consider necessary to make Freenet safe for the usecases I care about. Those usecases are my personal one and whistleblowers. For the first, hybrid suffices (even Opennet alone would be enough if I gave up on confidential messaging with friends), for the second the answer is:
- Darknet invitations (send a friend a zip with a prepared Freenet node
which connects to me without further interaction),
- Darknet FOAF (connecting to friends of friends, so 3-5 friends give
you good performance and it doesn't hurt that much if friends are only online a few hours each day),
- transport plugins (to hide the connections from ISP-level
monitoring),
- WoT with faster bootstrapping (getting the initial IDs).
On censored indexes…
I always thought that the indexes should always at least include a way to get a full listing of the sites known to the maintainer. Over the past weeks I changed that stance. I still think that it is good to include all sites in a parsable way. The sites.xml format spearheaded by Linkageddon and also used by Enzo's Index is great for this. But I no longer think that an index maintainer should be required to list all sites there, even the ones not listed in the index.
It is not hard to get a list of all sites by running YaCy, but creating good indexes with interesting content is hard work. So if you want to create an index which only lists sites you do not deem as offensive — or only those you consider interesting — please go for it.
If you manage to update regularly, that could help Freenet a lot, because we could put it into the default bookmarks and improve the initial impression new users get.
The "free speech means anyone can say anything, I'll shove your face through all the stuff you won't like to ensure that you understand that"-feeling we currently give new users likely turns off many potential users. Just imagine how many people would have never touched the internet again if the first thing shown to them had been the nastiest of reddit-threads or twitter death-rape-threat-rages (not implying that these are the worst parts) and not the shiny gmail interface.
(as most others, this post is my personal opinion, not a message from the freenet developers)
Please don't trust us, run the validation scripts
Someone on Frost said "compromising the devs, and if that happened, we'd here about it real quick." and got the correct answer: "Of course they'd tell us straight away rather than cut a deal with the "bad guys". /:) Everyone has a price, whether it's money, employment, or impunity."
There used to be a tool to compare the dev built jars to the source. It might still exist. — mmaalfdks
I want to ask you on behalf of at least some members of the developer team: Please do not trust us completely. If all Freenet users trust us, you put us in danger. We do have a price — we're living people after all.
That's why there are the jar-file check tools with which you can test that what is released is actually created from the code. And some people can check and diff the code to ensure that it does not try to betray you. If there are people who check that (not necessarily the same), you keep us safe. If corrupting us cannot corrupt Freenet, there is little incentive for surveillance agencies to corrupt us.
Even if you do not have the time or skills to contribute to development directly, you might still be able to run the test scripts.
Here's a tarball with the current state of the scripts (releases and verification): freenet-scripts.tar
The stegosploit tools served via stegosploit
Enjoy how the content filter of Freenet butchers the exploit. You'll need to force an unfiltered download by appending ?forcedownload=true to the URL to get the exploit code.
Ademan ported Winterface to purge-db4o
It is a time for Darknet
Seven years ago Freenet was reborn with friend-to-friend support. Most people complained that they have no friends running Freenet and started trading node references with random strangers, so Opennet was added — and this is still a common theme today. But for all you who read this, the time for excuses is over.
Seven years ago most people wouldn't have installed a program just to escape surveillance. Today many will do that.
You might say that you have no friends running Freenet, but that's not important. You know people. Colleagues. Family. Online aquaintances you've been talking with for a few years.
Invite them.
You don't need to tell them your pseudonyms or your freesites. Just invite them to connect with you over darknet. And if something breaks, tell us.
You might send them a mail asking them to connect with you for confidential communication as I did
Or write something yourself.
Maybe only one in ten will connect with you. That's OK. Even a single darknet connection makes you safer against attacks on seednodes. And that will be one person you can contact confidentially if you run into problems.
Darknet is the only structure which can survive on the long term. So invite the people you know to connect with you over Freenet. If you already tried that before, just try again. Sometimes important things take persistence, and confidential communication is important. In these days of pervasive data mining more than ever before.
It is a time for Darknet.
Günther Oettinger
A freesite reaches everyone in Freenet
Just as a reminder: If you want to reach all people in Freenet, create a Freesite and add a Bookmark link. That way your updates reach all people in here.
And this is really cool: We have a distributed tool which can really reach everyone here and which is dead easy to use — or at least it will be once ShareWiki becomes an official plugin (I'm working on that).
1944 CIA field manual on how to sabotage enemy workplaces from within.
From The CIA (yes, the real deal)
(you might not want to click that link, luckily Freenet will warn you if you see this in Freenet; yes, going to the website of the CIA will definitely jeopardize your anonymity — you could only top this by going to the website of the NSA ☺)
Thanks to Bryan Gaensler
plugins relying on db4o? Please check!
As you might have seen there were discussions on the devl mailing list about splitting up the bulging beast of freenet-ext — or rather: Objections from me on doing so in a way which might break plugins.
We don't know all non-official plugins — and can't know them — so I'd like to ask you whether any of your plugins rely on db4o from fred. If you know a plugin developer who isn't here, please forward this question.
If there are no non-official plugins which use db4o, then we can remove db4o from ext and include it directly in the plugins — which will for example allow updating db4o and will make packaging much easier.
If you can check that, it would help us a lot!
You can reach us on FMS (board freenet), Sone or flip (#freenet channel). People might also catch your messages if you write on Frost.
DoJ: Apple licenses software, so it has to decrypt
From Cory Doctorow http://boingboing.net/2015/10/23/doj-to-apple-your-software-is.html
The DoJ is currently trying to force Apple to decrypt data stored on a defendant's Iphone, and Apple, to its great credit, is fighting back, arguing that on the one hand, it doesn't have the technical capability to do so; and on the other, should not be required to do so.
A new filing from the DoJ attacks this second point in a novel and far-reaching way. The Justice Department lawyers argue that because Apple licenses its software — as opposed to selling it outright — that it is appropriate for the government to demand that Apple provide assistance in its legal cases.
To my knowledge, this is an entirely novel argument, but as I say, it has far-reaching consequences. Virtually every commercial software vendor licenses its products, rather than selling them. If the DoJ establishes the precedent that a product's continued ownership interest in a product after it is sold obliges the company to act as agents of the state, this could ripple out to cars and pacemakers, voting machines and tea-kettles, thermostats and CCTVs and door locks and every other device with embedded software.
(the quoted part in this entry is licensed under cc by-nc)
Winterface: Where the Freenet GUI should be headed
There's an infocalypse repo you can get via
hg clone freenet://ArneBab/winterface
or
hg clone freenet://USK@6~ZDYdvAgMoUfG6M5Kwi7SQqyS-gTcyFeaNN1Pf3FvY,OSOT4OEeg4xyYnwcGECZUX6~lnmYrZsz05Km7G7bvOQ,AQACAAE/winterface.R1/13
Also it's on github:
preserving Gantros flog via shoeshop
Gantros has left us, as we know from his/her supporters who had the key in case of problems: Goodbye World
I said goodbye in the last Sone post of Gantros
I downloaded the last version of the flog authored by Gantros as well as this final information with Shoeshop, so we can reinsert them if they should happen to fall out.
To upload these you need the Shoeshop-plugin
Up-to-date infocalypse freesite and repo
I started a small site to give up to date information about infocalypse and pyFreenet: infocalypse_and_pyFreenet
Develop over Freenet, safely. General Information site. Tries to keep it short.
Category software missing from default bookmarks (sorry)
Due to an error on my side while reorganizing bookmarks, new nodes were missing the complete software category. The fix is simple: use the right name for the documentation category and change the index-numbers in software to actually start from 0 — likely I had moved one last bookmark short before committing which killed the zero bookmark. There's a pull-request and the fix should be in the next release.
I'm sorry for the trouble this caused. No wonder newbies had problems finding FMS…
port forwarding in a screen
If you don't want to or can't fiddle with system files, but you want to forward Freenet to your current system, you can simply run the port forwarding in GNU screen:
$ screen -RR # recover an old, detached screen, or start a new one. $ while true; do ssh -NL 8888:localhost:8888 \ -L 4242:localhost:4242 -L 8080:localhost:8080 \ -L 8088:localhost:8088 -L 8889:localhost:8889 \ -L 9481:localhost:9481 -L 9482:localhost:9482 HOST; date; sleep 5; done (hit CTRL-a d to detach the screen)
Ports: 8888 (freenet), 4242 (quassel), 8080 (FMS), 8088 (Winterface), 8889 (second Freenet node), 9481 (FCP control of Freenet), 9482 (FCP for second node).
Klarnamenspflicht hilft nicht gegen Nazis, sondern bedroht Diskussionen
Die Pflicht zum gesicherten Klarnamen bringt keine Verbesserung — schon heute hetzen viele Leute mit Klarnamen.
Das Gegenteil ist der Fall: Die Klarnamenspflicht ist eine Bedrohung für all diejenigen, die sich gewaltbereiten Nazis argumentativ entgegenstellen. Die müssen dann nämlich mit physischen Angriffen rechnen.
Als Hintergrund: Ein Blogger gibt auf
(leider darf ich das wohl nicht hochladen…)
Ein Blogger gibt auf, weil er und seine Familie massiv bedroht
wurden. Die Erklärung von Heinrich Schmitz, Ex-Kolumnist von The
European und ehemaliges Mitglied der Initiative #HeimeOhneHass, im
Wortlaut.
Dayblind, a cyberpunk novel published incrementally on Freenet
Python to Guile Scheme — Freenet exclusive version
This is the Freenet exclusive ebook. If you got it via other channels, please install Freenet and share it there! https://freenetproject.org
— when free speech dies we need a place to organise!
You get this, because you cannot buy it without exposing your identity. And because by using Freenet you contribute to securing free communication.
If you like the book and you don't fear for your pseudonymity, please buy the paperback or regular ebook! draketo.de/py2guile
follow the blue rabbit
= 🐇 =
follow the blue rabbit
through the looking glass
to find your real self
= 🔍 =
„Weitgehend von der Öffentlichkeit unbeachtet“
Falls mal jemand eine Webseite über politische Korruption schreiben will, wäre das ein toller Titel…
Hat auch gleich ein Kürzel: WevodÖffu ☺
scheme-based FCP library (Racket and Guile)
Dinky's Evil Twin (sone://EWtk1limedjBM2LnGE3~z98tC8bLTu9ryLIMcFgg8PI) created an FCP tool for Racket and Guile:
- Racket:
- Guile:
This started with an alternate Python FCP library:
For details see the Sone-Thread
Lunar eclipse tonight
There will be a lunar eclipse this night. See http://eclipse.astronomie.info/2015-09-28/
The total eclipse starts at 4:10 MESZ (UTC+2) and ends at 5:23 MESZ. 4:47 MESZ is the darkest point. I plan to get up around half past 4 and wake the little ones so we can enjoy the red moon together :)
Roter Mond, überm Silbersee,
Feuerglut wärmt den kalten Tee,
Kiefernwald in der Nacht,
und noch ist der neue Tag nicht erwacht.
Roter Mond, played with my 12-String
//
PS: the upload of Earth Warrior finished. Get it while it's hot :)
cronjob: update freesitemgr site at random
I created a cronjob which chooses a freesitemgr site at random and
uploads it with some obfuscation. Throw it into /etc/cron.hourly/
and
make it executable
(chmod +x /etc/cron.hourly/17-freenet-update-random-freesite.cron
) to
have one upload per day. It will upload on average once every 24
executions.
- 17-freenet-update-random-freesite.cron (via CHK)
- 17-freenet-update-random-freesite.cron (via SSK for longevity)
The purpose of this script is to allow people to upload several different freesites without exposing that all of them come from the same person.
Optimal conversion to activelink
Activelinks have their own format (108x36 px), and creating them from normal images can be unnerving. Imagemagick to the rescue! ☺
convert Drachen-Banner-farbig.png -background white -alpha remove -flatten -alpha off -resize 108x36^\> -liquid-rescale 108x36 -liquid-rescale 108x36\! -strip -quality 95 PNG8:activelink.png
resize scales the image to fit one dimension (the other stays bigger), but does not increase the size, then liquid-rescale increases the size and then scales the other dimension, keeping the features with most information intact and distorting the rest. Finally strip, quality and PNG8 reduce size by stripping metadata and reducing the color depth.
Original:
Activelink:
You might want to adjust the background colour to your site :)
If the aspect ratio (the dimensions) of the original image is much different from an activelink, this can look strange. Example:
Original:
Activelink:
Note however, how much similarity the liquid resize preserves. I think that's awesome for an automatic transformation!
The images are from https://www.1w6.org/deutsch/anhang/mitmachen
link:
created from the source image by Trudy Wenzel:
http://1w6.org/deutsch/artwork/das-1w6-logo
adding the text with inkscape to get this svg: Drachen-Banner.svg
Thanks to the imagemagick guides!
Activism, Larp, nature and a pagan folk band playing reggae
Ask yourself whose Freedom it is
If the office worker has most opportunities, it is the freedom of the office worker. If the capital owner has most opportunities, it is the freedom of the capital owner. Look at BitCoin and ask yourself, whose Freedom it is.
— lose translation from Die Schmetterlinge (1977)
→ http://draketo.de/zitate.html#bitcoin-freedom
my first paper is peer-reviewed! ☺ happy ☺
Comparing the CarbonTracker and TM5-4DVar data assimilation systems for CO₂ surface flux inversions
On the clearnet you can find it on http://www.atmos-chem-phys.net/15/9747/2015/acp-15-9747-2015.html
The supplement includes the full sourcecode for the plots as well as most plotted data (as much as I could release), and all of it is licensed under CC by-sa (our institute changed its policies, and now open access licensing is the preferred form of publication! It's hard to overstate the significance of that decision — say again that you can't change big institutions ☺).
Profile based privacy for Pseudonyms: A legend
I've long been thinking about profile-based privacy.
When I create a new anonymous Pseudonym, it should create an activity profile based on common patterns. Some people are active on weekends, others write in the evening of their time zone, or in the lunch break at work. The definition of weekends differs across the world. And this differs by language (English is pretty widespread and Spanish is only missing in Asia, but if you speak Japanese any timezone outside Japan is unusual).
Then there are the holiday seasons. The system should automatically choose a holiday season and then stop updating during a randomly selected interval in the holiday season.
What else is there?
The cost of this is that communication between these anonymous Pseudonyms is slower than between non-anonymous people, since a reply can only arrive in the next activity interval after it was written. And it needs a minimum wait time to avoid spilling your real communication pattern by replying too quickly (when the real activity time and the fake one overlap).
Essentially we need an automatically created and enforced legend, an expanded version of bug #4753
To discuss this, please come to FMS, public forum, thread "Holiday season and security of Freenet/FMS".
Using Freenet for Static Websites in the Clearnet
Have a look at the article from Bluish Coder
Freenet now directly powers his clearnet site via nginx serving as reverse proxy. And yes, the URLs are nice: bluishcoder.co.nz/2015/09/14/using-freenet-for-static-websites.html
Happy Hacking!
no longer working darknet connection after restoring from backup
Some months ago there was an update to the crypto which causes the node to compute new types of (more secure) keys. If you restore a backup from before this update, your node will compute a different set of keys, breaking all your darknet connections.
So best do a backup of FREENET_FOLDER/node-PORT
right now. And keep it
somewhat up to date.
(this already struck twice: once it killed all my darknet connections and just now it killed the connections of one of my darknet friends)
Ideally when this occurs the Freenet UI should show a warning: "The secure keys for Friend NAME changed, but the old, insecure keys still fit. Either this is a MitM attack, or your peer restored from an ancient backup. [disable peer] [update peer (I asked and he or she restored from an ancient backup)]"
get the test scripts
> So, if you can, please run the release-checks. They are the
only effective protection against corruption of the whole network by
compromised-and-remote-controlled developer-machines.
Is there a guide of how to do this? It's probably possible to spin up a VM with a specific build environment we can check against but the key thing is to know what that evironment is.
Toad wrote about that in 2012
I just cloned the maintenance scripts repo into Freenet:
hg clone freenet://ArneBab/freenet-scripts
This needs Infocalypse with WoT integration
If you use Infocalypse without WoT, you can clone the repo via
hg clone freenet://USK@6~ZDYdvAgMoUfG6M5Kwi7SQqyS-gTcyFeaNN1Pf3FvY,OSOT4OEeg4xyYnwcGECZUX6~lnmYrZsz05Km7G7bvOQ,AQACAAE/freenet-scripts.R1/1
(both links are equivalent — the WoT one is just shorter and easier to memorize :))
More optimized streaming
Warning: Running arbitrary commands like these can be dangerous for your anonymity and your system: m3u8 playlists can trigger access to any resource, even local devices. If you want to be safe, read the playlist file before running the command.
mplayer -prefer-ipv4 -fixed-vo -nocache -playlist
SSK@vJ9s3JNTQZDKADPcFyAj7XyL0gtVSC3~Lc3ewvoA2KI,2Ft9oY0SrCJH83E9OYTATEPN7G~9LjizmjVoMiUeU80,AQACAAE/w8-playlist.m3u8?forcedownload=true
To create a stream yourself:
./freestream-webm.sh big_buck_bunny_480p_stereo.ogg w8
using the script freestream-webm.sh
The main goal of this is to allow playing videos while they are being downloaded, essentially providing a distributed streaming platform.
This script is adapted from the one bertm created, adjusted to use vp9 and vorbis instead of mp4. If you have opus, you can reduce the required bitrate a lot.
The target segment size is set to <400 kiB, because this allows the splitfile info to fit into the toplevel SSK.
Caveat: The video isn't seamless,yet, since mplayer does not preload the next video in the playlist.
Get the repo via hg clone freenet://ArneBab/stream-over-freenet
For details on getting the repo, see Infocalypse and pyFreenet
If we wanted to make this secure, we'd need a content filter for m3u8
(then the url could drop the ?forcedownload=true
) and for video (we
have unreviewed ogg filters which haven't been merged yet). If you want
to contribute, have a look at the existing two pull-request for video
(which both need work to be merge-ready):
An option to improve the experience of the stream would be to increase
SEGMENT_SIZE_KBYTE
to 3500 (below 4MiB) and always use one level of
indirection (having the splitfile info in a CHK instead of embedded in
the top-level SSK).
Thanks to doublec for the shoutout from Pitcairn Island
Streaming a video over Freenet
Update: TheSeeker found the gist with the old and more advanced script from bertm again: https://gist.github.com/bertm/69b05cac7ae2121ed700 — I added the script into the repository.
We once experimented with streaming over Freenet. Today a collegue asked me about whether we could build a youtube-portal using Freenet as backend. Within an hour we reconstructed the streaming solution. Before starting, have a look at the playlist file we'll use to ensure that it only accesses content within Freenet (this ensures that it does not compromise your privacy): "stream.m3u":
Watch the stream with
mplayer -prefer-ipv4 -fixed-vo -playlist
CHK@FgF2w6K5wOPrA7NYzw4eTABq9gyPjHUBEhRJuER7uV4,xZ5dtAL9sLi4sgLFRAa4piaAO6FrJ97Gt6NfStnvix4,AAMC—8/stream.m3u?type=text/plain
Get the repo via hg clone freenet://ArneBab/stream-over-freenet
For details on that, see Infocalypse and pyFreenet
Something like this would be cool for that:
<video poster="" src="http://server.org/SmoothStreaming/ARCHIVES/broadband-isml/2012-08-26-22-07-30-144/Segment001/oldbroadcast-m3u8-aapl.ism/manifest(format=m3u8-aapl).m3u8" controls autoplay> </video>
Morphis and Freenet
Since the question how morphis differs from Freenet came up more than
once, here's the short version: from what I understood, morphis has no
friend-to-friend layer (the Darknet-mode in Freenet — by building on
Kademlia, morphis relies on being able to connect directly to all
participants), its anonymity is tor (easy to crack with timing
analyses
and DoS attacks), its spam-resistance is proof-of-work where Freenet
uses a web of trust (morphis threat model: commercial spammers,
freenet
threat model: people who want to break freenet), it claims to be fast,
its keys are predictable (censorable).
In short: Freenet can already provide everything morphis wants to do,
and more.
To compare: Forgotten Cypherpunk Paradise
"Even if X should work, it would provide only half of Freenet, and none of the really important features - friend-to-friend darknet, access dependent content lifetime, decentralized spam resistance, stable pseudonyms, hosting without a server"
Missing features in morphis: friend-to-friend darknet and
access-dependent content lifetime (what does it do if the datastores
are
full?). Morphis comes closer to Freenet than any other system I know,
but it's still a long way from it. Or rather: Freenet already provides
what morphis only promises. Morphis sounds ambitious, and the
developer
sounds very motivated, but that's it.
On the upside, I just released Freenet Communication Primitives part
2:
Service Discovery and Communication: how to find new people, build
secure communication channels and create community forums — in 300
lines of Python.
Kleingeister
Heute in Twitter ☺
ArneBab, "(2015-08-13)":https://twitter.com/ArneBab/status/631832396476903426
und ein „Kleingeister bleiben Kleingeistig“ an all jene, die sich gerade über Rechtschreibung aufregen.
German-Catholic (@Christ_Germany):
@ArneBab ein ist Singular , von daher ist Kleingeister falsch
ArneBab:
@Christ_Germany „ein“ steht offensichtlich für den Satz „Kleingeister bleiben Kleingeistig“. Hätten Sie nun über Großschreibung gesprochen…☺
@Christ_Germany das zeigt schön, wie Konzentration auf Unwichtiges den Blick auf das Größere versperrt ☺
Mirroring a (small) website into Freenet
This is the script I use to mirror the freenetproject.org site into Freenet. It isn't perfect, but it works well enough for now.
#!/bin/sh
cd ~/freenetproject-mirror
wget -m -N -nH -k -p -E —no-check-certificate -e robots=off
—no-cookies -U 'Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.6)
Gecko/20070802 SeaMonkey/1.1.4' https://freenetproject.org
https://freenetproject.org/jnlp/freenet_installer.jar
https://downloads.freenetproject.org/latest/new_installer_offline.jar
https://freenetproject.org/jnlp/FreenetInstaller.exe
https://freenetproject.org
rm *\?*html
Mirroring a link into Freenet
For the past months I regularly mirrored pages from my own websites into Freenet, and the process works pretty well now. Today Libertatem asked, so it's time to share.
The following is for a single link:
- Get my
- $ copyweb.py -d
- $ freesitemgr add
- click enter to let freesitemgr create a new key
- share the public key returned by freesitemgr
The current pyFreenet source is pyFreenet 0.3.1.tar.gz
This is optimized for sharing selected great articles you find. Before
firing the commands, please ensure that the author allows you to share
the article in Freenet (when you mirror it over clearnet, your IP is
clearly visible). I use this in a cron script (daily run) to share
Glyn
Moody's Microblog digest
(with his permission)
Besides: For uploading single files you can use fcpupload from
pyFreenet:
- fcpupload ← gives you the CHK once Freenet starts the
insert. Only use this for files where the content isn't known, and
only
share the CHK key once the upload finished. Having it early is great
for
writing a ShareWiki site, though ☺
Blogger vor Nazis verstummt
Wer das hier nicht weitergibt hat den Knall nicht gehört.
Schmitz Heinrich gehörte zu den Initiatoren der Petition
#HeimeohneHass.
Warum er nicht mehr bloggt:
Rechte Hassbürger und
Meinungsfreiheit - Eine Kapitulationserklärung
(leider darf ich das wohl nicht hochladen…)
Ein Blogger gibt auf, weil er und seine Familie massiv bedroht
wurden. Die Erklärung von Heinrich Schmitz, Ex-Kolumnist von The
European und ehemaliges Mitglied der Initiative #HeimeOhneHass, im
Wortlaut.
Wer das hier nicht weitergibt, hat den Knall nicht gehört. Ja, das
meine
ich genau so hart, wie ich es sage.
Wenn es dich motiviert selbst aktiv zu werden, achte darauf, dich auch
in der echten Welt zu vernetzen - Leute physisch zu kennen, die dich
unterstützen, falls Rechte dich angreifen. Im Zweifel Leute zu haben,
die sich einem Rechten Mob in den Weg stellen würden, wenn die Polizei
nicht oder nicht rechtzeitig kommt.
Leute zu haben, die es merken, wenn du nicht bei der Arbeit auftauchst
oder psychisch an den Bruchpunkt kommst.
Discussion Paper: Ice melt, sea level rise and superstorms: evidence\\ from paleoclimate data, climate modeling, and modern observations that 2\\°C global warming is highly dangerous
Since last week there's a paper in pre-publication public discussion
in
ACPD (Atmospheric Chemistry and Physics). Its implications are
staggering.
License:
CC attribution (open access)
Infinite Hands finally in Freenet
Down again
Less than a day after posting the “my sites are back” message
They are down again. This time united-domains which provides my domain names has network problems.
Was up again after a few minutes
Why GNU Guile
with input from amz3
- include a scripting layer with ease
- faster development
- used in GNU Cash, Lilypond, … (TODO: finally get Lilypond to work
with
Guile 2.x!)- real threads, safely
- for C and C programs
- develop your tools with elegance
- interactive shell (REPL)
- multi-language runtime
- efficient webserver
- libraries for POSIX systems
- ties into GNU Guix
- Guile Scheme has your back
- exact math
- tail recursion
- hygienic macros (can be broken explicitly)
- object orientation as you need it (GOOPS)
- …and if you want something else reuse strict ECMAscript
(Javascript),
Emacs Lisp or basic Lua - or just add a new languagerequire("srfi.srfi-1").iota(10, 5, 7);
fhtagn — works in GNU Guile when called with —language=ecmascript - Get GNU Guile
What is Freenet? The answer in 2015.
The Freenet Project is what you get when mate Tor or i2p with
decentralized hosting (no single point of failure).
Is is what you get when you take Maid Safe and add a friend-to-friend
darknet in which those files stay available which users actually
access
(instead of the ones for which people pay).
And it is being used for anonymous communication and improved by
people
around the world since 2000.
It is the forgotten cypherpunk paradise which this year won the SUMA
award for online privacy:
https://freenetproject.org/news.html#20150211-suma-award
Männliche Lust, immernoch ein Tabu
Da 1w6.org nach dem Hacker-Angriff vor einem Monat noch immer down ist,
aber das Thema gerade durch das Hotpants-Verbot einer Schule in BW akut ist, gibt es hier die
Freenet exklusive Vorabversion eines
geplanten Artikels.
Kurzfassung: Ja, Männer haben oft Probleme,
kurze Klamotten zu ignorieren. Weil sie ihre eigene Lust nicht
verstehen. Das ist, was wir ändern müssen, und nicht die Kleidung von
Frauen. Jetzt dazu, wie wir das verstanden haben.
Wer ohne die vorherigen Artikel auf 1w6.org den Kontext vermisst, kann auf archive.org den vorletzten Artikel nachlesen: Sexualität im Rollenspiel
und bei Skythief den letzten: Sexualität im Rollenspiel – Ein Kommentar
Die Spielerin des Fuchsmenschen in unserer Runde hat beschrieben, wie
ihr
Charakter versuchte, den Vorzügen seiner Liebessklavin zu widerstehen
und dabei den Männern in der Runde ungewollt gezeigt, wie tief
verwurzelt bestimmte Tabus noch sind. Doch von vorn.
Wir haben gerade einen Nachfolger zur Herrenrunde gespielt. Die
Charaktere kamen zurück auf das Schiff der Menschenhändler, diesmal
mit
dem Plan, ihrem Treiben ein Ende zu setzen.
Wieder hat eine Spielerin den Charakter gespielt, der sich als
Menschenhändler ausgeben sollte (Neminis gab „Neru Toharu“), doch
diesmal war die Charakterin ihres Freundes nicht Frau und Partnerin
ihres Charakters, sondern nur noch Frau und Sekretärin (Mira gab
„Kieru“), denn um ein für die Herrenrunde möglichst plausibles und
schmeichelhaftes Bild abzugeben, hatte sie entschieden, dass sie die
Liebessklavin Kerani, die Neminis bei dem letzten „Besuch“ in der
Herrenrunde (der vielen der Herren den Hals brach, wenn auch nicht den
schlimmsten) geschenkt worden war, als dessen neue Gespielin auszugeben.
Jetzt genug mit Einführung. Neminis hatte Kerani gerade mit einer der
Sklavinnen von dem Schiff mitgeschickt, und der Sklavin die Anweisung
gegeben, Kerani so elegant und gleichzeitig aufreizend wie möglich zu
kleiden. Dann beschrieb die Spielerin, wie Neminis sich vorbereitete,
um
den Reizen Keranis widerstehen zu können (er war ihnen bisher erst
einmal erlegen, im Vollsuff, und er geißelte sich seitdem dafür, weil
er
ihren absoluten Gehorsam nicht ausnutzen wollte). Sie erzählte, wie er
meditierte und sich konzentrierte. Die Männer in der Runde wurden
schon
unruhig. Wir spürten, dass das so nicht klappen konnte. Ich schlug
eine
kalte Dusche vor, was aber auch nicht besser war - stereotyp, hilft
aber
erfahrungsgemäß nicht wirklich - dann sagte jemand „na einen abwedeln“
(oder so) und alle Männer der Runde lachten verschämt. Kein
befreiendes
Lachen, und erst Recht kein Auslachen, sondern das beschämte Lachen,
das
entsteht, wenn alle wissen, dass ein Tabu gebrochen wird, dazu aber
nicht wirklich stehen können. Einer erklärte „die Luft rauslassen,
wenn
dann nach dem dritten Mal nichts mehr da ist“ und noch ein paar
weitere
Umschreibungen fielen. Ich merkte, wie komisch die Situation sein
konnte, deswegen sagte ich, „Du siehst, dass wir mit dem Thema alle
nicht ganz klar kommen, sonst würden wir nicht so verschämt lachen“,
und
andere bestätigten das. Die Stimmung entspannte sich wieder und die
Runde ging weiter, aber in mir blieb die Überraschende Erkenntnis
zurück, wie stark in allen Männern in der Runde das Tabu der Onanie
noch
verwurzelt war. Wir sind alle um die 30, zwei der Männer in unserer
Runde sind verheiratet, davon habe ich schon zwei Kinde, zwei weitere
sind Single. Und wir alle haben Probleme, frei über Onanie zu
sprechen.
Und damit über einen zentralen Aspekt der männlichen Lust - genau wie
auch über männliche Lust allgemein. Für alle Männer in der Runde war
klar, dass die Selbstkontrolle, die Neminis an den Tag legte,
teilweise
ans Unrealistische grenzte. Das haben unsere Blicke deutlich gezeigt.
Aber wirklich beschreiben konnten wir es nicht.
Das soll nicht heißen, dass ein Mann eine Frau nicht ohne Lust ansehen
kann. Das geht, und ich konnte es selbst lange Zeit sehr gut - solange
ich noch Jungfrau war deutlich leichter als seit ich meine Frau
kenne -
doch das braucht eine bestimmte Geisteshaltung, eine Geisteshaltung,
die
aufrechterhalten werden muss, und die schneller Sprünge kriegen kann,
als man erwartet.
Und das ist ein tieferes gesellschaftliches Problem, als dass wir
einer
Spielerin nur schwer erklären können, wie sie ihren Charakter
plausibel
spielen kann.
Es wird viel über sexuelle Belästigung gesprochen, doch die
Lösungsansätze dafür bleiben oft in den Symptomen stecken. Rote
Karten,
Strafbewehrte Verhaltensregeln, Klagemöglichkeiten, usw. Diese
Lösungsansätze sind wichtig, denn sie reduzieren den akuten
Leidensdruck
von Frauen, helfen also, eine Situation zu entschärfen, die für die
Hälfte der Bevölkerung unerträgliche Belastungen bedeuten kann. Aber
sie
schieben Frauen die Aufgabe zu, die Symptome von Problemen zu lindern,
die ihren Ursprung darin haben, dass nicht nur Onanie, sondern
männliche
Lust an sich in unserer Gesellschaft zutiefst tabuisiert ist. Wir
können uns heutzutage mit einem Mausklick Bilder von männlicher
Lustbefriedigung besorgen. Doch Lust selbst, wie sie entsteht, wann
sie
entsteht (oder auch nicht) und wie man mit ihr umgehen kann, das ist
so
Tabu wie Onanie. Es berührt die Ideologie des immer freien Willens,
und
es berührt den Zwang, immer funktionieren zu müssen.
Ich persönlich bin hier einer Autorin von eroticstories.com zutiefst
dankbar: Sie schrieb „erst war es für mich komisch, dass mein Mann
auch
während unserer Ehe onanierte, doch inzwischen habe ich verstanden,
dass
er mich trotzdem liebte und unser Sex trotzdem erfüllend für ihn ist“.
Hätte ich diesen Satz nicht gelesen, hätte meine Beziehung vermutlich
kaum ein Jahr, mit Sicherheit aber keine 10 Jahre gehalten. Und das
ist
ein gesellschaftliches Problem: Warum muss ich erst auf einer obskuren
Seite noch obskurere Texte lesen, um Weisheiten zu finden, die heute
ein
essenzieller Teil meiner Ehe sind?
Unsere Eltern können das nicht leisten, die haben selbst noch mit der
verklemmten Sexualerziehung unserer Großeltern zu kämpfen, und wir
können froh sein, wenn sie uns nur einen Teil davon weitergeben und
nicht gleich das ganze Paket von Schuld und der Schmutzigkeit unserer
Körper.
Wie sollen wir lernen, ein gesundes Verhältnis zu unserer eigenen Lust
zu haben, wenn wir zulassen, dass sie so stark tabuisiert wird - wenn
wir uns selbst erlauben, sie zu tabuisieren?
Nicht nur angeblich reine Liebe, sondern auch die genauso menschliche
und auch genauso positive Lust war Auslöser schrecklicher Schlachten
und
eine zentrale Triebfeder von Politik, doch wir als aufgeklärte
Menschen
lachen, wenn wir darüber reden, dass Männer Onanieren, um ihre Lust im
Zaum halten zu können.
Ich erinnere mich da an eine Szene aus den Säulen der Erde (Ken
Follet):
Der (böse) Prinz onaniert, nachdem er die Frau des (guten) Maurers
beobachtet hat. Kaum eine Szene hat meine eigene Haltung zu meiner
Lust
und zu Onanie mehr beschädigt als diese: Lust wird hier als dunkle
Kraft
gezeigt, die in die geistigen Abgründe der Höllenqualen führt. Als
eine
Verderbtheit, eine Schwäche des Charakters. Und nur der Böse hat
onaniert. Die Guten taten sowas nicht - auch nicht in den meisten
anderen dieser in Beziehungen erschreckend verklemmten Fantasy- und
Science-Fiction-Literatur. Über Sexorgien lässt sich leicht schreiben,
aber über die Lust selbst wagt es kaum einer dieser Bücher zu sprechen
(auch wenn Bücher hier schon viel weiter sind als Filme).
Und auch diejenigen, in die ich bei diesem Thema die meisten
Hoffnungen
gesetzt hätte, lassen uns erschreckend alleine: Während durch
feministische Aktionen Frauen mehr und mehr Selbstbestimmung der
eigenen
Sexualität zugestanden wird (ja, das meine ich so böse, wie es
klingt),
haben sie zum Verständnis der Lust des eigenen und des anderen
Geschlechtes kaum etwas beigetragen - zumindest kaum etwas, das ich
mitbekommen hätte. Was heißt, dass obwohl es solche Beiträge gibt
(Stichwort sexpositiver Feminismus), diese Beiträge die heutige
Gesellschaft bei Weitem nicht durchdringen - obwohl die wirklich
helfen
könnten, eine der Ursachen von sexueller Gewalt in unserer
Gesellschaft
zu beheben.
Jetzt genug des Meckerns, zurück zum Thema: Nicht nur Sexualität ist
heute tabuisiert, die Lust an sich ist es. Sobald lustvolles Handeln
Gedanken der Sexualität beinhaltet, nennen wir es nicht mehr Genuss,
sondern Wolllust. Und Wollust wird als Böse verschrieben, doch nicht
wirklich thematisiert (wie so oft dienen Schubladen dazu, es zu
vermeiden, sich mit dem Thema wirklich zu beschäftigen).
Ist es ein Problem, wenn ich meine Frau mit Wollust betrachte? Ist es
nicht ein viel größeres Problem, wenn ich das nicht tue? Oder ist es
ein
Problem, wenn ich es tue und sie sich gerade nicht so sehen will? Wann
hat meine Frau Lust und wann nicht? Ich verstehe es nicht - und doch
ist
das für mich noch viel einfacher, als für ungebundene oder Leute in
freier Ehe. Die müssen in der Lage sein, zu erkennen, wann relativ
Fremde Lust haben, und sie auch ausleben wollen. Und das können wir
kaum
verlässlich schaffen, solange Lust so ein starkes Tabu ist wie heute.
Ich verstehe nur teilweise, wann mein Körper reagiert, und was das
bedeutet. Und ich kann es noch viel schwerer mit anderen besprechen -
selbst wenn ich mit meiner Frau spreche, greife ich auf Umschreibungen
zurück.
Überall um uns sind Reize, aber wer sich von ihnen berühren lässt,
wird
als schwach gesehen. Leute sagen „Die ist scharf!“ und in Filmen gibt
es
dann und wann ein „Die macht mich geil!“, aber kaum jemand spricht
davon, wie sich das eigentlich anfühlt, was es eigentlich bedeutet.
Es ist so viel leichter, über Sex zu tratschen und sich nicht selbst
zu
offenbaren, als über Lust zu reden und dabei einen Teil des eigenen
Selbst zu offenbaren - und damit einen Berührungspunkt zu liefern.
Obwohl Lust ein völlig natürlicher Teil unseres Lebens ist, so wie
Hunger und genussvolles Essen.
Beantworte ich hiermit Fragen? Lasse ich sie offen? Ich glaube ja,
aber
ich hoffe, ihr seht es mir nach. Ich würde das Thema gerne tiefer
durchdringen, aber ich befürchte, dass ich meine Runde damit an ihre
Grenzen bringen würde und möglicherweise auch für mich gefährliches
Terrain betreten würde.
Nachdem ich diesen Artikel geschrieben hatte (aber noch nicht
abgetippt), habe ich in einer anderen Gruppe noch eine Runde Barbaren
gespielt. Die Ansage „nur beiderseitig gewünschter Sex“ war
überraschend
gut darin, die Runde von Exzessen abzuhalten, aber ich habe auch
wieder
eigene Grenzen gespürt. Was ist Lust, was ist Lebendigkeit, was ist
Freiheit, was ist Macht? Warum kann ich Flirten, Annäherung, das
Erwachen der Lust, die ersten Berührungen, den Moment des Eindringens
und die Ektase des innigsten Kontaktes nicht mal in einer reinen
Männerrunde frei ausspielen?
Ist das eine Freiheit, die mir fehlt? Hätte ich sie erlangt, wenn ich
in
meiner Jugend mit gleichaltrigen unterwegs gewesen wäre, statt Bücher
zu lesen? Oder wäre ich dann noch verklemmter, weil ich mich nicht so
leicht auf eigene Faust gegen gesellschaftliche Konventionen hätte
stellen können? Weil ich das Urteil meiner Kumpel gefürchtet hätte?
Vielleicht könnt ihr mir helfen: Fällt es euch auch schwer, offen über
Lust zu sprechen? Fällt es euch leichter? Oder lasst ihr das völlig
außen vor? Sind Sexualität und Lust Teil eurer Runden?
Fühlt euch frei, hier anonym zu schreiben: Das hier ist die
Freenet-Version des Artikels. Der
Freenet
Social Networking Guide
beschreibt, wie ihr Freenet für anynome, spamresistente, komplett
dezentrale Kommunikation verwenden könnt.
Pre-Crime comment: If it's not illegal, it's legal.
Currently people are discussing pre-crime in Sone
> What if someone researched blunt trauma damage with hammers and started carrying a hammer around?
This is my contribution:
If he does not make death threats, he doesn't do anything illegal.
For all we know he could be a blogger who wants to write about hammers
as weapons. Or a roleplayer researching realistic rules for his
contemporary martial arts rulebook.
Back in the days I was in an email list where we discussed how to get
dirty nuclear weapons into the US, because one of the members wanted
to
run a campaign where they players have the goal to stop terrorists
from
doing that. I'm pretty sure that that got us on all kinds of
watchlists -
except if we were already in their "crazy SR_D freaks, they only play
Shadowrun" filter.
Strange coincidence that I'm in Freenet now, which is the closest
real-world equivalent to
jackpoint, the darknet p2p
data haven in Shadowrun
Das Problem der Troika: Syriza meint es ernst
Ich habe gerade einen Artikel in der Taz gelesen, der ein völlig
anders
Bild auf die Syriza geworfen hat, als andere Medien. Genauer: Es war
der
erste Artikel, den ich gesehen habe, der von den Leuten gesprochen
hat,
die Syriza am Laufen halten. Von der Gruppe junger Deutsch-Griechen,
die sich des Vertrauens der Bevölkerung sicher sind und daran glauben,
dass sie etwas verbessern können.
Zu Besuch bei Griechenlands Führung: Wie tickt Syriza?
Heute ist mir dann aufgegangen, warum die Troika mit Syriza nicht klar
kommt. Syriza meint es ernst. Sie wollen wirklich die Situation der
Griechen verbessern und für die Bevölkerung kämpfen, die sie gewählt
hat. Und dabei noch für echte Demokratie in Europa kämpfen.
Und das Neuland für die Troika.
My deepweb story
On reddit someone asked: What's your deepweb story?
This is
my
answer
Please share it!
I am a Freenet user, and I had quite a few frightening experiences.
Once someone threatened me for telling him that killing Netanjahu is a
dumb idea which would only make matters worse for Palestina. But wait,
that was on G+…
Then that other time, when I was insulted by Neonazis. But wait, that
was on twitter…
How about when someone brought down my site to hack into other
computers? No, that was my normal clearnet site. Twice…
So there's the problem with Freenet. We have few horrorstories. People
who use Freenet generally know what they are getting into. They are
warned at every moment to be careful with what they click on and what
they talk about. To the point of generating random names by default,
so
they aren't tempted to reuse a nickname. I know that there is bad
stuff,
but I ignore it, because in Freenet that actually makes it go away: If
no one accesses it, it gets overwritten by new uploads.
So we don't actually have much interesting to share in this thread,
except for: "Freenet works. It works really well." And this is my
deepweb story.
That wasn't what you wished for? Well: That's the darknet where it
works. It ensures freedom of communication by making sure that it
works
for all its users, including those with a weaker stomach AND those who
want to dig into the ugly stuff.
Setting up a Freenet Seednode from the commandline
(english translation of the commandline freenet seednode setup from
the
libertyserver page)
Download and Installation of the Software
- wget 'https://freenetproject.org/jnlp/freenet_installer.jar' -O
new_installer.jar
- java -jar new_installer.jar -console # -console activates
installation
without X11
- # (follow the prompts)
- # info: https://freenetproject.org/download.html
- # The node is controlled by ./run.sh
- ./run.sh # { console | start | stop | restart | status | dump }
Setup a Seed-Node
- lynx http://127.0.0.1:8888
- # follow the wizard for basic setup:
- # - low security
- # - next
- # - 20 GiB -> next
- # - no monthly limit -> custom limit: 100KiB, 100KiB -> next
- # - lynx forwards to the wizard again, Firefox to the Freenet
startpage. Just exit.
- lynx http://127.0.0.1:8889/connectivity/
- # read opennet port, forward for incoming UDP
- lynx config/node.opennet?fproxyAdvancedMode=2
- # be a seednode: click, select true -> apply
- lynx config/node?fproxyAdvancedMode=2
- # IP address override: (dynamic) DNS addres / hostname. Only
necessary
if you don't have a static IP. See http://freedns.afraid.org
- wget strangers/myref.fref
- # myref.fref an devl@freenetproject.org schicken, Subject: "New seed
node: "
Once freenet developers add the seednode to the list of seeds, you're
a
seednode. This might take a while (till the next release).
Accessing the Freenet interface from another computer is easierst by
forwarding th ports via SSH:
- ssh -NL 8888:localhost:8888 -L 9481:localhost:9481 -L
4025:localhost:4025 -L 4143:localhost:4143
Ports:
- 8888: Web-Interface
- 9481: Freenet Client Protocol ( http://wiki.freenetproject.org/FCPv2
)
- the interface for tools like pyFreenet:
http://github.com/freenet/pyFreenet
- 4025: SMTP (provided by the freemail plugin with the WebOfTrust
plugin)
- 4143: IMAP (provided by the freemail plugin with the WebOfTrust
plugin)
Letting it burn
For the past few weeks we again see a
meltdown
, with unreachable pages and massively worsened
fetch-pull
stats
with oscillating reachability due to activating and deactivating
protections against overload.
And according to TheSeeker, the Kittyporn autopatcher has been
reactivated
by folks on Frost who think that several of the choices of the
non-anonymous development team are mistaken.
TheSeeker got in contact with those anonymous devs. He asked them if
they would stop publishing the autopatcher if we tested their changes
network-wide. They said they would - which could stop this self-DDoS
of
Freenet users. We have counter-measures, but the only thing which can
protect Freenet if a significant number of regular, high-capacity
users
runs versions which are patched to attack the network, is shutting out
these users (by reacting to the behavior of their nodes), and we don't
want to do that, because we think that they are real contributors and
want Freenet to thrive.
If we're right, then testing the changes network-wide would seriously
disrupt the network, though. Hence the title of this text: "Letting it
burn". We would prepare a release to be issued at most 2 weeks later
to
revert the changes if they prove to disrupt the network. And we
wouldn't
make the let-it-burn update mandatory, so you could disable
auto-update
if you don't want to take part in the test (though you would still
suffer the disruption). So this should be restricted to a 2-week
disruption (2 weeks because we see oscillations on a roughly weekly
scale).
The following is only my personal opinion and no objective information:
I hope that we'll be able to run a poll with all Freenet users we can
reach before taking a decision whether to go to that or not. If we go
there, then we'll post a news entry to the freenetproject site (and
it's
in-freenet
mirror
) and ask you to give your opinion on any channel you have to reach us.
Also I intend to post about it here. We are reachable over at least FMS,
Sone, FLIP, Freemail and Frost (via TheSeeker), and I plan to look for
updates of Freesites stating an opinion on the matter.
It is unclear whether we'll hold a poll. It is also unclear whether
we'll
try to "let it burn". But if we do so, I intend to write about it here
before we do.
It will not happen before the 1468-release with purge-db4o. And there
are already changes staged for the next release, so if we decide to do
let-it-burn, it might still take a few months till we get there.
I'm writing this here, to ensure that no one will be surprised if we
do
it, and that you all know where to watch, so you see a poll if one
comes
up.
That's it for now. Except for a short status update: I did not get to
restoring my clearnet websites yet. I'll have to do that soon, but
right
now I'd rather do the dishes than touch the backups to see what broke.
Mmmh, cleaning the dishes… I'm off ☺
Happy Hacking!
All my clearnet websites have been breached.
My hosted server (not (yet?) my homeserver) and all my websites have
been breached. This includes https://draketo.de https://1w6.org and
https://sn.1w6.org
I'm sorry that i did not manage to protect them better. I'm working on
restoring them and then tightening their security.
Meanwhile you can access updates from me via Freenet:
The most recent entries from draketo.de and 1w6.org are still available
in
the in-freenet RSS copy:
If that inproxy should go down, too, just install Freenet¹ and use the
following local links:
It's ironic that I write this after complaining that our parliaments IT
has
been breached.
german government IT breached and externally controlled
our elected representatives know that their IT was breached and is
still
under control by an unknown entity. That entity might have aquired
administrator priviledges and installed hardware backdoors. The ruling
fractions have their own more secure net which they do not share with
the opposition. They delay providing information.
Yet the opposition still uses the computers. And I feel as if I'm in a
secret agent thriller…
http://draketo.de/it-des-bundestages-fremdkontrolliert-abgeordnete-ratlos
Here is the Google translation:
This statement is just the Green Party AbgeordneteTabea Rößner in the
FAZ . I wanted the + to pass, as I have taken as a slap in my own
words
only on G:
IT of the German Bundestag foreign controlled. Opposition deputies
stumped.
Damn it, what kind of world do we live? Is that a spy thriller or dark
science fiction? So a headline would fit in Star Wars, as newspaper
reports during the Emperor accepts the Senate. But in our world it has
lost nothing.
Worse Tabea Rößner asks helplessly:
Shall we just … work without electronic devices?
Yes. Of course! How else? Your IT is currently proven externally
controlled. You can not use responsibly!
If your car were riddled with bombs, you would hopefully not go, and
just as you should now treat their IT infrastructure.
Use until the acute problem is resolved, the Bundestag stenographers
if
they are their own handwritten notes too slow. Let them grumble, but
they are just your only hope for safe and fast at the same time records.
Next, you should then make sure that that does not happen again: Let
us
put together by BSI a laptop, is to dispense with work already from
her
provided with espionage interface software. Will say: Stay away from
Windows, MacOSX or other companies controlled by US software.
Yes, that is, it remains only GNU / Linux 1 - each in a version that
is
tested by BSI and constantly updated by a competent civil servant
status
(and thus harder to corrupting) team. And software that is not open
source and compiled from their own team is absolutely taboo. Which can
never be trustworthy enough for the work of parliamentarians, because
it
is alien controlled by definition and can be tested by BSI
insufficiently.
Maybe that helps the experience to provide the jobs of the Bundestag
and
the parliamentarians on a more stable footing. Nothing is ever
completely safe, but who will buy software that can not be tested by
their own people for weaknesses and repaired in a timely manner,
invites
attacks a downright.
There is the BSD and GNU Hurd , but in practical terms remains only
GNU / Linux. The BSDs depend for everyday use by non-developers still
clearly back, namely the GNU Hurd is now usable for developers, but
even
further away from the suitability for normal users as the BSDs. ↩
disk write performance
xor is working on queueing downloaded WoT identities to disk instead
of
keeping them waiting in blocked threads, so I did a short performance
test to determine whether this can get us into filesystem trouble.
The average hard disk access time for a spinning disk is around 8ms.
See
Red
Hat Storage Perf
so writing 10k files to disk should just take 100s. A small testscript
I
wrote takes 28s for writing 10k versions of my own WoT ID plus 1m27s
for
the susequent sync.
Call the script via
time ./testdiskperf.py ; time sync
(the sync is necessary to see the real disk performance and not just
the
filesystem caches)
#!/usr/bin/env python3 with open("bigid.xml") as f: exampledata = f.read() for i in range(10000): with open("queued/" + str(i), "w") as f: f.write(exampledata)
I simply used my own id for testing:
wget -O bigid.xml
freenet:USK@6~ZDYdvAgMoUfG6M5Kwi7SQqyS-gTcyFeaNN1Pf3FvY,OSOT4OEeg4xyYnwcGECZUX6~lnmYrZsz05Km7G7bvOQ,AQACAAE/WebOfTrust/11326?type=application/octet-stream&forcedownload=true
bash and implicit self modifying code
Some of you might have stumbled over ./update.sh only working on the
second try. It took us a few years with unreproducible breakage to
find
the reason, but now that we have it, I think it's time to share:
A bash script can change its own code while it is executed.
This can also happen when another program edits the script. Nextgens
already knows a solution for the script: Just download the new version
under another filename and move it over the existing script to force
the
filesystem to create a new inode (see how deep we suddenly got into
our
OS? ^{happy}).
But that we have a solution does not mean this little exercise into
madness isn't worth sharing. On the contrary! So these are the scripts
I
used to prove to nextgens that bash is even crazier - and at the same
time more powerful - than I had thought (as well as some other shells,
too, though I did not do a thorough investigation on their support for
rewriting their own content at runtime):
To test them, copy one of them to `1.sh` and execute it.
cp bash-keeps-executing.sh 1.sh
chmod +x 1.sh
./1.sh
And just for fun: This is the content of bash-keeps-executing.sh:
for i in 1 2 3; do
echo "for j in 2 3 4; do
echo \"\$j\"
done" >> 1.sh
done
this actually echos 3-times 2 3 4. Which means that if you read this
far
you just looked into the abyss of self-modifying by direct editing of
the text file. And you can be sure that it also looked into you.
To exorcise it, have a look at guile scheme to learn how
self-modifying
code can be done right (and safely) ☺ :
gnu.org/s/guile
Happy Hacking!
Required trust for forming a darknet connection
My take on the required trust for connecting over Darknet is:
"I need to trust them not to crack their Freenet node to spy on me".
This is the case for almost every person I know in real life and many
people I know only digitally.
It is important that you only add people you know, because the darknet
routing algorithm of Freenet depends on having a small world
structure.
If you add random people, you not only risk your privacy (and to some
degree that of your other contacts because you make some attacks much
easier), you also weaken the foundation of darknet routing which will
result in much worse performance for all users - including you.
Opennet uses different assumptions to make it efficient to connect to
strangers. These assumptions would not be feasible with darknet,
because
they require being able to connect to arbitrary participants in the
network, which would void the core security properties of the
friend-to-friend darknet.
For the extend of this effect, have a look at fixing the link length distribution of Freenet
The article shows how Opennet performance improved when we improved
the
structure to actually follow a small world topology. The lifetime of
files improved by factor 2 and latency and speed improved so much that
returning users noticed that Freenet had become much faster.
"when did freenet get so fast? Impressive speed improvement since I
last used." — doublec
So only add people you know.
(thanks to xor for reminding me to add the darknet structure part)
My talk for the SUMA award ceremony (in German)
My talk starts at 5:56.
I hope I can provide a transcript soon (which people could translate
to
english).
My WoT databased hosed?
update: fixed by killing the WoT database and restoring via insert
key.
My WoT does not start with the new preview release (1468-pre3). I fear
that the filesystem breakage I had (btrfs on kernel they call too old)
might have taken my WoT database. Luckily I should still have all my
private keys at hand.
Jun 01, ... (plugins.WebOfTrust.WebOfTrust, <noname>(1026), ERROR): ROLLED BACK! java.lang.ArrayIndexOutOfBoundsException(no stack trace) Jun 01, ... (plugins.WebOfTrust.WebOfTrust, <noname>(1026), ERROR): Error during startup java.lang.ArrayIndexOutOfBoundsException(no stack trace)
The error when loading the plugin says
"java.lang.ArrayIndexOutOfBoundsException". It would be nice if that
were a bit more informative.
FMS Code review
Gerard who used to contribute to Freenet a few years ago just came
back
and did a code review of FMS. He posted it
on
devl
and naturally on FMS.
IIRC this is our first independent review of FMS, and it's quite
favorable.
Here's the essential point:
Verdict: Nice code, could been written a bit more defensively. No
suspicious code was found….General architecture seems
well thought out and will be a good foundation for future improvements….
"It was NOT checked if the provided binaries correspond with the
source
file. To be safe® compile from source."
I'm compiling FMS from Source (it works easily, just look at the
readme). This review makes it much easier for me to suggest using FMS.
Freenet over Meshnet: A perfect match
(crossposted from FMS)
creamsoda@0vpcRHZV1ftyj4mJpZnuYaG8wpkNIvf3qa3b-LUcsZs wrote :
> This is p2p-over-p2p-over{internet,radio links}. Freenet is already
pretty slow, and I imagine cjdns is too, so building a
darknet-over-darknet doesn't seem very sensible. Freenet already has
friend to friend connections with most of the properties that you list,
so what makes freenet-over-cjdns any better? Particularly
darknet-over-cjdns, not just opennet-over-cjdns.
In a meshnet one of the expensive parts is that your data travels over
multiple hops to reach you. If you need to jump 5 hops to the host,
then
you cause a total transmission equal to 5x the size of the data.
In Freenet the same happens. If you need to jump 5 hops to the node
which stores the data, then you cause a total transmission equal to 5x
the size of the data.
If you did Freenet over Meshnet where you essentially connect to
Freenet
nodes in random locations (Opennet), then these numbers multiply: With
5
hops each, you would cause a total transmission equal to 25x the size
of the file, so the effectively available bandwidth would drop by
factor
25 compared to direct connections.
But if most of the nodes you are connected to are also in close
physical
vicinity (darknet-style), then these numbers do not multiply: There
are
only 1 or 2 hops to the next Freenet node, so a transmission over
Freenet could be just as fast as a direct transmission over cjdns from
a
server in a random location. In addition, Freenet provides strong
caching, so the total transmission needed to get some data might be
even
lower than for a direct transmission.
In short, Freenet Darknet and Meshnet are an almost ideal match.
Securing E-Mail
Broken WoT
I'm currently out of Sone again, because since my Freenet crashed
once,
WoT does not finish loading anymore so Sone does not see identities (I
cannot access the WoT login page). Possibly it hit an OOM.
Sorry for the inconvenience. I'll say hi on Sone, when my WoT works
again.
Till then: Please
bookmark
this site when you want updates!
Cory Doctorov: re-publica: NSA not Stasi (Godwin)
Here's a talk from Cory Doctorov on Surveillance:
Find out more at:
https://re-publica.de/session/nsa-are-not-stasi-godwin-mass-surveillance
It's tempting to compare NSA mass surveillance to the GDR's notorious
Stasi, but the differences are more illuminating than the similarities.
Cory Doctorow
Electronic Frontier Foundation
Creative Commons Attribution-ShareAlike 3.0 Germany (CC BY-SA 3.0 DE)
Robust ssh forwarding of Freenet ports
Over the years of running Freenet on a small homeserver, I perfected
my
ssh port forwarding. This is what I use now:
while true; do ssh -NL 8888:localhost:8888 -L 8088:localhost:8088 -L 9481:localhost:9481 -L 8080:localhost:8080 -L 4025:localhost:4025 -L 4143:localhost:4143 HOST; sleep 5; done
When the connection breaks for some reason, it restarts automatically.
More exactly: I have an executable file at
/etc/local.d/freenet-forward.start with the following content:
#!/bin/sh
su USER -c "while true; do ssh -NL 8888:localhost:8888 -L
8088:localhost:8088 -L 9481:localhost:9481 -L 8080:localhost:8080 -L
4025:localhost:4025 -L 4143:localhost:4143 HOST ; sleep 5; done &"
If you also want to forward yacy and a quassel IRC daemon, you can add
-L 8099:localhost:8099 and -L 4242:localhost:4242
That's all: It feels as if all the services are running locally.
Wish: Freenet, No Questions Asked
It would be nice if we had a Freenet installer which avoids asking the
user any questions. Install and it instantly connects to opennet using
the detected ideal bandwidth and datastore settings.
We could offer multiple No Questions Asked (NQA) versions, then:
- Freenet Convenience (opennet, low security)
- Freenet Paranoia (no opennet, high security settings)
- Freenet Seed (opennet, seednode mode activated by default)
A big advantage of NQA versions would be that other programs could ask
the user to install them without forcing the user to go through the
wizard (skips one heavy step).
Generating Vanity Insert Keys
There's a utility from Bombe to create keys with nice prefixes:
https://gist.github.com/Bombe/5be29459824a0ecdbd9b
Just drop it into the fred repo under src/freenet/tools/GenerateVanityKey.java
Then run ant.
I had to add final to the variables argument and arguments (where ant
told me to) to get it compiling.
Finally cd to build/main/ and run this:
java -cp ../../../freenet/bcprov-jdk15on-151.jar:../../dist/freenet.jar:../../../freenet/freenet-ext.s/GenerateVanityKey PREFIX_YOU_WANT
(../../../freenet is my freenet directory)
This is brute force and increases the Entropy of the Universe for
dubious gain, so the Kopimists might hunt for using it, but on the
other
hand it gives you vanity keys ☺
The NSA are not the Stasi: Godwin for mass surveillance
Video: re:publica 2015 - Cory Doctorow: The NSA are not the Stasi: Godwin for mass surveillance
Clearnet Link: https://re-publica.de/en/session/nsa-are-not-stasi-godwin-mass-surveillance
Short thesis: It's tempting to compare NSA mass surveillance to the GDR's notorious Stasi, but the differences are more illuminating than the similarities.
Description: The Stasi needed one snitch for every 50 people; one NSA spook can keep watch on 10,000 or more people. IT bequeathed unthinkable productivity gains to spies, and this creates structural changes in the extent to which corrupt elites can retain power without danging the carrots of redistribution, fairness and social programmes before their populace.
What I learned: We do not even have to add drones to the mix to fuck up our society. Permanently.
And Cory Doctorow is great. He makes points I would want to make. Better than I would make them and with a story arch worthy of a world class science fiction novel - with the twist that the story he tells is real.
I do not hate corrupt politicians
an answer I gave on Sone
I would not go as far as saying that I hate them. There's a system in
place which helps them to rise. A system where the elected act in the
interest of the powerful instead of the interest of the voters.
To break this we need independent media which acts in the interest of
its readers. Where the readers are the customers, and not the ware
which
the media sells to the advertisers and other people who are willing to
pay.
We need stronger measures against corruption - for example control
over
politicians from within civil society like http://abgeordnetenwatch.de
Funded by all, not only by a few donors.
And we need to ensure that we can survive temporary setbacks - to
ensure
that the setbacks remain temporary. For that we need things like
Freenet. It's one of the reasons why I decided to contribute here.
Todays copyright laws are ludicrous
Today copyright lasts 70 years longer than the artist could personally
care. Most likely even longer than the time his/her children will live.
The original "15 years after publication" would already be of doubtful
use today, because originally copyright was regulation between a few
commercial actors (printers and authors), while nowadays it affects
everyone, because thanks to the internet we can all publish today.
70 years after death is not only of dubious use, but simply ludicrous.
Threat to democracy - from the elected
As Glen Greenwald quotes in the intercept
They would include a ban on broadcasting and a requirement to submit
to the police in advance any proposed publication on the web and social
media or in print. The bill will also contain plans for banning orders
for extremist organisations which seek to undermine democracy or use
hate speech in public places, but it will fall short of banning on the
grounds of provoking hatred.
It will also contain new powers to close premises including mosques where extremists seek to influence others.
Can we close the premises of people who want to violate human rights?
Like Cameron?
stop those who seek to "undermine Our British Values" and, instead,
ensure "we are together as one society, One Nation" — Tory Home
Secretary Theresa May
Glen Greenwald comments that as follows: "I personally believe this
was
all more lyrical in its original German"
I, as german, have nothing to add.
Freemail works after recompile
I compiled plugin-Freemail myself, and that version now loads. If you
want to test it yourself you can use my jarfile (with some changes: I
wanted a new message link on the inbox page):
The
code is on github: https://github.com/ArneBab/plugin-Freemail
Gleichsetzung von Faschisten und Linken darf kein Mittel sein
Jemand in Twitter nannte als Antwort zu einem Tweet mit einer Kopie
einer Kampfschrift von Rechtsradikalen Faschisten und „Ultralinke“ in
einem Satz
Erster Tweet: "zurück zu den Wurzeln,zu unseren alten
Traditionen.(…)Im Mittelpunkt stand der Kampf um die Straße" #oss
#neonazis pic.twitter.com/KDqSkeYa8x
Gleichsetzender Tweet als Antwort: @KatharinaKoenig ROFL, es kann nur
eine geben, die einzig wahrhaft wahre Religion — ein allgemeines
Problem bei Faschisten und Ultralinken.
Meine Frage: =1v3833n7h3r3 =KatharinaKoenig was sind denn „Ultralinke“?
Das hier ist die Diskussion, die sich ergab:
@ArneBab Solche,die ihre Ideologie als die einzig Wahre erachten und
deren Liturgie explizit das Himmerlreich auf Erden verspricht….
@1v3833n7h3r3 Also einfach Ideologen? Wieso nennst du „Faschisten“
und „Ultralinke“ in einem Satz, aber nicht die ganzen anderen Ideologen?
@ArneBab #ausGruenden die du gerne der Historie entnehmen kannst.,
Und ja, ich werfe die Extrempositionen ganz bewusst in einen Topf.
,@1v3833n7h3r3 Du wirfst also 60/186/849 Getötete in 21 Jahren (Zahl
je nach Zählung)und im gleichen Zeitraum 3 (2 davon RAF) in einen Topf?
,@1v3833n7h3r3 Zeitraum 1991—2011, und ja, ich habe gerade danach
gesucht. Todesopfer Linker Gewalt seit 1994 suche ich vergeblich.
,@1v3833n7h3r3 Suche nach "todesopfer linksextremer gewalt in
deutschland" ⇒ „Linke Schlagen Rechte und Polizisten“:
http://www.taz.de/!50164/
@ArneBab Nochmals, ich spreche von Gruppierungen, die letztlich
menschenverachtenden politischen Systemen das Wort reden.
@1v3833n7h3r3 Du redest von Gruppierungen bei denen eine 60 bis 849
Leute in 10 Jahren getötet hat und die andere höchstens 3.
@ArneBab Sry, DU hast das Thema Mord auf den Tisch gebracht. Ich
rede von politischer Religion.
@1v3833n7h3r3 Das ist kein „allgemeines“ Problem: Du setzt Leute die
morden mit Leuten gleich, die nicht morden.
@1v3833n7h3r3 Wenn es nur um Reden geht: Wieso nennst du Faschisten
und Ultralinke, aber nicht Scientologen, Evangelikale und Marktradikale?
@ArneBab Interessant, was du so alles hineininterpretierst. Versuch
es mal mit verstehendem Lesen.
@1v3833n7h3r3 das habe ich getan.Was ich in deinen Tweets verstanden
habe, finde ich unhaltbar. Daher habe ich nachgefragt statt zu urteilen
@1v3833n7h3r3 jetzt urteile ich.
@1v3833n7h3r3 was ich gesehen habe: Du wolltest jemanden verbal
treten und hast als Mittel dafür Faschismus und „Ultralinke“
gleichgesetzt.
@ArneBab Gut, wenn man die Wahrheit gefunden zu haben glaubt, die
einzg wahre Wahrheit natürlich… Dann urteile mal schön.
@1v3833n7h3r3 Sowohl dein Ziel als auch dein Mittel finde ich
scheiße.
Ich denke nicht, dass ich dazu noch viel sagen muss.
»for my privacy and to injure the following law!« — new french user
in
IRC. The referenced law is the new surveillance law in france (which
will hopefully be cancelled by a constitutional court, but that can
take
years).
French National Assembly Approves Mass Surveillance of French Citizens!
(this article is licensed under cc by-sa, published by la quadrature
du
net:
http://www.laquadrature.net/en/french-national-assembly-approves-mass-surveillance-of-french-citizens
)
Paris, 5 May 2015 - The French Intelligence Bill was adopted today by
the National Assembly1 despite massive cross party opposition against
the text's highly harmful measures. With 438 votes for and 86 against,
French citizens' representatives have given the Prime Minister the
power
to watch, massively and with little control, the French population.
This is one more step backwards regarding the separation of powers in
France, a founding principle of our democratic regime. La Quadrature
du
Net strongly condemns this surrendering of democratic principles and
calls on senators, who will be voting the bill next, to counter this
unacceptable vote.
The Intelligence Bill, which was presented on the fast track on 19
March
by French Prime Minister Manuel Valls, rallied a very large, argued
and
vigorous opposition, from a number of civil rights associations,
collectives, lawyers' and magistrates' unions, but also administrative
authorities such as the CNIL (French Data Protection authority) and
the
CNCDH (French National Consultative Committee for Human Rights).
No To Mass Surveillance!
French Intelligence Bill harms your liberties!
Presented by the Government as a law both necessary and necessarily
consensual, the bill however sparked growing opposition within the
National Assembly itself from MPs from all sides of the political
spectrum, who courageously faced the slanderous insinuations of
anti-patriotism or incompetency hurled at them by Minister of the
Interior Bernard Cazeneuve or rapporteur Jean-Jacques Urvoas. The
evolution of political positions, increasingly hostile to the text as
it
was studied and analysed in-depth, shows that the government's choice
to fast-track a bill concerning such a complex and fundamental issue
was
a political strategy, one of a denial of democracy and an insult to
Parliamentarians' work.
Despite this strong opposition, the amendments tabled in April weren't
enough to significantly modify the Bill and the most harmful measures
were kept:
- Extension of the scope of intelligence missions, allowing for
potential surveillance of whole parts of the political, union,
activist
world, but also economic, scientific ones, etc.
- Massive legalization of intelligence services' illegal methods and
introduction of new technologies of mass surveillance of electronic
communications
- No real and independent control by the future commission in charge
of interceptions control (CNCTR); illusory citizens' recourse against
surveillance
Today, those who objected to the Intelligence Bill will remember the
list of MPs who refused to safeguard the fundamental liberties of
French
citizens. They call on senators, now in charge of examining on the
text, to modify it in-depth in order to turn it into a real framework
for the protection of citizens and the monitoring of intelligence
services.
"The French Intelligence Bill brought forward questions that are the
basis of our democracy: fundamental liberties, the separation of
powers,
control of the public power. The French government's attitude and the
MPs' decision – unworthy of them – shows to what extent a citizen
upheaval is now necessary to save the democratic principles of our
country. We call on the senators to take the lead on this bill and ask
the many citizens who took action against the bill to not let the
pressure off their representatives." declared an outraged Philippe
Aigrain, co-founder of La Quadrature du Net.
- Lower chamber of the bicameral French legislative system
testing-build-1468-pre2
Steve aka operhiem1 released the second pre-release for 1468 (also
known
as purge-db4o).
Get it via `./update.sh testing`. If it breaks, run it twice.¹
The intention of this pre-release is to get all developers and testers
to a common, coherent state. Before this, people had several different
snapshots of the source running with different sets of patches on top.
This version should be able to run the release candidate of the Web of
Trust, so it should also run the
purge-db4o
enabled Sone
from TheSeeker.
¹: I had to run the update.sh script twice, because at the first run I
got a syntax error. I think that has something to do with bash
stumbling
when the file changes while it is being executed.
./update.sh: Zeile 217: Syntaxfehler beim unerwarteten Wort `then'
./update.sh: Zeile 217: `ev/null; then'
PHP
You bought a new car. You took it out for a ride. a tree falls
before you. You brake, but the car proceeded to hit the tree anyway.
You call the car company and talk to their engineers. One of them
ask. 'Did this happen on a Friday evening, when it was raining?' You say
'Yes, how do you know?'
The engineer replies.
"Our brakes does not work on rainy Friday evenings. If you REALLY
want to brake on a rainy Friday evening, you should also pull the lever
under the dash board that is normally used to open the hood. It is very
clearly printed on our manual. Didn't you read it? Our car is not the
problem. You are the problem"
You were enlightened. You came back home. You never took the car out
on rainy Friday evenings. When Somebody asks about the car, You said.
"Yea, it is a great car. But you got to know how to use it".
You took great pride in knowing how to drive this car, which can
easily kill someone who hasn't read the manual. When you hear that
someone got killed while driving this car, you simply said. 'That car is
Ok. but you should really know how to drive it, sadly this guy didn't.
He was the problem, the car ain't…
→ imakesnowflakes on Hacker News:
https://news.ycombinator.com/item?id=9485741
God wrote in Lisp
Also known as "I'm sorry to inform you that Earth is about to be been
eaten
by a fire demon." :)
CC by-sa by Ben Brockert:
https://www.flickr.com/photos/wikkit/10212337584
Ich mag das Bild auf vielen Ebenen :)
Testing WoT and purge-db4o
Just in case it got lost: purge-db4o and a WoT which works on it are
both available. Here's the announcement from xor:
Date: Thu Mar 12 11:06:58 GMT 2015
Subject: WOT build0014 release candidate, please test
Archive-Link:
emu.freenetproject.org/pipermail/devl/2015-March/037999.html
We're finally nearing a WOT release.
The release candidate 2 can be downloaded by Freenet via:
Testing instructions and a changelog are included in the zip as text
files.
Please do read the testing instructions before using it.
Also before testing check this thread for new replies because I might
post a
new release candidate if the current one has any bugs.
Thanks for your patience with the release and thanks for testing :)
Democracy works - and the US does not have a democracy
The DickPic campaign showed that the
majority of people know that surveillance is bad.
People take dumb decisions when spoonfed misinformation by a small
group
of people who control the mass-media.
People elect puppets if someone who wants to be elected must first beg
the 132 largest sponsors in the country for money. Yes, 132. For
explanations I defer to Lawrence Lessig:
We
the People, and the Republic we must reclaim
Calling
the above democracy is an insult to the concept of democracy. This is
not a democracy, but a plutocracy with an ever weakening veil in which
it claims to be democratic to keep people silent. Consequently giving
up
on democracy does not solve the problem. It makes it worse. To solve
the problem, we need to revive democracy - and for that we need
independent media.
Freenet is an essential part of independent media: If people can
censor
information, those in power will do so.
Since we cannot solve the problem by simply moving elsewhere, we need
a
way to protect Freenet where we are. And for that we need anonymous
developers like SomeDude, Eleriseth and NowWhat. They and the other
anonymous contributors are the guardians of Freenet. Thanks to them,
pressurizing the non-anonymous developers cannot take down Freenet.
That keeps us alive and kicking.
"make cache quasi-LRU via pseudo-random key pruning"
The joy of applying Freenet features to my tools. Saves 60% mem with
little overhead ☺
Sounds complicated? Let me show you the code. When adding a key to the
cache:
# maybe delete an existing key (=> max 16**3 entries) try: # pseudorandomly choose a key to kill (last letters of the md5 hexdigest) del _cache[_cache_hash[key[-3:]]] except KeyError: pass _cache_hash[key[-3:]] = key
That's it: just kill the cache value for a key with the same last
three
letters in its hash-part. This is almost random. Then store our new
key
in the same place.
Note: Do not use this for anything security critical: It definitely
has
significant slow paths where functions repeatedly overwrite each
others
cached values. If I detect this in my own script, I can simply change
the letters to be used in the _cache_hash, but when it is used in the
wild (wild net), someone will exploit it and DoS you with ease (in the
best case).
PS: Aside from being very useful, the title of this message also
sounds
like complete gibberish ☺
Absence from Freemail and Sone
Someone noticed that I've been absent from Sone and Freemail for a few
months and wrote to me. Thank you for your concern!
I am absent, because I'm testing the new purge-db4o code (what should
become build 1468), and Sone and Freemail for that aren't yet
released.
Freemail builds but does not run.
TheSeeker fixed the plugins for himself. I did not get to that, so I
can
only come back once Sone and Freemail are fixed. I hope it's soon.
I miss Sone.
Freenet protects your DickPic!
→ http://draketo.de/english/freenet/protects-your-dickpic
- Install Freenet
- Connect to your friends
- Share your DickPic (or anything else you want to keep private)
- FAQ
Anonymous@lFG3mGbGf0b8nE6j8RC0i5ZgWEhsQXDG3ghkYIa-1wQ wrote :
> I thought Freenet wasn't able to protect against the NSA?The link "connect to your friends" (on the clearnet site) shows how to
connect via darknet and communicate via darknet N2N messages. From my
understanding, these are currently one of the most secure communication
methods we can get, because they hide our personal communication beneath
Freenet traffic.They aren't suited to communicating anonymously, but they are well
suited to communicating confidentially.
The foundation of real Democracy
After the election last year, my wife and I took our children to the
counting of votes. We were the only visitors there, but the team of
volunteers who did the counting was well coordinated and highly
motivated by their feeling of doing something essential for our society.
At that point I realized that these loose groups of volunteers are the
real foundation of a working democracy: They ensure that due process
is
followed. It's essential that it's possible for every citizen to watch
them, because that removes the incentive to try to cheat: We could
count
the votes ourselves and later compare whether that fits with the
county-wide averages: If that would have been off, we could have
requested a recounting of the still existing physical paper-votes. And
if that incentive isn't there (nothing to be gained by cheating), the
groups who form to do the voting are most likely motivated by doing
the
right thing: ensuring a fair vote.
I nearly wept when after I thanked one for her volunteer work she said
"I do it for democracy", because that's real democracy she was talking
about: Not the sham we see on TV, but voting together on decisions
which
affect the group which does the voting. That societal structure works
for small-scale voting (to take decisions within a town or village)
just
as well as for large-scale voting (for the whole country) and I
consider it a foundation of a society without hierarchy - even though
that society isn't real yet (because it's not what people vote for).
It means that getting a better society just means getting information
to
people: The structures to realizing the expressed will of people are
already in place.
First paper published (in public discussion)
My first paper has finally entered public discussion!
- [[http://www.atmos-chem-phys-discuss.net/15/8883/2015/acpd-15-8883-2015.html][Comparing the CarbonTracker and TM5-4DVar data assimilation systems for CO₂
surface flux inversions]]
Freenet-Uploads (it's open access, so I'm allowed to share it!)
- acpd-15-8883-2015.pdf (paper)
- acpd-15-8883-2015-supplement.pdf (supplement)
(if you access this site over a gateway, you cannot open these, since
PDFs
can contain malicious content. Run Freenet yourself or get them from
the
journal linked at the beginning of this note)
Improved CSS
I adopted the CSS improvements Findings did for ShareWiki. I'll try to
get them into a ShareWiki release, but that might take some time (the
usual limited free time).
Sone Comments
If you run a site, you should really think about adding Sone comments.
Feedback is one of the main drivers of motivation, especially if you
write under Pseudonym in Freenet: You cannot use what you write to
earn
money or build your future, so you have to create for the act of
creation and communication itself.
Giving and Getting Feedback
In the past two weeks my anger over our conflict mellowed to
grumpiness
and I started thinking about what went wrong.
This is the first result of that: How to react to feedback. Or rather
how I want to give and react to feedback.
- When I give feedback and I see something where I am not sure whether I know better, I try to say so. Instead of saying "do this", I try to ask a question like "why do you do this? It looks strange, because…".
- When I give feedback and I see something and am sure that I do know better, then I give reasons for that. The worst case is that I say "I cannot describe why, but this should change. I'll try to find out what irks me". I've been wrong with this before, though, so I've been doing this less and less.
- When I get feedback and I am not sure whether the feedback is valid, I ask for reasons. "Can you explain why?". If the explanations is sound, I accept it. If it feels fishy, I might ask for more explanation. This often yields much better understanding for both participants, so I think it is worthwhile. In case of doubt, I follow the advice I got: People often have a hard time giving convincing arguments, even when they are right.
- When I get feedback and I think I know better, I listen to authority
(as I perceive it). I know that nextgens is my better at security and
at structure of the Freenet codebase. So if he comments on security
or the structure of the Freenet codebase and I disagree, I might ask
for clarification, but there is only one reason for not following his
advice: When I feel that he and I have different goals. Until now
these have always been short-term goals: He tries to go for higher
security first, even if it costs users now, while I want more users,
even if that means improving security a year later. I know that I
know my way around version tracking systems and Python, so for these
I would not yield to nextgens if I do not agree with the
explanation - except if he says
something like "please trust me on this. I cannot explain it clearly, but I expect horrible fallout when we go down this route".
I know that nextgens is my better at these, because security is what
he's doing professionally and I don't really go deep on it, while for
structures within Freenet he has been proven to be right many times
over.
Nowadays there are only few topics where I consider myself advanced
enough to go head on head. Back when I started programming that was
different. After a few years I thought I knew how to best start
programming and actually tried to talk my professor into teaching
Python
instead of Scheme, because that would allow students a much easier
start. Nowadays I'm learning Scheme, because after 8 years programming
in Python I hit its limitations. That taught me some humility, and I
try
to take that lesson to heart.
Graffiti
(the following is from FMS)
> Art is meant to offend and disrupt society, while some graffiti is
just 15 year old kids scribbling names and pretending to claim turf
for
their gang, the rest is rather deep and a decentralized way of showing
appreciation for the new urban spaces it creates.
It's great to see that we're asking deeper questions here.
One of the effect sof graffiti is that it gives a public voice to the
99% of the population who cannot afford to pay for advertisements. It
offsets part of the cultural hegemony in which the ones with money
define what all the others see in their daily life.
That graffiti seems disruptive to many shows how used we got to letting
a
few rich people define our daily experiences in public spaces.
bad timing
Some of you might have wondered about the conflict in the dev team.
Quite a few things surfaced, but there's one thing which has me
confounded: This conflict has exceptionally bad timing.
Why does this happen now that there is finally a new release for WoT?
Why does it happen when I want to hack on freesitemgr to make it a
better fit for mempo? Why does it happen when we are
close
to a huge release
with only have a few plugins to fix and debugging to be done before it
can ship?
It's crazy that instead of celebrating we are fighting.
cronscript for freesitemgr
The following cronscript selects a freesite at random and checks
whether
it needs an update.
Just save it into a file, replace "arne" with your username, make it
executable and copy it to etc/cron.daily or etc/cron.weekly
Then you can update your freesites on your own schedule and
freesitemgr
will take care of separating the sites from each other.
#!/bin/sh # sleep for a random fraction of the day to avoid timezone detection attacks HOURS_DELAY=$(($RANDOM % 24)) echo freesite upload delayed by $HOURS_DELAY hours >> /tmp/freesiteupload.log date >> /tmp/freesiteupload.log sleep $((3600 * $HOURS_DELAY)) echo starting freesite upload >> /tmp/freesiteupload.log date >> /tmp/freesiteupload.log # update a random freesite su arne -c 'source /home/arne/.babrc && echo sourced >> /tmp/freesiteupload.log && for i in $(for i in $(freesitemgr list | sed "s/*//g"); do echo ${i}; done | shuf | head -n 1); do echo yes | /home/arne/.local/bin/freesitemgr cancel ${i} && /home/arne/.local/bin/freesitemgr cleanup ${i} && echo freesitemgr cleanup >> /tmp/freesiteupload.log && /home/arne/.local/bin/freesitemgr update --chk-calculation-node=127.0.0.1:9482 ${i} && echo updated ${i} >> /tmp/freesiteupload.log; done' date >> /tmp/freesiteupload.log chmod a+w /tmp/freesiteupload.log
Conflict in the team
We had a very tiresome discussion on IRC, and there are already
distortions of what happened floating around.
I neither intend to start discussing the following, nor to ever work
with xor on something similar again.
The discussion started when xor posted a draft of his release notes.
operhiem1 commented on them:
> "this build includes more new commits than WOT ever consisted of
as of the previous build" doesn't sound like good news to me. When I
read that I think "and just IMAGINE all the bugs they introduce!" ---
operhiem1
and I said:
> to add to that: I think the humor in "good news and bad news" will
not fall on fertile ground. — ArneBab
(see
irclogs-1323/
%20)
Instead
of acknowledging that both phrases weren't received well and simply
changing them, xor answered
> the opposite of what you criticise here would me billing freenet
months of work for an infinitesimal, ridiculously small amount of
commits. would you prefer that to me being productive? what are you
trying to achieve here?
and the rest was a horribly tiring 3 day discussion trying to get xor
to
understand why he should rephrase that. During that discussion xor
accused me of asking him to lie and repeatedly distorted what I said.
The one point which made me almost laugh with disbelief was when he said
> my social skills DO suck. — xor
And then, instead of rethinking what he said and saying "hm, if I know
that my social skills suck, then maybe I should accept the opinion of
others in the team and just do the change, even if I don't understand
why", he kept arguing.
When I was really weary of explaining it and getting my words twisted
again and again, I gave him two warning shots. The first was:
> xor-freenet: I have no more interest in this discussion. You should
take this as a warning that you are alienating people. — ArneBab
when he kept arguing, I wrote what should have finished the discussion:
> operhiem1 got tripped up. nextgens got tripped up. I got tripped
up. Do I really have to say any more? There is a point at which when
you
don't understand something, you should just accept the input from
others. — ArneBab
This was a warning shot of a magnitude I never used before. It did not
reach him.
Instead he kept claiming that I had requested of him to take out the
commit count, when all I asked him was to remove the comparison ("more
than ever before") which rightfully tripped operhiem1 (because more
new
code than old code existed means that it contains lots of new places
for
bugs and that reviewing this will be hell).
I lost my temper in the time after that, along with any interest in
working with xor again.
xor ended with
> WOT release done, everybody angry. just as i expected :D
And that isn't even a self-fulfilling prophecy, because he worked hard
at making it real. I had held out for him and asked people to be
patient
for years. He managed to find a way to make me angry and to make me
lose any patience I had for him.
If you want to seriously ruin your day, you can read the discussion in
the IRC logs:
- first day:
-
second day:
irclogs-1324/
-
third day:
irclogs-1325/
To
sum it up:
- If you failed to deliver for years, starting the first release with
"good news/bad news" will not help appease people who are already angry.
- The commit count is no metric for improvement. Commits are a pure
activity measure which does not relate to features.
- In a community project with asymetric time (xor has 20 hours of paid
time per week, his work has to be reviewed by contributors in their
limited free time), a big pile of commits means a huge load on
reviewers
which keeps them from working on other features. In his previous
pull-request for synchronous FCP API xor was even unwilling to split
the
commits into functional and documentation changes; I did that in the
end to trim down his 13k LOC monsterdiff into almost manageable 1.3k
lines which operhiem1 reviewed on two weekends. From that experience I
do not expect xor to help much in making the review easy.
- Comparing the commit count to the count which was there before has
even less meaning than the raw commit count. Reviewing a change which
doubles the amount of code is roughly as hard as reviewing the full
application - if not harder, because context is missing. This is not
something to brag about. Rather something to excuse "I'm sorry that
this
feature required so much code. I'll help as best as I can to make it
easy to review".
- If you put a draft up for review and people who worked on the topic
for a long time ask you to change something, then just change it. This
goes even more when you are paid for your work and you know that the
area you worked on isn't one you know by heart.
- xor already threw these tantrums on various occasions, targeted as
various people. Currently it feels as if xor uses up more time (of
others) than he contributes. I know that this sounds damning. This is
how it feels.
Faster KDE startup
Old try at faster KDE startup: sessionk:
https://dantti.wordpress.com/2013/02/27/1-2-3-plasma/
(this is a comment I wrote in
http://blog.davidedmundson.co.uk/blog/systemd-and-plasma#comment-1862738836
)
Also I now looked into runit for simple daemon tools, and it looks
pretty easy (after stopping to read the documentation and asking a
user
for a minimal working example):
echo '#!/usr/bin/env python\nfor i in range(100): a = i*i'
>/tmp/foo.py &&
chmod +x tmp/foo.py &&
mkdir -p ~.local/run/runit_services/python &&
ln -sf tmp/foo.py ~.local/run/runit_services/python/run &&
runsvdir ~/.local/run/runit_services
now you can manage the daemon with
sv status|start|stop|restart|… ~/.local/run/runit_services/python/
and declare dependencies in the simplest way I saw: Just use a script
as
…/run which uses "sv start ../service || exit 1" before exec of the
daemon: http://smarden.org/runit/faq.html#depends
To only treat a service as started once it provides a given service,
just create a check script next to the run script:
»If the script ./check exists in the service directory, sv runs this
script to check whether the service is up and available; it's
considered
to be available if ./check exits with 0.«
^ only the service needs to know how to check whether it is ready.
Wir haben verloren
Netzgemeinde,
wir haben verloren
(Kopie einer Pastebin)
»Die EU-Parlaments-Vertretung, Pilar del Castillo Vera, ist spanische,
konservative Politikerin,
die für den Industrie-Ausschuss das
Netzneutralitäts-Gesetzgebungsverfahren führend begleitet
hat, und im laufenden Prozess dadurch auffiel, dass sie am Anfang
dieses
Prozesses lauter
Anti-Netzneutralität-Änderungs-Anträge einbrachte…
Die EU-Kommissions-Vertretung, Günther Oettinger…: ~"Es braucht
Überholspuren im Internet, um
Telemedizin und Steuerung selbstfahrender Autos zu ermöglichen"…
Und der dritte im Bunde, die Person, die die lettische
EU-Ratspräsidentschaft als Vertretung des EU-Rats
vertreten wird, wird in den Trilog-Verhandlungen zähneknirschend die
Position vertreten, die der EU-Rat
beschlossen hat; zähneknirschend deshalb, weil die lettische
EU-Ratspräsidentschaft im EU-Rat sich
grundsätzlich für Netzneutralität stark gemacht hat, und sich in ihrer
Position halt dem Mehrheits-Votum
im EU-Rat zugunsten eines 2-Klassen-Internets beugen muss.«
Die einzige Person, die für Netzneutralität ist, wurde in die Rolle
des
Netzneutralitätsgegners geschoben. Ein großer Teil davon ist Fallout
der
großen Koalition in Deutschland.
Was jetzt?
Kat's Flog
„Revolutions are organized by members of the middle and upper classes,
with the footsoldiers coming from the lower class.“ →
Kat's
Flog
Addition:
And most times, only the upper and middle class switch roles and the
lower class is left out.
The above is a really nice article, by the way: Defining classes by
their power, not only by income or such.
TODO list for pyFreenet
>> If you could help with pyFreenet, that would be great! (I'm
usually short of free time, so there are many things I cannot tackle).
>>
>
> Is there any To-Do list?
There is a bugtracker, but that is mostly resolved:
https://bugs.freenetproject.org/view_all_bug_page.php
Additionally I'm tracking some things with the distributed b-bugtracker:
6 - use logging from standardlib for logging
a - cleanup the setup.py: Get rid of the always executed man-file
install.
c4 - lots of unicode stuff with non-ascii filenames.
e - add my site to the bookmarks
c7c - switch to argparse
(stored in the file .bugs/bugs )
From these 6 and a are suitable for starting. c4 needs experimenting
and
going through many places in freesitemgr / fcp/sitemgr.py where my¹
code isn't optimal…
¹: The unicode stuff is from me, and I'm not really proud of how it
looks… and it's still partially broken, for example for
autogenerated
indexes (unicode handling in Python2 sucks… compared to Python3).
Finally you could try whether 2to3 works and add that to the setup.py:
Making pyFreenet compatible with Python3 - maybe by utilizing the six
project where automatic conversion fails (just copy their file into
the
project to avoid external dependencies).