UP | HOME

random babcom

(dark mode)

A copy of my freenet site random_babcom, converted via pandoc. Most of the resources on this page are downloaded from Freenet using the inproxy at d6.gnutella2.info/freenet/.

Port-scanning by websites you visit is commonplace now.

See Why is This Website Port Scanning me?

(I got the permission by Charlie Belmer to upload his article into Freenet)

Port-scanning to detect locally running services has become commonplace now. Please use freenet via the proxy method.

Here’s the same as simple script.

Original article about the port-scanning: https://nullsweep.com/why-is-this-website-port-scanning-me/

Rechtsextremisten haben seit 1990 über 190 Menschen ermordet

Sie versuchen immer wieder die Gleichsetzung mit Linksextremisten. Diese Gleichsetzung ist unehrlich, denn Linksextremisten haben seit 1990 niemanden ermordet, Rechtsextremisten dagegen haben seit 1990 über 190 Menschen ermordet.

Die Gleichsetzung von Gruppen, die morden (Rechtsextremisten), mit Gruppen, die nicht morden (Linksextremisten), ist verlogen.

Auf FMS regen sie sich über diese Fakten auf, daher hier nochmal die Quellen:

Gesamtliste der Todesopfer Rechtsextremer Gewalt: https://de.wikipedia.org/wiki/Todesopfer_rechtsextremer_Gewalt_in_der_Bundesrepublik_Deutschland#Gesamtliste Karte: https://www.belltower.news/die-liste-193-todesopfer-rechtsextremer-und-rassistischer-gewalt-seit-1990-36796/ Rechtsextremistische und rechtsterroristische Gewalt in Europa: https://www.bpb.de/politik/extremismus/rechtsextremismus/151753/rechtsextremistische-und-rechtsterroristische-gewalt-in-europa-ein-ueberblick?p=all

Ja, auch Rechtsextreme können Freenet nutzen. Ich werde sie aber weder unterstützen, noch wissentlich mit ihnen zu sprechen. Sie haben zwar das Recht und die Möglichkeit zu reden, aber kein Recht, mich zu zwingen, sie zu hören.

Wer sich schon selbst Rechtsextrem nennt, kann mir gestohlen bleiben.

web 1-2-IoT-AI

2020-01-22-aral-balkan-ai-no-one-will-see-this-tweet-in-10-years.png

I hope this will prove Aral wrong 10 years from now.

Terminal phase: space shooter live development in Scheme/Racket

The Sharesite Documentation site is awesome!

I finally got to read the full sharesitedoc: It's a great resource and covered stuff I didn't know:

Finally I can create image links:

!/SSK@~hA9BG8IXEdc3TJhim9ETgvBeGf72pXt-y7AaG9MN4A,P2u8RJ~YxMUWOVS1JStqCGTRq78vlVbaQCCKVvxTZP0,AQACAAE/sharesitedoc-3/activelink.png!:/USK@~hA9BG8IXEdc3TJhim9ETgvBeGf72pXt-y7AaG9MN4A,P2u8RJ~YxMUWOVS1JStqCGTRq78vlVbaQCCKVvxTZP0,AQACAAE/sharesitedoc/3/
activelink.png

Thank you!

Also note that since this is a sharesite, you can find out how to create a site like this yourself by simply clicking the "View the source" and "View the style" links at the bottom of the site.

Make at least three identities

I suggest to anyone to have at least three identities here:

  • One official that might or might not carry your real name (this is the one I'm writing from right now, you need to stick to official statements with that one),
  • one only your friends know to be you (there you can still write more or less freely, but you might want to change it from time to time so accidental doxxing by friends or yourself won't be too big a problem), and
  • one of which no one knows that it's connected to you (there you even have to watch your writing style and avoid all personal topics that could lead someone to you; this is where you can write stuff people might be angry about, for example writing against the close consensous of your community or whistleblowing).

This also applies to Sharesites.

please go and vote

If you live in the EU, please vote. There is real power in elections, please make sure to give your share of that power to people who fight for things you care about.

fetchpull with lifetime plots

I added a small improvement to the fetchpullstats: It now has plots that show the lifetime. They show that large files (bulk = CHK splitfile) live somewhat reliably up to 16 days, small files live reliably up to 32 days (small = SSK splitfile) and tiny files can survive up to 128 days (realtime = raw SSK).

fetchpullstats

You can see that in the plots: When they get spotty, three separate files have fallen out. Currently the plots do not show when the first files start to fall out.

fetchpull-lifetime-bulk.png
fetchpull-lifetime-small.png
fetchpull-lifetime-realtime.png

fetchpullstats

The EU parliament just adopted uploadfilters

They decided 317-312 not to discuss article 13 individually.

I find no words to describe that.

The filtering does not apply to noncommercial platforms yet. Get your friends on Freenet so we can continue to organize in a space they cannot censor at the touch of a button.

If you speak german, please share these cards with all people you know, so we can keep organizing:

writeup about the vulnerability fixed in 1484

Freenet Content Filter Vulnerability

Up to 1483 this vulnerability could result in Firefox asking the user to open an unfiltered file in an external program while skipping the warning typically shown by fproxy that the file might be unsafe.

Big thanks to thesnark/phage for finding it and to operhiem1/Steve for creating an elegant fix!

watch 1484 spread

testing release for build 1484

I inserted Freenet build 1484 to the following testing update key. If
you want to test it, you can use the key as auto-update key (please
remember to switch back tot he official key after testing!):

USK@fXwqbboBEN1s2AEOaxhtya4nh6ASGlrDbcYMlKJZcTI,Xw6DyVWgSkRccUc4XqHPD0St95JjQsC-cPK8rzwjp64,AQACAAE/jar/1483

The build included here is a followup build from several tests already
released as pure jar+sources over the past weeks and has been on github
since yesterday evening:
https://github.com/freenet/fred/releases/tag/build01484

The planned data was last weekend, and I'm sorry that it got delayed by
one more week. The release VM only works well enough to release, when
virtualization is enabled in the BIOS so qemu can use KVM. That took
quite a few hours to find out …

If we don't find new blockers, I'll release to the official auto-update
keys (Java 7 + Java 8) this weekend. After release, please run the
verify-build to ensure that what is released as jar corresponds to the
released sources.

requirements for porting Freenet to mobile phones

It would be great to have Freenet working well on phones or tablets. However for that it has to be adjusted for the very different requirements of the platform:

  • Freenet on mobile must only be connected when either both on wall-power and on wifi, or when the user is actively browsing Freenet. Otherwise it would drain the battery and bandwidth much too quickly. And
  • It must use a small in-memory store to avoid wearing down the sdcard. That also means that Freenet on mobile will only route and store small amounts of data, but will not store much, because whenever the phone would be shut down for real or get fully empty (which is not that often …), the data would be lost.

If you want to do it, go for it. I'd love to see it.

There's also a longer writeup in the bugtracker. I don't agree with all the requirements (I think not all are a necessary precondition), but it's a good reference anyway: https://freenet.mantishub.io/view.php?id=6765

Saturday 23rd of march are the demonstrations against Article 13

  • Amsterdam - Dam square: 5:00 PM
  • Arad - Bulevardul Revoluției 75: 1:00 PM
  • Athen - Syntagma-Platz: 1:00 PM
  • Aussig - Ústecký kraj Pařížská 5: 2:00 PM
  • Berlin - Potsdamer Platz: 2:00 PM
  • Bielefeld - Hauptbahnhof: 2:00 PM
  • Bielsko-Biala - plac Bolesława Chrobrego: 4:00 PM
  • Bucharest - Fântâna de la Universitate: 3:00 PM
  • Budweis - náměstí Přemysla Otakara II.: 2:00 PM
  • Chemnitz - Johannisplatz: 2:00 PM
  • Dortmund - Europabrunnen: 2:00 PM
  • Dortmund - Friedensplatz: 2:00 PM
  • Dresden – Goldener Reiter Dresden: 2:00 PM
  • Düsseldorf - Friedrich-Ebert-Straße 34: 1:00 PM
  • Dębica - Rynek: 5:00 PM
  • Erfurt - Anger: 2:30 PM
  • Frankfurt - Paulsplatz: 2:00 PM
  • Freiburg - Platz der alten Synagoge: 2:30 PM
  • Fürth - Grüner Markt: 1:00 PM
  • Gdańsk - Długi Targ: 5:00 PM
  • Glasgow - The Donald Dewar Statue, Top of Buchanan Street: 1:00 PM
  • Göteborg - Gustav Adolfs torg: 12:00 PM
  • Göttingen - Am Nabel: 12:00 PM
  • Hamburg - Gänsemarkt: 1:00 PM
  • Hannover - Ernst-August-Platz: 11:00 AM
  • Helsinki - Senaatintori: 6:00 PM
  • Hof - Wörthstr. vor dem Scala: 1:00 PM
  • Innsbruck - Annasäule: 1:30 PM
  • Jena - Holzmarkt: 2:00 PM
  • Karlsruhe - Stephansplatz: 1:30 PM
  • Katowice - Rynek: 5:00 PM
  • Kiel - Landtag Kiel: 1:00 PM
  • Koblenz - Löhrrondell: 1:30 PM
  • Krakow - Rynek Glowny: 5:00 PM
  • Köln - Neumarkt: 2:00 PM
  • Leipzig: 2:00 PM
  • Liberec - náměstí Dr. E. Beneše: 2:00 PM
  • Lissabon - Praça de Luís de Camões: 5:00 PM
  • Ljubljana - Prešernov trg: 12:00 PM
  • Luxembourg - Place de l'Europe: 2:00 PM
  • Magdeburg - Landtag/Domplatz: 1:00 PM
  • Malmö - Sankt Johannesplan: 12:00 PM
  • München - Marienplatz: 1:30 PM
  • Münster - Servatiiplatz: 1:30 PM
  • Nikosia - Πανεπιστήμιο Κύπρου | University Of Cyprus: 1:00 PM
  • Osnabrück - Gewerkschaftshaus: 3:00 PM
  • Ostrava - Masarykovo náměstí: 2:00 PM
  • Plzeň - náměstí Republiky: 2:00 PM
  • Potsdam - Luisenplatz: 10:00 AM
  • Poznań - Plac Adama Mickewicza: 5:00 PM
  • Praha - Palackého náměstí: 2:00 PM
  • Ravensburg - Marienplatz: 1:00 PM
  • Rostock - Universitätsplatz: 12:00 PM
  • Saarbrücken- Tbilisser Platz vor dem Staatstheater: 2:00 PM
  • Saloniki - Άγαλμα Μεγάλου Αλεξάνδρου: 2:00 PM
  • Salzburg - Hauptbahnhof: 2:00 PM
  • Stockholm - Rosenbadsparken: 12:00 PM
  • Stuttgart - Rotebühlplatz: 2:00 PM
  • Tallinn - Freedom Square: 3:00 PM
  • Ulm - Hans-und-Sophie-Scholl-Platz: 3:00 PM
  • Villingen-Schwenningen - Latschariplatz: 12:00 PM
  • Warsaw - Jasna 14/16: 5:00 PM
  • Wałbrzych - plac Magistracki 1: 12:00 PM
  • Wien - Christian Broda Platz: 3:30 PM
  • Wrocław - Rynek 1: 5:00 PM
  • Würzburg - Bahnhofsplatz: 3:00 PM
  • Zürich - t.b.a Zentrum: 1:30 PM
  • České Budějovice - náměstí Přemysla Otakara II.: 2:00 PM
  • Łódź - Plac Wolności: 5:00 PM

Please join them, and pass on the info!

Updates in the clearnet: https://savetheinternet.info/demos

still saving the world tomorrow

Even if you are fighting to save the world, keep in mind that it will still need saving tomorrow. Please stay around. — ArneBab

In life, as in kernels, the most important thing is that the system stays up. — operhiem1 in IRC

new 1484 test jars (pre-6)

A small crowd-funding, RPG, non-freenet, but free licensed

If you want to help out on one of my other projects: I just started a short 3-day crowdfunding to print a free roleplaying game for the German free RPG day on march 23rd 2019.

RPGGeek says about it:

All the rules needed to play the Zettel-RPG, a small universal game system designed to be played with minimal preparation. The rules take a few minutes to read, character generation even less. Simple and portable.

Jens Stengel's photographs of everything from dice to walnut shells provide a refreshingly unorthodox backdrop.

If you want to support that, please join the crowdfunding at https://www.startnext.com/zettel-rpg-grt2019

And remember to also take to the street on march 23rd against Article 13 of the new copyright directive of the EU! Let's combine the German free RPG day with the demonstration and give double meaning to our gathering!

please test 1484 pre1

freenet-build01483-180-g5e5ff7d548-snapshot.jar

freenet-build01483-180-g5e5ff7d548-source.tbz

It should be able to play FLAC songs directly in the browser: infinite-hands-free-software.flac

… and in an audio-tag:

how fetchpullstats avoids a database

As noted on FMS, the old fetchpullstats used quite a powerful database backend to track inserted keys:

The downside to running this kind of thing is having to keep track of eventually many thousands of keys for months at a time while waiting for the trigger to try and fetch them for the first time after 2^n days.

The new fetchpullstats avoids that, since Freenet already provides this information.

The keys are simple KSKs with a long prefix followed by the target retrieval date and the days they were inserted before. Example:

KSK@WwL6-UXTu-sa5n.fAk2-s7kj.5Kp6—2018-11-23-uploaded-008-days-before-using-realtime

Therefore if the current date is 2018-11-23 to check the lifetime of a key inserted 8 days before using realtime mode, I simply request the key above.

The prefix is generated at random (and saved) when the script is run at a place where there is no configured prefix.

That's how I can do this without a database backend. Freenet is a decentralized database and we can avoid a lot of complexity by using that. The state the fetchpullstats keeps is a single KSK prefix along with the measured results (on the order of 100 lines of text per day).

run your own fetchpullstats

If you want to run your own fetchpull stats, too, you can get a snapshot of the code from SSK@P2fn~pFtoAPOeMQ4YZYZMelB2Q6IUHEskj8gGtZN3Vs,lql1C3-YiVgK3KVYf~ClATgNhgMTBb~MkS7NJwbb6KI,AQACAAE/fetchpullstats-d110ae753eaf.tgz

You need to install Guile on a GNU/Linux system, then you can simply run

./fetchpull.w 

to collect data (run it daily, for example with a cron-job), and create the site with (needs gnuplot):

./fetchpull.w --site SITENAME ; cp fetchpull*.png SITENAME/

The latter command is only needed because there's still a bug which causes some of the files to have zero length when copied directly from the fetchpull.w script.

fetchpull-put.png

new fetchpullstats

I've been direly missing the fetchpullstats by bertm, therefore I decided last weekend to recreate them. They aren't as fancy as the old ones, but all state except for a KSK prefix is stored in Freenet.

Also there's now a multithreaded message-multiplexing Scheme-library for FCP, though with only few message types implemented.

(this is a smaller version of the tool I built which avoids any external dependencies except for Guile)

If the cron-job works out, this should update daily, and in a few weeks time the info should be actually interesting.

watch 1482

with 1481 Windows users had some sever performance problems. The initial workaround for that will be to reduce the peer-count. We got 3 reports that this fixes the problems.

Regarding anonymity, this should have little effect. You have fewer peers that mask HTL18 requests, but it will also be much less likely that an attacker connects to you, and statistical analysis which can theoretically break the HTL18 check will have to cope with much more noise because the fewer peers will reduce the smoothing of data from other peers, so it gets harder to ignore.

(and I have not yet seen any calculation which actually took into account that actual peer-counts are far from homogenous in Freenet)

I plan to insert 1482 tomorrow. You can watch what happens on the following status page. It should keep updating, but the script which creates the site isn't very robust, so no panic if it stops.

verify-build, demystified

Now that we're on gradle, verifying that what I release is actually what's tagged in the source is much easier than before. These instructions are for GNU/Linux, and maybe other *nixes.

Firstoff: to verify 1482 you NEED Java 7 - in general you need the Java version I release with.

Start by downloading the jar: SSK@dLxKiIFKlfhgdgkYNlHoGoSO~KWRYPTkdbWfznZyatg,OwghtrmoY5Mj~1pfUHbo308FHZyTVwXfEXNX5C2EKT8,AQACAAE/jar-1482

Copy it to /tmp/freenet-1482.jar

Then run the following:

failureWarning="FAILED TO VERIFY.
If you determine that this failure is not due to build environent differences,
then the source files used to build the published version of Freenet are 
different from the published source files. The build has been compromised.
Take care to only run version of Freenet with published, reviewable source code, 
as compromised versions of Freenet could easily contain back doors."
cd /tmp/
git clone git@github.com:freenet/fred.git
cd fred
git checkout build01482
./gradlew jar
mv build/libs/freenet.jar ../freenet-built.jar
cd ..
mkdir unpacked-built
unzip freenet-built.jar -d unpacked-built
(cd unpacked-built; find -type f) | sort > unpacked-built.list
mkdir unpacked-official
unzip freenet-1482.jar -d unpacked-official
(cd unpacked-official; find -type f) | sort > unpacked-official.list
if ! cmp unpacked-official.list unpacked-built.list; then
    echo FAILED TO VERIFY: Different files in official vs built
    echo Files in official but not in built are marked as +
    echo Files in built but not in official are marked with -
    diff -u unpacked-built.list unpacked-official.list
    echo ""
    echo "$failureWarning"
fi
while read x; do
    if ! cmp "unpacked-official/$x" "unpacked-built/$x"; then
        if [[ "$x" = "./META-INF/MANIFEST.MF" ]]; then
            echo "Manifest file is different; this is expected."
            echo "Please review the differences:"
            diff "unpacked-official/$x" "unpacked-built/$x"
        else
            echo "File is different: $x"
            echo "$x" >> "differences"
        fi
    fi
done < unpacked-official.list
if [[ -s "differences" ]]; then
    echo VERIFY FAILED: FILES ARE DIFFERENT:
    cat differences
    echo ""
    echo "$failureWarning"
fi

PS: This is a shorter version of the verify-build script: https://github.com/freenet/scripts/blob/master/verify-build#L169

Test for Freenet 1482 emergency release

This release addresses increased CPU load in 1481 by reducing
the peer-count. The lower number of peers should reduce
the necessary work for routing. Since all nodes reduce their peercount,
the bandwidth per peer rises, so the speeds should stay the same.

If you give Freenet 100kiB/s upload speed, it will now
request only 13 opennet-peers.

Also 1482 applies the winterfacey theme adaptions by poet.
You can test the winterfacey theme by activating it in
Configuration -> Web interface.

To help with testing 1482, please set the following as your auto-update key:

USK@dLxKiIFKlfhgdgkYNlHoGoSO~KWRYPTkdbWfznZyatg,OwghtrmoY5Mj~1pfUHbo308FHZyTVwXfEXNX5C2EKT8,AQACAAE/jar/1481

This is also available on github as pre-release: https://github.com/freenet/fred/releases/tag/build01482

We especially need testers using Windows, ideally in a setup where Freenet 1481 caused extremely high CPU load.

Freenet 0.7.5 build 1481 released

Freenet 0.7.5 build 1481 is now available

The Freenet Team is proud to release Freenet build 1481, the first
build to be compiled from gradle! This concludes work during the past
two years to make it easier for new developers to start hacking on
Freenet.

Your Freenet node should update itself from Freenet via the auto-update.

This release rekeys the update URIs to ensure they are compliant with
RFC6979. It also splits off java 7 into its own update key for 1482,
so we can use java 8 starting with 1483. The updated keys have been
split into shares using ssss-split and distributed among core
developers to maximize our release management bus factor:
https://en.wikipedia.org/wiki/Bus_factor

We also added the Winterfacey theme and set sky-static as default
theme until Winterfacey got more testing. You can test switch between
themes on Configuration -> Web Interface

Thank you for using Freenet!

And a special thank you to DC* (desyncr) who tracked down an OOM so we
could finally fix it and release after 6 weeks of fruitless search!

  • Arne Babenhauserheide, current release manager

Basic Values around the world

I think it is useful to understand that other people value other things than I do. My current best reference of that are the 18 values of the "Lebe Balance" program:

Act Self Want
Freedom in thinking Pleasure Prosperity
Self-determination Power Social prestige
Variation Influence Security
Tradition Modesty Tolerance
Willingness to adapt Caring Justice
Follow rules Reliability Environmental Protection

These values exist around the world, but the values which give you strength is only a subselection of them: your personal core values. When you act in accord with your values, you are happier and can more easily go forward. Note that you cannot easily change what you value.

When someone does something alien to you, he or she might just put different weights on these values.

Only one of them is prosperity (getting richer).

Freenet World Domination Plan

This is a high-level roadmap.

We had several roadmaps in the past. They focussed on releases and on "when are we done". This one is different. It focusses on visions to find a stronger audience. It does not shun controversial topics and it is not a request for input.

These are the powerful visions I see, ordered alphabetically:

  • Beautiful Freenet: Winterfacey by default, clean up UI warts (i.e. first time wizard). Get rid of those UX hurdles which are likely to cost us the most users.
  • Hosted Freenet: provide images (i.e. docker) to make it easy to run a Freenet node for all the transparent Freenet stuff which does not need highest security but which should still be available to people who need highest security.
  • Icicle Freenet: a crystal seed for darknet via mobile. Try the icicle app. Improve it. Show it. It's how we devs should be able to ping other devs on their mobiles.
  • Mobile Freenet: transient nodes without storage which only connect while on wifi and external power (~40% of the time) — and while the user browses. Announcement is fast enough for that nowadays, and median uptime of desktop nodes is lower (only two to four hours).
  • Multimedia Freenet: add more content filters and media tools. I want to stream songs over Freenet with <2 minutes delay => m3u + opus + tools to make that easy. Streaming video works well if pre-recorded. Must avoid recently failed.
  • Stronger Freenet: Increase security against attackers, i.e. with simple channels to hide activity from directly connected nodes.
  • Transparent Freenet: backend to other apps, installed and started on-demand. Makes Freenet available from any technology stack. Get Freenet into all major distributions, so programs can use it there, and provide a freenet-browser script and a run-with-freenet script which does all the steps needed to start Freenet and connect the browser or app securely (i.e. to Freenet with random IP and Port).
  • Unblocked Freenet: fix the pitch black attack and scale WoT. Makes Freenet interesting to tech-savvy folks with >10 years of experience.

addition from FMS

  • Traceless Freenet: GNU/Linux LiveCD .iso image that can run entirely on a CD or USB stick, like Tails for Freenet. Locked down with all ports blocked except Freenet's opennet and darknet ports for that node*. Preconfigured with a locked-down browser. Distro: 1) nice-looking, 2) easy to use for people not used to Linux, and 3) work on older computers including 32-bit ones.

1481 test release

If you saw a message by me about 1481, that was me. We have the hopefully final test release!

optimizations for a chat app over Freenet

Some info how to optimize inserts for a chat app:

some optimizations that could help: DontCompress=true, use PriorityClass 1, ExtraInsertsSingleBlock=0, RealTimeFlag=1

take your Freenet node, go to plugins, enable KeyUtils, then open one of the inserted messages with the KeyExplorer: http://127.0.0.1:8888/KeyUtils/
what you need is for the key to NOT have a CHK redirect

this is how it should NOT look for a chat app: http://127.0.0.1:8888/KeyUtils/?key=SSK@sUm3oJISSEU4pl2Is9qa1eRoCLyz6r2LPkEqlXc3~oc,yBEbf-IJrcB8Pe~gAd53DEEHgbugUkFSHtzzLqnYlbs,AQACAAE/random_babcom-368&hexwidth=32

this is how it SHOULD look for a chat app: http://127.0.0.1:8888/KeyUtils/?key=SSK@YOeUMvHNyr2RY1dQB0-4cppO2Ip-8zKf7CaszRhPqU4,OaISGGFz52FaD98m2JZo-2gQ2XErr0pb3DPkpvDkKxs,AQACAAE/changelog-1481&hexwidth=32

make the uploaded files small enough that you get an upload like the second one.
jamesaxl: the effect is that Freenet then only downloads one single 1KiB key and is done.

If you get a redirect (like the first link), then Freenet has to download the SSK, then download the 32KiB CHK referenced in the SSK. You NEED such a redirect if the data you upload is bigger than 1KiB.

For text messages, better split them into two than go above the 1KiB
(1KiB is one A4 page of ASCII text)

You will WANT a redirect if your file is larger than 100KiB, because the redirect also adds redundancy: You then only need to download half the fileparts, so your file will live much, much longer.

Do NOT split your file if it is larger than 32KiB. At that size the redundancy added by splitfiles increases the lifetime of the complete message a lot. You will most likely want that.

That's it. I hope it is helpful for some of you out there!

Changes in stats from bandwidth changes

I noticed big changes in the network size estimate from the probes

These correlate with changes I did to the bandwidth of the stats collecting node, so most of them are likely bogus. To get better stats, we'll need to re-check the algorithm which scales from probe results to the size estimate. It seems to have some dependency on the peer-count of the collecting node. More testing required …

Wow, we won for now.

Das EU-Parlament hat das Zensurgesetz vorerst gestoppt | The EU Parliament stopped the fast-tracking censorship law: https://twitter.com/Senficon/status/101481446048841318

Great success: Your protests have worked! The European Parliament has sent the copyright law back to the drawing board. All MEPs will get to vote on #uploadfilters and the #linktax September 10–13. Now let's keep up the pressure to make sure we #SaveYourInternet! — Julia Reda (Senficon)

Petition against censorship in the EU, still open today; Parliament vote is tomorrow

Tomorrow the EU Parliament decides about censorship in the EU. Please sign today to ask them to stop the censorship directive which would let chinese censorship look like kindergarden!

Info: https://saveyourinternet.eu/ and https://savetheinternet.info/

Petition: https://www.change.org/p/european-parliament-stop-the-censorship-machinery-save-the-internet

(you're not anonymous there — you can't be in a petition — but you'll be one of almost one million petitioners, and it needs every single voice)

Talk about Freenet by Aaron Jones in Phoenix Linux User Group

Aaron Jones permitted me to upload his talk about Freenet. I enjoyed watching it, so I thought you might, too:

Aaron_Jones_-_Introduction_To_Freenet-zu9gM3_gIfM-vp9.jpg

"Aaron_Jones_+/Introduction_To_Freenet-zu9gM3_gIfM-vp9.webm":/CHK@cxNRV0398Q5xebr5L~J0JKDNRXxMMZ4WQ03ZsYJgUg0,tsiIOJEZNBWwa146PvTjEWo-JRPx5bYmErVjiGbG4~k,AAMC—8/Aaron_Jones/+_Introduction_To_Freenet-zu9gM3_gIfM-vp9.webm

Quotes for Freenet

Last year I wrote "we should quote presidents and the Guardian". I found a better quote by CNN — and by presidents. Here they go:

»there is no central server and no one knows who's using it so it can not be shut down … where there is a message it is likely to find a medium.« — CNN, 2005-12-19

»The liberty of the press is essential to the security of freedom in a state: it ought not, therefore, to be restrained in this commonwealth.« — John Adams, 1780, second president of the USA.

»When people talk of the Freedom of Writing, Speaking, or thinking, I cannot choose but laugh. No such thing ever existed. No such thing now exists; but I hope it will exist. But it must be hundreds of years after you and I shall write and speak no more.« — John Adams Letter to Thomas Jefferson (15 July 1817)

»No experiment can be more interesting than that we are now trying, and which we trust will end in establishing the fact, that man may be governed by reason and truth. Our first object should therefore be, to leave open to him all the avenues to truth. The most effectual hitherto found, is the freedom of the press.« — Thomas Jefferson, Letter to Judge John Tyler (June 28, 1804)

»Our liberty depends on the freedom of the press, and that cannot be limited without being lost.« — Thomas Jefferson, letter to Dr. James Currie (28 January 1786) Lipscomb & Bergh 18:ii.

»What makes it possible for a totalitarian or any other dictatorship to rule is that people are not informed; how can you have an opinion if you are not informed?« — Hannah Arendt, 1974

»And that is why our press was protected by the First Amendment — the only business in America specifically protected by the Constitution — … to inform, to arouse, to reflect, to state our dangers and our opportunities, to indicate our crises and our choices, to lead, mold, educate and sometimes even anger public opinion.« — John F. Kennedy's Address before the American Newspaper Publishers Association (27 April

»Without general elections, without freedom of the press, freedom of speech, freedom of assembly, without the free battle of opinions, life in every public institution withers away, becomes a caricature of itself, and bureaucracy rises as the only deciding factor.« — Rosa Luxemburg, Reported in Paul Froelich, Die Russische Revolution (1940).

»A popular Government without popular information, or the means of acquiring it, is but a Prologue to a Farce or a Tragedy, or perhaps both.« — James Madison, Letter to W.T. Barry (1822-08-04).

»A critical, independent and investigative press is the lifeblood of any democracy.« — Nelson Mandela on freedom of expression, At the international press institute congress (14 February 1994).

»we believe that when governments censor or control information, that ultimately that undermines not only the society, but it leads to eventual encroachments on individual rights as well.« — Barack Obama, Rangoon, Burma on November 14, 2014

»If in other lands the press and books and literature of all kinds are censored, we must redouble our efforts here to keep them free.« — Franklin D. Roosevelt, Address to the National Education Association (30 June 1938).

»The liberty of the press is no greater and no less than the liberty of every subject of the Queen.« — Lord Russell of Killowen, Reg. v. Gray (1900), L. R. 2 Q. B. D. 40.

Also added on my clearnet page: http://www.draketo.de/english/freenet/answer-to-cannot-use

Why freesites below 2 MiB live longer

A rule of thumb which works for well-designed sites: As long as its below 2 MiB, every bookmark referencing the activelink of the site will keep the whole site alive. This goes double for crawlers. That way the site will live almost forever.

However, a site larger than 2 MiB will fall out about one month after people stop browsing it: Once the site surpasses the 2 MiB limit, it must be split into multiple containers and the activelink will only keep one of the containers alive.

//

Building Freenet next branch offline

While being offline for 6 weeks I had to build Freenet offline. The following tarball contains fred prepared with gradle so you can run it offline. Just check the README. This should allow all our anon devs to hack on next.

Say something about finding something good in every problem :-)

freenet-clean-build-environment.tar

(the tarball is uncompressed, because freenet will do the compression transparently — it's around 330 MiB uncompressed)

And if you value your anonymity, please use something which is actually offline: I did not check this setup for not trying to access the web, only for being able to operate without internet access.

EU wants to filter all uploads, action tuesday 20th, with GitHub!

EU wants to require platforms to filter uploaded content (including code).
Yes, this is bad, and we have a chance to reach them next tuesday. With GitHub: https://blog.github.com/2018-03-14-eu-proposal-upload-filters-code/

More details: https://juliareda.eu/2018/02/voss-upload-filters/

StL-share-1-300x300.png
(from Julia Reda)

//

changing ISPs, some downtime

I'll be offline for a few days to weeks: Our current ISP is ceasing operations in the area and the new one might take some time to connect us.

Watching 1479 spread over a day

2017-11-13-spreading-freenet-update.png

75% of nodes update within a day. The gap up to 2000 represents about 9 more days.

Generated with:

for i in {2000..3440}; do 
    wget -O $i-"$(date -u +%Y-%m-%dT%H-%M-%S)".html http://127.0.0.1:8889/strangers/; sleep 60; 
done
(VERSIONS="$(echo {1468..1479})"; echo index datafile $VERSIONS; 
  for i in *.html; do 
    for j in $VERSIONS; do 
       grep -A1 peer-version $i | grep -cP '\t'$j\$ ; done | xargs echo $(echo $i | sed "s/-/ /") ; 
  done) > /tmp/frac.dat
gnuplot
set xlabel "time / minutes since insert"
set ylabel "peer count / strangers"
set title "Freenet update propagation (seen from a non-updating node)"
plot for [n=3:8] '/tmp/frac.dat' u (15+$1):(column(n)/column(n)*column(n)) w points title columnhead(n), \
    for [n=9:14] '/tmp/frac.dat' u (15+$1):(column(n)) w lines title columnhead(n)

Reduced peer count in 1479 is expected and good

1479 connects to less peers. This is an adaption which improves bandwidth utilization for fast nodes while allowing slower nodes and nodes with much weaker CPU to join and keep connected.

The node count is calculated such that the limited upload bandwidth is distributed among the peers. I know that it is tempting to fake raised bandwidth to get a higher number in the status bar, but this will do more harm than good for you: If you take more peers than the count, you won't be able to keep up with the demand and peers will be more likely to drop you.

The peers are set network wide and using a different algorithm will likely cause you to either have less bandwidth usage (peers give you a fixed speed for that connection) or getting dropped (peers expect a certain bandwidth per connection).

The higher bandwidth utilization for fast nodes should benefit you by increasing the bandwidth available for routing in the whole network. The same should be true for the lower churn of slow nodes (i.e. on a Raspberry Pi) due to being able to keep connections.

The scaling is calculated from the expected utilization due to the number of peers: you get peers proportional to the square root of your bandwidth because the more peers you have the more likely a request will be sent along the connection to you. The higher likelihood to receive a request times the number of peers gives scaling of traffic with your bandwidth.

Whether this worked will be verifiable by the peer count distribution from the statistics page.

Before 1479:

plot_peer_count.png

After 1479 (once the new upload finishes, until then it's the same as the graph above):

plot_peer_count.png

so much for the probes: I found that postgresql had died a month ago. I now restarted my probes, so robust data should be available within a few days. The probes by Steve show no drop in users today: https://asksteved.com/stats/, so there should at least be no emergency.

I expect a less sharp drop at 95 peers (this cutoff-point is caused by the small network size: fast nodes cannot find enough close peers to utilize their full bandwidth) and that the peak at 10 peers moves left to 7 peers.

A freenet update propagates within two hours

After inserting the release, I did some statistics of the stranger nodes I saw. They suggest that the result of the fetch-pull-stats that an update propagates to most of the network within just a few hours is still valid.

Here's a preliminary evaluation of what I have until now:

update-propagation-speed.png

This is generated very primitively:

Data:

cd ~/freenet-watch-update-to-1479
for i in {0001..1440}; do 
wget -O $i-"$(date -u +%Y-%m-%dT%H-%M-%S)".html \ 
    http://127.0.0.1:8889/strangers/
sleep 60
done
(echo datafile 1478 1479; for i in *.html; do 
      echo $(echo $i | sed "s/-/ /") $(grep -c 1478 $i) $(grep -c 1479 $i);
      done) > /tmp/frac.dat

Plot with gnuplot:

set xlabel "time / minutes since insert"
set ylabel "peer count / strangers"
set title "Freenet update propagation (seen from a non-updating node)"
plot "< tail -n +2 /tmp/frac.dat" using (15+$1):3 with lines title "1478", \
     "< tail -n +2 /tmp/frac.dat" using (15+$1):4 with lines title "1479"

releasing 1479 now

Short notice: I am working on doing the release right now.

the reason for the different peer counts

The only reason why you can have anything between 10 and 140 peers is that bandwidth is distributed very unevenly across the globe. Freenet has to work well for users from Japan/Korea/HongKong (their internet speed is awe inspiring!) as well as for users with the equivalent of a double-ISDN line.

(a reply I gave on FMS)

snapshot pre-release for 1479

I created a preliminary snapshot of the first round of changes planned for 1479. It's built from https://github.com/freenet/fred/pull/621 — please give it some testing!

CHK@azFEEEuDpDBBsOKkhvL5vfkVnOem9OBd6lXNKXkeLpA,lRfvSQ54DyeYLMYHOyV3npdh-Od8IzFQ4elkcpaQX3Y,AAMC—8/freenet-20171010-r1-snapshot.jar

CHK@fIp8QFC2-iBxP~–5pWEdtkUZgxPARSvH8efKYqDcDC8,inlD8D~adR1ynt4481CDObstBimGcFayqQZshvNqr-s,AAMC—8/freenet-20171010-r1-source.tar.bz2

CHK@nOVBNOQTOH~MbUWenwlFVi0DDiJ6VT2QbHEg0N8WdJo,1J96YQ3~~bOtrAnnv9S3UiIPB1edY0Ux99DCDJudUPU,AAMC—8/freenet-20171010-r1-snapshot.jar.sig

CHK@Vsaj-0-wGiX-Rr2i2aSml0b3CY7852yoOoCxP2rNgd0,6KpzZQJeJJzfAnRdloXD4d5api9fsqMJJRmwM2HSSfw,AAMC—8/freenet-20171010-r1-source.tar.bz2.sig

Here's the high-level changelog:

Sharesite, FlogHelper, or plain HTML

In FMS there's a discussion about creating Freesites. Some contributions (each with quoted messages, I'm trying to include most of the thread with as few links as possible):

The following is the second message I wrote.

The three advantages of Sharesite over Floghelper are:

  • It's more robust, since it does not depend on WoT, it inserts (and provides links to) all resources you need to make a copy of the site, and it gives you backups of all your sites with a single click. In a Sharesite it's the base content which should stay available. It's single-page to keep it simple and small and efficient. Though random_babcom stretches the definition of small nowadays :)
  • It has additional privacy protections by only inserting at a fixed (but randomly selected) hour of the day. That way it hides your timezone and most of your activity patterns.
  • It has a wider range of usecases from very simple ones (just throw in some links and click "find keys and save") to simple ones (throw in a text, i.e. a manifesto), to medium complex ones (a single-page flog with a table of contents but without convenience like automatic dates for the entries). There are no complex ones, though.

There could be (optional!) WoT integration, but that isn't on the current short-term roadmap, since I want to keep its inter-plugin dependencies minimal.

Advantages of Floghelper are:

  • It holds vastly more promise for usability: no need to even know about keys (you upload to a WoT Identity), and the WoT IDs could be spidered automatically to generate local indexes of Flogs, following the trust tree (which prevents spam). You could even detect other flogs which reference yours and provide some kind of pingback with spam-protection. Floghelper could work just like Wordpress. Sharesite cannot: Sharesite will always have to expose some lower-level details to the user.
  • It provides multi-page sites in a style of typical blogs. Sharesite could not do that without changing its datastructure (i.e. a single page of sources), and that would reduce its robustness.

I prefer Sharesite, because FlogHelper does not yet have the robustness and simplicity I need to just jot down something quickly, and because FlogHelper's speed is partly limited by the speed of the WoT-plugin.

But I'm sure that if someone decided to invest a few weeks into it, FlogHelper could quickly close the robustness gap. It should never ever lose a Flog.

New FMS ID for my role as release manager

Up till now, if a user on FMS posted stuff I can't take, I could unsee him, but if he or she would have chosen to unsee me, he or she would not have seen freenet release discussions anymore. That's a power disbalance I don't want.

Therefore I just created a freenet-release-manager account. Key: freenet-release-manager@vPuRconm3n2mbkhU~ZvrSg8DSJm3NAgX-dP4l-h4b2U,LndUgYvJSC-iNfE~xAOwRE1NYcoHqlUSfQ8ISbPIhrM,AQACAAE

If you don't want to see my personal opinion, you can now set my FMS trust to 0 and still see my posts about freenet release management.

Thanks goes to FreedomForever for alerting me of that power disbalance. He did not actually make this point, but I think it is the reason why he got upset — and it is a good reason.

Finally a clarification: I am release manager, not "the manager of Freenet". I take care of getting stuff released, but otherwise I do not have any more power than anyone else, and I don't want it.

I hold it with Casilda (Kass) Aguero: My father got busted for getting into a central position where too much rested only on him. I don't plan to make that mistake.
(german site)

the zen of tolerance

You are entitled to voice your opinion. — freedom of speech

You are not entitled to force it upon everyone. — freedom from noise

You are not entitled to force it upon a subgroup repeatedly. You are not entitled to force your opinion upon someone if you are part of a group and each of you wants to do that. — freedom from harrasment

You are also not entitled to hurl hate towards participants, since that would disrupt communication. — freedom from injury

If you cannot stay respectful and friendly after being asked to, I will unsee you and advise others to do the same with a clear and brief explanation, so they can take an informed decision. — freedom to ignore

I will use technical means to realize the zen of tolerance. Tolerance for intolerance is self-defeating. Continuous disruption of communication is censorship.

Constant outrage disrupts communication. As does constant mocking.

This could also be called the paradox of free speech: your freedom of speech is worth as much as mine. It ends where it impedes on mine. And vice versa. FMS and the WebOfTrust plugin implement a technical method which can be used to realize this.

Freenetproject website mirror updated

I found a way to make the freenetproject website mirror much nicer:

make html SITEURL=/USK@0iU8[…public key]/freenetproject-mirror/490/

My Freenet talk for the SUMA award 2015

Here's a re-encoded version of the talk I gave to thank the SUMA folks for the award they gave to Freenet (in German):

freenet-suma-award-2015-nur-vortrag-vp9.jpg

freenet-suma-award-2015-nur-vortrag-vp9.webm

State of the climate

Mike_Perry-comic-roll-a-die-2014-climate-new-text-cropped.jpg

Mike_Perry-comic-roll-a-die-2014-climate-new-text-cropped.png

I was seriously freaked out by a paper which showed significant increases in arctic emissions. Mike Perry (nodicemike.com) created this strip for me to finally visualize how I see the two main pathways of our future.

The license is cc by.

It's crazy to think that even in the best case scenario (humans keeping total CO₂ concentration below 470 ppm) the probability of staying below 2°C warming is just about 80%.

More details are available on my website (http://www.draketo.de/english/politics/roll-a-die) and its Freereader mirror: draksites

What is needed to release next?

update: seems we need to switch to a new TUF tool for updates. This might take more time than I had hoped, since I'll have to dive into the release scripts and adjust what they do.

  • fix update.sh/.cmd (the last-line-of-defense failover updaters) in an

on-freenet update¹ (requires fixing sha1test.jar from the java_installer)

  • prepare shipping JNA
  • check and use the new release scripts from operhiem1/Steve
  • create an on-freenet test release from gradle
  • include the new Windows tray with 64bit support from

mrsteveman/Stephen

  • document how to release to the AWS-based website
  • do a test release to the website which works with ./update.sh

testing

  • do a real release

While I work on the release this list might get a bit longer with stuff I missed.

¹: they were broken during the switch to AWS because the old links no longer work.

That said, my pyProbe-based statistics site (based on the work from operhiem1) is finally not-completely-broken anymore, and suddenly its node-count makes sense: Freenet Statistics

Here's the working probe.config

Unicorn shitting in my backyard

unicorn-shitting-in-my-backyard-please-not-aral-balkan-678047238-vp9.jpg

Your unicorn is shitting in my backyard, would it please not?

A talk by Aral Balkan. License: cc by.

Freenet devs on social media

I found a Freereader site which aggregates social media posts from Freenet Developers: freereader Freenet devs

I thought it might interest you.

"what if I have no friends?"

"I have no friend. How do you help people without friend?"

Use opennet; and find friends, or at least comrades. People you meet to play scrabble, chess or skat — or my favorite pasttime: fantasy roleplaying games. Or just watch the sunday football game. Seriously. You'll need them if the shit hits the fan, and be it only that you have someone who calls you if you don't turn up some day.

Given that you already worry enough that you're using Freenet, the shit might just hit the fan some day, without relation to Freenet, so go and try to make some friends.

As a side effect that will increase your life expectancy and improve your health. Humans are terribly social creatures, even down to their immune system.

security: darknet vs. opennet

In Darknet your friends can launch the attacks which any stranger can launch in Opennet.

In Darknet attackers have to corrupt your friends or invade your longterm social circle while in opennet they can simply wait till they get a connection to you (and there are ways to speed that up).

So please use darknet. Build it one ref at a time

Nowadays more than ever before: it is a time for darknet

And if you cannot go darknet-only right away, start in hybrid. It is the path towards a global darknet

What's announcement?

who announces what to whom about what?

Announcement means that you talk to the seednodes and tell them that you'd like to have references of other opennet nodes which fit to your position in the keyspace.

Essentially you say "tell me who's close to this location".

Then the seednodes send a request to that location and they tell you of all the nodes the request reaches.

That way the nodes you get already fit the small world structure quite well (which is needed for efficient routing in Freenet).

copied from an answer I gave on IRC

Delay tolerant networking references

delay-tolerant-networking

This provides a sneakernet, but as far as I see it, it is without strong censorship prevention. It's still pretty interesting, though.

Also Delay Tolerant Networking is getting ESA grants right now: They want to make satellites communicate reliably via non-permanent and high-latency links.

Standard Score and Prediction Interval

Standard_score_and_prediction_interval.png

Standard_score_and_prediction_interval.svg

From Wikipedia, Public Domain.

Better proxying freenet-browser script

After creating the freenet profile, simply launch your freenet like this:

freenet-browser

firefox --profile ~/.config/freenet/firefox-profile --no-remote --new-instance http://somewhere.else

GNU/Linux desktop share 2008 to 2017

gnu-linux-desktop-share-small.png

Unit: GNU per kilowindows.

Change: Growth by factor 2.5

Growth relative to all devices (desktop and mobile): factor 1.4

Mac changes nothing.

Larger version: gnu-linux-desktop-share.png

Background and data source: http://www.draketo.de/licht/politik/leserbriefe/gnulinux-gewinnt-marktanteile

New data, somewhat depressing:

  • 2017-08: 2.7% / 89.15%
  • 2018-08: 2.24% / 87.78%
  • 2019-08: 1.76% / 87.86%

Vision for a social Freenet

Infinite Hands Sheet Music

This is a two-page version of the Infinite Hands Sheet Music, fit for printing and playing at a campsite.

Freenet als Proxy, praktisch (in German)

Tut mir Leid, dass mein letzter Post komplizierter war: Er ist nur unter
GNU/Linux automatisch umsetzbar, unter Windows geht das etwas anders
(ich habe nur GNU/Linux).

Praktisch:

  • In freenet.ini sollte irgendein zufälliger Port als fproxy.port stehen

(zwischen 5001 und 32767). Ich nenne ihn mal NNNNN.

  • Die IP address to bind to sollte 127.x.y.z sein, mit x und y

zufälligen Zahlen zwischen 0 und 255 und z zwischen 1 und 254.

  • In deinem Firefox stellst du in deinem Freenet-Profil¹ unter

Erweitert->Netzwerk einen Proxy ein (den gleichen für alle Protokolle). Für diesen nimmst du Host 127.x.y.z und Port NNNNN (die Zahlen aus der freenet.ini)

Dazu brauchst du noch die Einstellung, dass DNS über den Proxy gehen
soll.

Freenet-Links sollten jetzt im Freenet-Profil funktionieren (mit
beliebigem Host und Port: das geht damit alles über den Proxy), aber im
nicht-Freenet-Profil nicht mehr. Dafür kann das Freenet-Profil jetzt nicht mehr auf das Clearnet zugreifen. Auch das ist gewollt (ich habe schon mehrfach ausversehen nach einem Freenet-Link gegooglet, was fast schon der Worst-Case an Privatsphärenverlust ist).

Viel Erfolg und weiter viel Spaß mit Freenet!

Danke an den Nutzer, der mich darauf hingewiesen hat, dass mein Post zu kompliziert war!

¹: Der Nutzer verwendet JonDoFox, um einfach Profile wechseln zu können. Ich starte im vorigen Post Firefox via Befehlszeile mit dem anderen Profil. Die Befehlszeile steht bei mir auch in

Der Grund dafür, dass das nicht Standard ist, ist übrigens, dass manche Nutzer sich beklagt hatten, dass sie nicht wussten, wie sie aus dem Freenet-Profil rauskommen. Wenn Firefox einfach neue Fenster im gleichen Profil startet, muss man alle Firefox-Fenster schließen (oder es mit --new-instance aufrufen).

Ich starte meinen Freenet-Browser seit neustem mit dem folgenden Skript: freenet-browser

Use Freenet as proxy (secure against spying attacks)

By using Freenet as a proxy instead of connecting via HOST:PORT (i.e. 127.0.0.1:8888), you can avoid most attacks which try to find your freenet node by randomizing host and port (i.e. bind to host 127.15.19.2 and port 25678), but in your proxied browser all the standard links will work (i.e. http://127.0.0.1:8888/…).

IP: 127.x.y.z with x y being random numbers between 0 and 255 and z between 1 and 254)

PORT: a number between 5001 und 32767 (inclusive interval)

If you forward it via SSH, also change your ssh forward to

ssh -NL IP:PORT:IP:PORT HOST

with IP and PORT as the new 127.x.y.z and port you defined in http://127.0.0.1:8888/config/fproxy?fproxyAdvancedMode=2 as "IP address to bind to" and "Web Interface Port". The first IP:PORT pair is the local one, the second the remote one.

(this might require additional work on MacOSX, since it might only use 127.0.0.1 as local IP)

New FMS ID

I just switched to a new FMS ID. Find me at SSK@t-YmshUm43nS16QFieoZMfBdfieb9Opy0a2aMWsoH8o,7NqDX88r1R4SC~elmpW4SuKbnAOka~MKUuBufUWa2xQ,AQACAAE/

Please re-send your freemails

Due to my recent loss of my node, I also lost my old freemails. If you sent me a freemail in the past 2 months, please re-send it (I most likely did not see it and now cannot access it anymore).

Privacy Handbuch (german)

Just found at privacy-handbuch.de, with latex sources:

It's public domain (it says).


Lost and recovered my node and Sharesites and WoT IDs

Three days ago I lost my node to a disk crash. The first SSD I lost.

I installed Freenet anew (just followed the headless instructions on https://freenetproject.org/download.html) and restored all node-* and node-*/* files from an old backup, stopped Freenet and adjusted the node.listenPort[PORT]= line in freenet.ini (in the freenet folder)) to have the same port as the node-[PORT] file and added the darknet noderefs again, but they would not connect: The backup was from before the switch to elliptic curves.

Luckily I found a more recent backup. I stopped my node, copied the node-[PORT] file from the more recent backup into the freenet folder and started the node again. All darknet peers connected again.

Then I loaded the Sharesite plugin and restored from my backups (luckily I had a recent backup: being able to just click a link to store a backup is great!). This page (random babcom) was slightly outdated: I simply copied the source off the version in Freenet.

Finally I loaded the WoT plugin and hit You can create a new identity here. Just select Re-use an old secret key, enter the key and confirm that you know what you're doing.

After barely one hour it's all running again now. It's so awesome to work with a system where almost everything can be recovered from the network — without needing any centralization. Thank you for taking part in it!

Takeaway: The one file you need to backup in addition to your private keys is node-[PORT]. As long as you have that, your friends can send you their noderefs again without having to worry that someone else could use them to connect.

That's it for today. ☺ Happy Hacking ☺ — and remember to do your backups!


New attack against Freenet

Update: The solution to this attack should be using a samesite cookie and as fallback for browsers without samesite support a check whether the referrer is a freesite (from Freenet). If both are missing, present a click-through (click to activate).

There's an attack against Freenet and other networks. It allows one attacker to identify which freesites were visited, however if there are multiple attackers, each of them will see what other attackers checked as visited sites, so for freesites the false positives rate will be huge. The vulnerability was reported responsibly but then the reporter was pushed to publish before we had a mitigation ready :(

I inserted a mirror of the attack description: timebleed

As first measure, change the fproxy port:

  • shut down freenet,
  • go to ~/Freenet (GNU Linux) or %appdata%\Freenet (Windows) or the

relevant OSX folder,

  • edit freenet.ini to contain fproxy.port=N with N a random number

between 5001 and 49151

  • start Freenet again.
  • You can now access your node at http://127.0.0.1:n (change the port

from 8888 to N).

This is not a perfect solution, it just makes the attack harder (an attacker needs on average 22000 requests to identify you as Freenet user — and must run them against all visitors — instead of needing just one).

All help to mitigate this attack is welcome! (please write in FMS, freenet board)


Unterstützung gegen Selbsthass

Der Getriebene: http://www.zeit.de/2012/44/Sexualitaet-Paedophilie-Therapie/komplettansicht

Kann ein Mensch seine Sexualität sein Leben lang unterdrücken? Wenn Jonas ein guter Mensch sein will, wird er es müssen – er ist pädophil. Wir haben ihn bei seiner Therapie begleitet.

Ein Bericht über die Erfolge eines Unterstützungsprogrammes der Bundesrepublik. Der Sinn des Deutschen Strafrechts ist nicht die Rache, sondern der Schutz der Gesellschaft und die Resozialisierung der Verurteilten. In dieses Programm kommt aber nur, wer noch nicht straffällig wurde.

Dieser Artikel ist Gewinner des Henri-Nannen-Preises 2013. Meiner Ansicht nach zurecht.

Das Hilfsprogramm der Charité findet sich im Netz unter https://www.kein-taeter-werden.de/
Es bietet inzwischen Zweigstellen in fast allen Bundesländern.


Eternal Flame: Lisp

The Eternal Flame.mp3

(it's allowed to spread this as non-commercial + verbatim)

god_uses_lisp_firedaemon-ben_brockert-cc_by_sa-flickr-10212337584_596cd66833.jpg


God uses Lisp: Firedaemon

Also known as "I'm sorry to inform you that Earth is about to be been eaten
by a fire demon." :)

Image CC by-sa by Ben Brockert:
https://www.flickr.com/photos/wikkit/10212337584


the site was back after 6 hours

We're up and running again on https://freenetproject.org — now with the new design.

Have fun and Happy Hacking!


HSTS and expired cert: our site is down for now

The SSL certificate expired and we use HTTP Strict Transport Security
(HSTS). That means: Our old site is down until the DNS can be switched
over to the AWS site.

Let's treat this as a test of what would happen if an attacker were to
take down our clearnet infrastructure.


1478: add pinned certs

I released 1478. It just adds pins to our new CA certs for the
failover download if no Freenet connection can be established (via
Amazon Web Services).

This should allow us to switch to the new infrastructure, but it will
not avoid short-term breakage.


Infrastructure …

This evening our certs run out. I uploaded a new update.sh which
includes the new AWS certs. I'll make a release with the new certs in
Freenet. We will have to get stuff working again after the certs run
out, but there will be a chain of trust with the new certs having
initially been released from infrastructure verified by the old certs
(so people can compare what they get).

(changes noted in https://github.com/freenet/fred/pull/611/files )

If you do not need to hide that you use Freenet, please test

./update.sh testing

(accesses the clearnet site!)

I posted a news item on the website that there are infra changes
incoming: https://freenetproject.org/news.html#20170405-infra-changes

I wish we could have done this much cleaner. We're still doing this as
clean as our time constraints permit, but keeping to hard deadlines as
volunteers with real-life obligations requires some trade-offs (this is
my personal stance, not the position of the project. We cannot do what
we cannot do so we have to make do with what we can do).

On the upside: Updates over Freenet should keep working regardless of the clearnet infrastructure.


Freenet infrastructure migration

(from https://titanpad.com/yKe1kGH902 )

This lays out the steps needed to migrate to our new infrastructure with the new SSL certs. It is a short-term plan, but it should be compatible with moving to gradle and signed jars for validation of downloads (instead of sha1 files).

If you find any problem in this plan, please say so — ideally with a suggested fix!
If there's something missing, please do likewise!

I plan to send this in an email to devl this evening.

Basics:

The new repo should be compatible with both plain file storage and retrieving and verifying dependencies from maven via gradle. I suggest a maven structure, but we won't be able to push that to maven central without changing our package to org.freenetproject — which would break all plugins and scripts and pull requests (which I think it's a no-go¹). Nextgens is preparing an S3 bucket at mvn.freenetproject.org. We'll start by uploading the binaries there, as https://mvn.freenetproject.org/org/freenet/build%3C#%3E/freenet-build%3C%23%3E.jar%7B,.sha1,.sig}

Tasks:

  • release a new build to the new and the existing infrastructure:
  • adjusted paths in updater.sh, updater.cmd, sha1test.jar and fred.
  • adjusted release scripts to upload to the new repo (and create the

directories as needed).

  • adjusted gradle to allow publishing to the new repo (with full maven

metadata)
-

  • adjust download paths on the website

paths: https://mvn.freenetproject.org/org/freenet/build%3C#%3E/freenet-build%3C%23%3E.jar%7B,.sha1,.sig}

¹: it took us more than one year to partially recover from the db4o purge. We still have plugins which aren't adjusted to working without db4o, so I don't think we're currently in a position to do large refactoring with side-effects like that.


Wiki and old-wiki, full backup

I crawled the old-wiki and the wiki to avoid losing any content in the transition to the new wiki on github. The following are the tarballs.

The actual source data is in /raw (old-wiki) or.raw (wiki).

I also uploaded a clone of the new github wiki, as well as a tarball of the most current version. If you want to help to ensure that we do not lose any content, please grab the tarball or clone the repo with infocalypse or gitocalypse and add what is still missing. Then leave a note in FMS or Sone or FLIP/flircp with either a link to your repo or a tarball with the added files.

USK@6~ZDYdvAgMoUfG6M5Kwi7SQqyS-gTcyFeaNN1Pf3FvY,OSOT4OEeg4xyYnwcGECZUX6~lnmYrZsz05Km7G7bvOQ,AQACAAE/freenet-wiki.R1/1

Note that some pages where combined, so not every missing sub-page is actually missing content.


Freenet 1477 imminent: fixes regressions

  • fix clickjacking vulnerability
  • patch open redirect and header injection vulnerability introduced in

1476

  • fix SSL which broke with Java7 due to missing cypher

Sorry about that.


Freenet 1476 released

This is my first release as release manager.

Main changes:

  • efficiency improvements: routing for fast nodes and sparse bitmaps
  • a new gif filter with improved security
  • improved maintainability by replacing custom code with standard code
  • show update info alongside bookmarks
  • ssl fixes
  • update plugins: Sharesite 0.4.4, Library v37, Freereader 6

Release notes with details:

Thank you for using Freenet!

Release information for the website is upcoming, but might wait till monday so we can give the press a fair "warning" (see https://github.com/freenet/website/pull/77/ ).


Mailing list archives

I uploaded the mailing list archives for devl and support:

freenet support archives

freenet devl archives


flircp: chat as plugin

I built the flircp plugin from SeekingFor with fixes from TheSeeker and some experiments for speed hacks. If you want to try it, you can load the plugin from the following key:

CHK@o1eRsD8vV5PM~wZzAxoT4IiTiZ0Ucub7uGtGZdTQRGs,mepNADzOVopYoTsRgb0fcmdVc4W949nC3TDao5nNMSc,AAMC--8/FLIRCP.jar

Here's an example session with timing information:

[01:00:25] ArneBab I see myself!
[01:01:38] ArneBab_flircp_10578 not seeing myself right now…
[01:03:28] ArneBab I just got the outdated information that I don't see myself :)
[01:09:13] ArneBab_flircp_10578 and read it here
[01:09:49] ArneBab which I just learned about
[01:10:06] ArneBab_flircp_10578 do your own timing
[01:10:36] ArneBab it seems like my inserts from FLIP are seen almost instantly by flircp, but my inserts from flircp are seen by flip after more than 6 minutes
[01:11:28] ArneBab_flircp_10578 :)
[01:12:46] ArneBab_flircp_10578 just 22 seconds until I see my FLIP-insert in flircp!
[01:15:06] ArneBab now 2 minutes until I see my flircp insert
[01:15:10] ArneBab getting better :)

(ArneBab is from FLIP, ArneBab_flircp_10578 from flircp)

Current source:

CHK@Dgm9KyIg1Ajw96IEJ3NTefWxQjPHGVnneNmS6WachBU,QITJtIWRXZJJ0dGsoMKYn8xSuh1n5wxVSYT34hwxij8,AAMC--8/flircp-2017-03-01.tar
CHK@ySDd~JlBeCYfbyRV-fJH3C0Z-qxEMveAurC9-BL0ZgU,IUMz6YUo8OIJVBGOZnB53YpY~X45jwEZ1Sfye4-GZyY,AAMC--8/flircp-2017-03-01.zip

To build the source, copy freenet.jar and freenet-ext.jar from your freenet folder to ../ and then run ant. If building fails, please use the pre-built jar and tell us in flircp!

(repo: https://github.com/ArneBab/flircp/ )


deciphering flip datastructures (just a short pointer)

flip identities are for example at

SSK@mMxqcIuAJZ~9OozzHaJPG8Y~kFhB1XxlIHSDb1-9WdQ,STHP1hEWon8gEskwkahivxjD5N0bf7a6SkXdYDZgZrM,AQACAAE/flip%7c2017-02-28%7cIdentity-0

flip messages for example at

SSK@mMxqcIuAJZ~9OozzHaJPG8Y~kFhB1XxlIHSDb1-9WdQ,STHP1hEWon8gEskwkahivxjD5N0bf7a6SkXdYDZgZrM,AQACAAE/flip%7c2017-02-28%7cMessage-0

Note that they are inserted without any manifests or other added cost to keep latency low. This is from current work on FLIRCP thanks to TheSeeker (see https://github.com/ArneBab/flircp/ ).

Use KeyUtils to check the keys.


Theft! A history of Music

Theft-thumbnail.png

Theft

I'm at page 87 right now.


Scientific exploration of Freenet as a social space

"Diagram of a Darknet: Exploring the Characteristics of an #Anonymous Space Online" — by +Roderick Graham

http://www.academia.edu/30683064/

This is something I'd long wished to see. From experience it's clear that people on Freenet are a strange mix, but this is the first investigation I saw into the social groups in Freenet from the perspective of social science.

Practically it shows that we have been underestimating the societal importance of Freenet as an archive — despite users asking for "Freenet as backup solution" quite often. Deep social dynamics could be a driver of the lasting popularity of the keepalive plugin

  • the above Keepalive is broken, but there is a working version of

Keepalive from TheSeeker

Abstract: Journalistic accounts describe the Darknet as the
"Wild West" of the Internet – a space for unsavory, criminal behavior.
We apply Merton's strain theory to argue that the activity found on
darknets is a result of a disconnect between the goals of private
communication online and an Internet that is routinely
surveilled. We use a random sample of 420 websites, or
"freesites" as the primary unit of analysis. We ask two
questions. First, what types of content are found on Freenet? We
observe a wide array of content, consonant with a strain theory
perspective. Second, we ask w hat are some of the characteristics
that define Freenet as a unique space? We describe three
characteristics: (1) Freenet is an archive of subcultures, (2)
Freenet is a nonmarket space, and (3) Freenet is a digital
wilderness.


On Paranoid Release Management

When I published the first version of Freenet Release Management
users on FMS harshly criticised that I did not check hashes of jars I downloaded, nor of GPG signatures — I violated well-known good practice (which is rarely followed, but should be). In response I did all the tests possible to check whether files were corrupted — i.e. using a man-in-the-middle attack — and now the release VM is as well checked as I can make it.

Thank you for this.

Taking all possible precautions is less convenient than just downloading stuff from the clearnet, but it is good practice for a reason: The more care we take on securing our environment — the more paranoid we act where we can actually change things — the less likely we are to be attacked. And I don't want to be attacked. I want to make myself so utterly replaceable for Freenet that taking me out would only cost someone else 30 minutes of setup until we have a new release manager in place. And then maybe someone anonymous.

Yes, this feels paranoid. But acting paranoid does not mean you're not followed. And thanks to GPG, hashed data and version tracking, we can ensure that attacking the release manager does not allow attacking Freenet users.

I do not want to be in a position where I could de-anonymize Freenet users.

As long as we can provide that, I can feel safe as release manager. Please help me with that by holding me to high standards.


Freenet release test (help needed)

I just made my first full Freenet release, using a test key to avoid disrupting the network in case I made a mistake (so your node will not update to this automatically).

If you want to help test whether everything works, please go to the auto-update config page in advanced mode ( http://127.0.0.1:8888/config/node.updater?fproxyAdvancedMode=2 ) and replace the key with

USK@82nyT~XJlSSX6pK0MBfJ8Qg4VB8BftFkUiE6KdA77GE,B3PZFyjq90O~zpzS8Dx0DC8KlTmAlWqr9Bzx3tiQlsE,AQACAAE/jar/1475

There are no changes compared to 1475, except that I did the release.

For information about my release process, see

Freenet Release Management


documentation for releasing freenet

The past few months I've been building my release manager setup and documenting the path to get there. I'm now almost there (I hope) and uploaded a freesite with all the steps I did till now (I plan to update it with anything else I have to do):

Freenet Release Management

The instructions on the site include a full set of fake key and server setups to allow for safe experimentation without actually needing the real freenet update keys. Also I just started uploading the freenet release disk image (for qemu, documentation for using it is on the site linked above) to make it easy for anyone to experiment with doing fake freenet releases. However it's 5.5 GiB compressed, so the upload will take a while :)


FMS Discussion about Freenet on Android

The past few days there were repeated questions about Freenet on Android. There was a discussion with practical experiments using Freenet on Android:

http://127.0.0.1:8080/forumviewthread.htm?messageuuid=0EF9D0D2-AD8A-4DFD-93EA-CEEE9021F5B5@VJ9oYII2UQ82Ii7EHFb9yHVWJ2gRE9cuvMqlnJujH8#0EF9D0D2-AD8A-4DFD-93EA-CEEE9021F5B5@VJ9oYII2UQ82Ii7EHFb9yHVWJ2gRE9cuvMqlnJujH8

You can also find this in FMS archive

Look there for the current answers.


Überwachungsmaßnahmen 2016

ueberwachungsgesetze-massnahmen2016-cc-by-nc.png

FOSDEM 2017

I'll be at FOSDEM 2017-02-04 in devroom K.3.201 with my talk starting 17:00!

Full Schedule: https://fosdem.org/2017/schedule/day/saturday/

This is not a Freenet talk but a Guile talk, but might be interesting anyway.

Who else will be at FOSDEM?


money poll: robust top 20

The most robust result of the poll is: we should definitely do these five tasks:

  • Darknet invitation bundles (requires single use references)
  • Improve FProxy CSS3 support to allow better Freesite UI
  • Friend requests, like in Facebook
  • Short node references
  • Keepalive

  • Finishing the first iteration of Web of Trust speed fixes (1)
  • Fixing the installers (2)

These 7 tasks together are already estimated as 17 person-weeks, which
would leave us 15% buffer for unforseen problems.

Details in Alternate evaluations to get a robust top 20

As well as in the discussion threads from December 2016


been there done that

been-there-done-that-johan-franklin.jpg
been-there-done-that-quote-danielle-allen.jpg

Dear citizens of the USA… — The Germans who hope that we won't have to repeat history with switched roles.

Unsurprisingly the other side answers with long-exposed lies and FUD.


Thinning Arctic Ice, 34 years visualization

Thanks for all the fish

AGU publications published "The world's biggest gamble", a short commentary on how to go on with climate change.

(Open Access: cc by)

I am hard pressed not to become sarcastic. Not because the commentary is wrong. It's spot on. But because we, as a species, are …

I'll stop speaking my mind for now. Let's hope that hope wins against frustration and our children don't have to pay too dearly for the idiocy of my generation and the generation before.


"Building the darknet one ref at a time" - ts

That's what we have to do. If you invite three people and help those of your friends with similar interests to connect¹², and the people you invited then do the same, we get exponential growth.

¹: Helping your friends connect works as follows:

  • ask: First ask your friends whether they want to connect to others.

Just go to the friends page, tick the checkbox next to each of the friends you want to ask and click the drop-down list at the bottom named -- Select action --. Select "Send N2NTM to selected peers" and click "Go". A text field opens with which you can send a message to all the peers you selected. I typically ask something like "Hi, do you want to connect via darknet to fellow pirate party members?" (replace "pirate party members" by whatever unites the group of people you're asking).

  • noderefs: Go to the friends page in advanced mode (

http://127.0.0.1:8888/friends/?fproxyAdvancedMode=2 ). There you find a link named "noderef" next to each name. Just download the noderefs of the people who want to connect.

  • introduction file: Then copy them into a text file and add a short

description of each person before the persons noderef.

  • upload: Now upload that text file. I use freenetupload from

pyFreenet for that, but regular insert via the browser ( http://127.0.0.1:8888/insertfile/ ) works as well. When the upload finishes, you'll find the link on the uploads page ( http://127.0.0.1:8888/uploads/ - see the column "key").

  • message: Go to the friends page again (I'm lazy and use simple mode:

http://127.0.0.1:8888/friends/?fproxyAdvancedMode=1 ), tick the checkbox next to each of the friends you want to help connect and click the drop-down list at the bottom named -- Select action --. Select "Send N2NTM to selected peers" and click "Go". A text field opens with which you can send a message to all the peers you selected.

  • write and send: Write something like "The following link includes

the noderefs of people you might want to connect to. Just copy the noderef (from 'identity' to 'End') into the text field on http://127.0.0.1:8888/addfriend/ if you want to connect. If both of you do that, your freenet nodes will connect". Copy the link to the uploaded introduction text file into the text field (below your text) and click "Send message".

²: Only connect those with similar interests (who might in the real world meet in a club or at work or who are related by blood or association). This is needed for efficient routing in Freenet.


fniki is much easier to use than I thought

See fniki howto

Naturally it's a fniki.


How to share a bookmark with your darknet friends

Just click at http://127.0.0.1:8888/ on [Edit] (my bookmarks). Then you see "Share" next to each bookmark.

When adding a bookmark you can directly choose with whom to share the new bookmark.


EFF Whitepaper on IP Addresses

Eff-Ip-Address-White-Paper.pdf

Educating Police and Judges on IP basics.


Celebrating FMS

People on FMS are right now writing a big thank you to SomeDude for writing FMS. And I think that is great!

Thank you SomeDude for FMS

From me, too: Thank you, SomeDude!

If you do not run FMS yet, you can access the currently written messages directly via Freenet:


A clean way to devise a roadmap democratically

Something I only understand now, which I wish I had had before.

Steps to devise a roadmap democratically, which avoid the problems of the current process:

  • Propose this method. Only go for the next step if there are no strong disagreements or alternatives (including "let's not do this") which get more support.
  • Clearly define the scope (i.e. decide on a roadmap or spend a fixed amount of money or get a clearer picture of the wishes of the community)
  • Define who takes part in the vote (i.e. active contributors or active developers or donators or long-term users or all users)
  • Gather tasks. Ideally use existing roadmaps.
  • Refine tasks: complete list of non-overlapping tasks. Described briefly.
  • Add effort estimates to tasks, i.e. in person-weeks - from developers. If no consent can be reached for the effort of a given task, you can provide the range of the effort estimates. Now the tasks have a short description and the required effort.
  • Ask users "in which order should we do these tasks?" (i.e. assign letters A to Z)
  • Decide with a clearly defined flavor of the Condorcet method (i.e. Benham).

With this, users know beforehand how many of the tasks in their list could be done with the amount of development time available. If we have money for 20 weeks, people are unlikely to choose a 30 week task as first task, because then nothing will be done when the money runs out. That way it's transparent what a given vote stands for.

You can find a Python-implementation of different evaluation methods in freenet-task-planning-poll-methods/browse/evaluation.py.

If we don't have time for clean gathering, revising and cost estimation, do not use a democratic decision for such a complex task. Complex Democratic decision making takes time, because it is necessary to ensure that all who are eligible to vote have all information necessary to take an informed decision.

Instead, reduce the scope to just getting a sorted wishlist. That’s quick and easy to do democratically.

Only ask people to decide on things we can deliver with the resources we have.


I was targeted by an attack on GnuPG/PGP

See the details on the Sharesite gnupg-attack

Or check my website in the clearnet: draketo.de/english/gnupg-attack


20 years of KDE, the book

Infocalypse repo:

hg clone freenet://ArneBab/20-years-of-KDE

If you like it, donate or buy it: https://20years.kde.org/book/


fms 77 vs. 78

Just as short note:

- st=m_db->Prepare("SELECT IdentityID FROM tblIdentity WHERE IdentityID NOT IN (SELECT TargetIdentityID FROM vwCalculatedPeerTrust);");
+ st=m_db->Prepare("SELECT IdentityID FROM tblIdentity WHERE (PeerMessageTrust IS NOT NULL OR PeerTrustListTrust IS NOT NULL) AND IdentityID NOT IN (SELECT TargetIdentityID FROM vwCalculatedPeerTrust);");

In short: Now only checks identities which are actually trusted. That should give quite a nice speedup.

Here's the full diff: fms-src-77-to-78.html

Created with:

diff -ur fms-0.3.7*/src > fms-src-77-to-78.diff

And parsed to html with:

cat fms-src-77-to-78.diff | pygmentize -l diff -f html -O full -o fms-src-77-to-78.html

My csv's in the task planning thing

If you are interrogated by police, do not ever talk.

They might be using the Reid technique to get you to confess a less evil crime than what they claim to be able to prove. And you won't find out before they get an emotional handle on you.

From Wikipedia: Reid technique

Under the Reid method used since the 1950s, falsely accused suspects were treated aggressively and told lies about the amount of evidence proving their guilt. Such exaggerated claims of evidence, such as video or genetics, led to potentially innocent suspects becoming overwhelmed.

Juan Rivera…was wrongfully convicted of the 1992 rape and murder of 11-year-old Holly Staker. A number of pieces of evidence excluded Rivera, including DNA from the rape kit and the report from the electronic ankle monitor he was wearing at the time while awaiting trial for a non-violent burglary. However, he confessed after being interrogated for several days using the Reid Technique.

You have the right to a lawyer. That's the only thing which is useful to say (until police stops using abusive methods).


Why there are few people on FLIP / IRC over Freenet

Today a user joined the #freenet channel in FLIP and asked why there are so few people there. The answer are timing attacks: Any realtime communication method allows correlation with your physical activity. Just by watching when you come online people can try to single you out. A note like "I'm going to buy something" could suffice to tie you to a PayBack card, or to a video surveillance recording — especially with Opennet where all users who take part are known, but not their Pseudonyms.

That means people in a high-threat environment cannot use realtime communication.

But for all than naysaying: For the majority of people here who want a pseudonym which cannot easily and provably be correlated to their reallife ID, FLIP is a pretty nice tool.

FLIP makes us independent of IRC networks. We can self-host our realtime discussions. And in theory (from its protocol and the data available) it could be improved to have delayed message support (for high-threat environments) and to re-read history on startup. It just has to be done by someone.


pyFreenet 0.4.1 with auto-spawn support in fcpupload

I just put up a new pyFreenet release:

pyFreenet-0.4.1.tar.gz

If you have Python3 and pip >= 8 you can get it with pip3 install -U --user pyFreenet. It provides a cleaned up fcpupload script with —spawn support (requires GNU/Linux):

pip3 install -U --user pyFreenet
echo 1 > testfile
fcpupload --spawn --fcpPort 9486 testfile 
# add -p 1 (high prio) and -e (realtime) for higher speed

It creates a Freenet node which listens at port 9486 (except if one already exists there), inserts the testfile, waits until the upload finishes, gives you a CHK link to the file and stops the node afterwards.

Also fcpupload now works again when used with a remote node.

This is tested by doublec, but still has rough edges (For example pip3 install can fail with error: option —single-version-externally-managed not recognized). But it works: people who have Java and Python3 installed on GNU/Linux can now upload files into Freenet without having to worry about Freenet at all — even without ever seeing it.


EWS 3.0 nimmt langsam Form an

Efficient commandline multiprocessing with Python3

Assume you want to run multiple commandline programs, but since you have odd file names, GNU parallel would subject you to lots of quoting hassles.

Using Python3 you can do it efficiently - both in terms of always having a process running on each processor as well as in terms of being fast and easy to write.

import subprocess as sp # for calling your program
import shlex # to split a command as the shell would, but without the security issues of a real shell
import concurrent.futures as con # for a thread pool
# first get the thread pool
with con.ThreadPoolExecutor(max_workers=4) as e: # 4: number of processors
    for i in range(100): # any kind of tasks
        cmd = shlex.split("echo '{}'".format(i))
        e.submit(sp.check_output, cmd, shell=False)

That's it. Ensure to have readline activated in your Python so you can build these commands incrementally.

Happy Hacking!


Activate readline in Python

No commandline interface is complete (or even remotely usable) without readline support.

This is what I have in my ~/.pystartup:

# Add auto-completion and a stored history file of commands to your Python
# interactive interpreter. Requires Python 2.0+, readline. Autocomplete is
# bound to the Esc key by default (you can change it - see readline docs).
#
# Store the file in ~/.pystartup, and set an environment variable to point
# to it:  "export PYTHONSTARTUP=/home/user/.pystartup" in bash.
#
# Note that PYTHONSTARTUP does *not* expand "~", so you have to put in the
# full path to your home directory.
#
import atexit
import os
import readline
import rlcompleter
#
historyPath = os.path.expanduser("~/.pyhistory")
#
def save_history(historyPath=historyPath):
    import readline
    readline.write_history_file(historyPath)
#
if os.path.exists(historyPath):
    readline.read_history_file(historyPath)
#
readline.parse_and_bind('tab: complete')
#
atexit.register(save_history)
del os, atexit, readline, rlcompleter, save_history, historyPath

Happy Hacking!


Using –1 as USK version number also gets 0

This was discussed recently in FMS and someone claimed that it's not possible to always just get the latest version because –1 cannot redirect to 0.

I tested it: That statement was wrong: USK=…/-1/ happily redirects to USK=…/0/ if that is the latest version.

However I'm not sure whether this only works if your node already knows the key version 0.


Freenet over Tor

See the article by doublec: Freenet over Tor


An efficient way to remove content from freenet…

… is to upload large quantities of content many people in Freenet wish to access, so they keep the data alive and your subsequent uploads have a larger chance of displacing remaining blocks of some content you actually want to remove.

To say it with XKCD:

constructive.png

cc by-nc, from Randall Munroe via xkcd 810

It's not quite a perfect solution, because those answers might be constructive, but still bury answers which are more constructive, so mediocre answers could drown out great answers. But it gives people the chance to find good things.


in case anyone thinks voting is easy…

Here's an implementation of the debian voting system I just found:

debian-vote-0.8.tar.gz

debian-vote-0.8.tar.gz.asc

(from http://www.seehuhn.de/pages/vote — I chose that one because it has a tarball)

Just unpack and ./configure

Then create a file which looks as follows

V: 123
V: 213
V: 3--

With each line being a vote which orders a set of options from most preferred to least preferred (in this case 3 options).

Then run ./debian-vote [your file]


Task planning value poll documents

The following are the documents for task planning. Fill out either of them and post them or a Freenet-Link to them on FMS, Sone, a freesite, FLIP or the devl-list.

FreenetTaskPlanningStage3.csv

FreenetTaskPlanningStage3.ods

In the files there is one value at 10, because the original version used a value of 14.925 to fit the 1000. This is not a hint that you should put 10 there, just a simple measure to ensure that you can distribute points without having to calculate the total value - as long as you always add only what you subtract.

If it goes as I think best, this is just an opinion poll, not a binding vote. So please give your honest opinion about the value you think completing a given point would provide for Freenet.


there's no temporary mitigation; opennet is the temporary mitigation

That's from Florent / nextgens. Perfectly captures the relation between darknet and opennet.

If you want to be safe, get people you know to start using Freenet and connect to them over Darknet. Confidential N2N messages to your friends are a nice bonus you gain from that.

(context: over the years many people suggested to make a semi-trusted darknet to mitigate the problem that some people do not know enough friends to connect. That's what Opennet provides)


Stats down: stats node was heavily loaded

Short note: The stats page shows a heavy drop of IDs online IDs. That's an artifact of overload on Steves node. He fixed it and it will be up at the value from a week ago within a few days.


Die Principia Diskordia

Eins der Werke, die ich hier her kopieren darf, und die eigentlich längst hier hätten sein müssen :)

Die Principia Diskordia

CC by-nc — zum Werk passend die umstrittenste der CC Lizenzen :)


Publish in under 6 minutes with Freenet and Sharesite

A short screencast which shows how to get your own Freesite in about 5 minutes.

freenet-publish-somewhat-aligned-audio.webm

(I know it's not perfect. Please make a better one if you can)

Details:


Video Contact Sheet, a free video thumbnailer

I looked for video thumbnail generators, and this is the best I found — the LGPL licensed bash-script vcs

(be sure to use —anonymous)

From http://p.outlyer.net/vcs/

Full sources: vcs-1.13.2.tar.gz

Requirements (most desktops should have all, or most, of them): ImageMagick (at least version 6.3.5-7) (convert, montage and identify commands), mplayer or FFmpeg (preferably both), and some common stuff available on most sane desktops: bash (≥ 3.1) (for bash v2.05b use vcs 1.12.2), sed, grep/egrep, getopt and cut.

What would be even better is if someone could create a thumbnailer which chooses frames based on a measure of interestingness — for example gradients in the stills, as it is done for images. Examples (sadly the full versions are all paywalled, but the abstracts should give you a hint what I mean):


1475 is risky: If you don't want it to break your setup, please test it!

Florent released 1475-pre1 last saturday. Please test it — especially if you use Windows (since no core dev uses that) but also on GNU/Linux and MacOSX!

https://emu.freenetproject.org/pipermail/devl/2016-June/039045.html

./update.sh testing

Fun with stenography

erwacht-das-erbe-der-ranmex.jpg

(not quite steganography, but without the text around it, it's pretty close to steganography for those who don't know the shorthand system Deutsche Einheitskurzschrift (DEK) ☺)

More info in German: Die Ranmex


the audio tag (in 1474)

//

Fun:

Thanks to the mp3 fixes from bertm and thanks to Florent merging my audio-tag work, the above now works (if you run next built from source or at least build 1474 which is not yet released at the time of writing). We finally have convenient music in Freenet!

(the song is the Hero of Freenet, adapted from the Hero of Canton from Firefly)

Use it like this:

<audio src="https://d6.gnutella2.info/freenet/CHK@isWfMMvheTKf37kgQi~CM82Xtgo5D5J8p-Q0C61T5~E,RaXwRgxI5DzMP9WqCClvIn5mWKt-GiUYKx1CVCAwGhs,AAMC--8/the-hero-of-freenet.mp3"
    type="audio/mpeg" style="height: 20px" controls="controls" preload="auto" ></audio>

Omnia kommt nach Karlsruhe! 23. July 2016! Vorverkauf bis 11. Juni!

http://spectaculum.de/termine/karlsruhe/

Mittelalterbands:

  • „Saltatio Mortis”
  • „Faun”
  • „Mr. Hurley & Die Pulveraffen”
  • „Omnia”
  • „Saor Patrol”
  • „Cobblestones”
  • „Rapalje”
  • „Cultus Ferox”
  • „Metusa”
  • „Duivelspack”

Stelzentheater:

  • „Feuervögel”

Gaukler:

  • Kontaktjonglage „Kerry Balder”
  • Kraftjongleur „Bagatelli”
  • „Jeremias”
  • „Lupus”

Feuerformationen:

  • „Cross Fire”
  • „Danse Infernale ”

Weitere:

  • Kindertheater Zauberer „Heiko”
  • Fechtkampfgruppe „Fictum”
  • „Dudelsack- und Drehleierworkshops”
  • „Tanzworkshop”

hotfix testing release, please test!

There's a testing release with hotfixes for three pressing problems:

  1. When a bandwidth less than the minimum bandwidth is configured, the

node no longer fails to start, but uses the minimum bandwidth instead.
This fixes a regression introduced in build 1473.

  1. Selecting the monthly bandwith limit failed and only allowed

setting
the minimum bandwidth.

  1. A metadata validation bug that has plagued Frost users for the past

two days is fixed, which caused most of the affected node's requests to
stall after a malicious splitfile is fetched.

Update with ./update.sh testing
(this will connect over the internet, don't do this if you're using pure darknet)

For details, see the mailing list or the fms message:


Planning Freenet tasks in Freenet

bertm is regularly uploading the task-planning Freesite to enable anonymous users to take part in the discussion:

Submit your comments to the following FMS thread so they can be integrated by non-anonymous folks:

I don't agree on using Google Docs for this, but as long as it isn't important to the workflow (though only because people proxy — thanks go to Ademan and bertm), I'll take part.


Today I'll be 34

let's see what this day has in store ☺


Material to understand Freenet

For the basics, have a look at some slides I wrote: http://www.draketo.de/proj/freenet-funding/slides.pdf

If you want to go somewhat deeper, you can look at the articles I wrote about Freenet, as well as the wiki:

And if you want to go really deep, look at the papers:
https://freenetproject.org/about.html#papers

After that, there's only the source, the one true source of truth:
https://github.com/freenet/fred/

//


Sharesites with style…

I think all Sharesites should have a link at the bottom to get the stylesheet.

Yes, I'm the one who should do that — this is just a note to myself to remember doing it :)


1w6 Ein-Würfel-System in Freenet

Ich habe die Deutsche Druckfassung von 1w6.org in Freenet hochgeladen:

1w6 RPG, Deutsch

Die Seite enthält nicht nur die Beschreibungen, sondern auch das komplette Technophob-Regelwerk und 10 Jahre Charakter-Logs. Und sie funktioniert in Freenet gut.

Als Ergänzung habe ich das Grundregelwerk als PDF hochgeladen: 1w6-regeln-2.6.1i.pdf


The Hero of Freenet (Thank you, Firefly!)

Inspired by Hero of Canton (The Ballad of Jayne) from Firefly:
http://www.browncoats.com/index.php?ContentID=468740c2b0ff2

Update: seconds -> seasons, breakage -> problems.

Steve, the man they call Steve!

Ref:
He worked for a switch and he worked for the poor
Stood up for the man and he gave him what for
Our love for him now ain't hard to perceive,
The hero of Freenet, the man they call Steve.

Now Steve saw the gaters nodes breaking,
he saw the Mac folks lament,
And he saw that Oracle takin'
Every dollar and leaving five cents.
He said "you can't do that to my people!"
"You can't grab our folks by their throats!"

So Steve strapped on his hat
and in five seasons flat
fix the problems which sunk Freenet nodes.

Ref

Now here is what separates heroes
from common folk like you and I,
the man they call Steve
gave his grudges a leave
and fixed Windows boxes to fly.

He ran the Microsoft devtools,
He got those MacOSX bars,

The man they call Steve
gave his grudges a leave
then used Linux to head for the stars.

Here we go!

Ref

Head over to Youtube to hear how this could sound:

PS: If you plan to record this, please make a new, separate identity for that. Your voice and playing style are never anonymous. Chords are at the official Firefly website shown above (browncoats). I can already sing it OK, but I cannot yet play it right — maybe you'll beat me to it :)

PPS: And thanks to whoever once shared Masterharper of Pern mp3s in Gnutella, through which I found Filk music from which I now buy quite a few CDs every year and which became a home for me! Music which is shared on websites which are already being dropped from the Google index. Where else do you think would you meet 100 people who sing about everything from Pern to Lord of the Rings, DnD, Witchcraft, Hacking, Shadowrun and Harry Potter?


Goals for Salt donations at Bountysource

Hi,

I now set the Bountysource Salt goals I proposed in the previous mail (contained after this text):

See https://salt.bountysource.com/teams/freenet

copied here:

conference travel costs $250
We can now cover the expenses to get Freenet developers to conferences for spreading Freenet

  • yearly Freenet Hackathon $750

In addition to the conferences, this finances a yearly Freenet Hackathon to allow the farspread development team to actually meet in person and dedicate a weekend to the most efficient way of hacking: an in-person hackathon.

  • one paid part time developer $3,050

If we reach this goal, we can hire a part time developer (after taxes it's about 1.2k$ / month net salary).

  • one paid full time developer $10,000

At this point we can hire a dedicated full itme developer and push Freenet core forward much stronger, as well as ensure that contributions get reviewed and merged promptly (after taxes it's about 3-4k$ / month net salary).

It's now also linked on the donation page (
https://freenetproject.org/donate.html#donate ), so Salt for Freenet is
now as official as it gets.

Please comment!

Best wishes,
Arne

> Steve Dougherty writes:
>> On 03/07/2016 05:50 AM, Arne Babenhauserheide wrote:
>>> I'd like to revisit the discussion about monthly donations via salt on
>>> bountysource.
>>>
>>> We have an account with currently one anonymous monthly supporter and
>>> one non-anonymous supporter:
>>> https://salt.bountysource.com/teams/freenet/supporters
>>>
>>> This allows us setting actual monthly targets which people can check ---
>>> for example sufficient monthly donations to support a developer.
>>>
>>> If we want to make salt part of Freenet donations, I will put it on the
>>> donation page. If I remember correctly, the previous discussion was
>>> inconclusive, so I'd like to get your opinions again:
>>>
>>>
>>> Will we take salt money?
>>
>> I'd be fine with that.
>
> Since there were no other opinions, I consider this as general
> agreement. We will take Salt money.
>
> I added a pull-request to link Salt from our donation page:
> https://github.com/freenet/website/pull/51
>
> While I was at it, I also reworked the donation page a bit:
> https://github.com/freenet/website/pull/52
>
> So the next question rises: Do we set targets? Some ideas:
>
> - $250: cover expenses to spread Freenet at conferences.¹
> - $500: cover expenses for a yearly Freenet Hackathon.¹
> - $2300: one paid part time developer.²
> - \(7000: one paid full time developer.²\\ >\\ > Do you have other ideas?\\ >\\ > ¹: I'm not sure whether my cost estimate is correct. Does it fit your\\ > experiences?\\ >\\ > ²: Note that this includes tax --- it's about 1.2k\) / 3-4k$ net salary.
>
> Best wishes,
> Arne


I am darknet only again

There is now a detailed report⁰ how law enforcement tracks opennet downloaders (though the statistics are flawed pretty badly¹²). Since this is not only usable against criminals but also to track down anyone who accesses websites in Freenet, allowing censorship by threatening people with punishment for reading something, I decided to go dark again, so I can see which problems still exist in pure darknet.

However I have roughly 10 darknet friends (not all online at the same time), so my performance isn't actually that bad.

⁰: I'm not allowed to upload the report here, so I can only give a clearnet link to the white paper: https://www.ncjtc.org/ICAC/Courses/trngres/Freenet%20Investigations%20White%20Paper%20-Black%20Ice%20%20%28090413%29.pdf

¹: : the vulnerability to HTL18 they use has already been addressed in 2008, so any probability they claim using that is false. For every connection there is a 50% chance that all the requests (not only a single one) did not originate from the node from which we received them but were forwarded one step. So for 10 connection (the lowest value), there are 5 other nodes whose HTL18 requests are forwarded with HTL18, so the probability that a given HTL18 request originated at the node from which we received it is only about 17% (1 in 6). And this probability does not get better when gathering more requests of chunks from a specific file or a specific kind of files, because they can reasonably all be forwarded from a different node — the one which really sent them. The only way to get good statistics would be to connect to this node over and over again at different times when the peers of the node changed (that requires waiting at least 2 hours to change a significant number of peers — the only way to be sure would be to wait for the other node to go offline for more than 5 minutes and then to connect to it again). However screening out every node which ever sent a HTL17 or HTL16 request could improve the reliability a lot, though with significant cost. That doesn't change that their probabilities are calculated incorrectly, but could give them a pretty good hit rate on people downloading a large volume of material.

  • Code:

https://github.com/freenet/fred/blob/next/src/freenet/node/PeerNode.java#L1603

  • Commit:

https://github.com/freenet/fred/commit/4aaa08f11656af1dd857e45612763c9bd2d89fc2

²: Despite the flawed statistics they used, there are correlation attacks which are pretty easy in Opennet. Just have a look at a random selection of toads flog entries: Toad's Flog
The solution to these is to use Darknet mode (pure friend-to-friend) and to make using Darknet mode easier.

Also we can change the Opennet Port at every restart of Freenet to make continuous tracking harder.


logs from working two-step UOM

Thanks to pull request 514 by yadevel, two-step UOM as needed for the next release seems to work! https://github.com/freenet/fred/pull/514

These are my logs from the second working UOM update, gathered from the UpgradeTarget:

freenet-1470-2016-03-16-01.log.gz

freenet-1471-2016-03-16-01.log.gz

freenet-1472-2016-03-16-01.log.gz

freenet-1472-2016-03-16-02.log.gz

freenet-latest.log

freenet-previous.log


radio over Freenet… works!

my playlist plays!

mpv "http://127.0.0.1:8888/SSK@DZEGZu7A2yK~A9ghfJGzNahy71JVQiHXwMrRgcw8so4,gCR7WE5Xot10ulSivrvBhqXjIrkbxJ2QBYtfoVSQmUM,AQACAAE/m3u-radio-test-1/playlist.m3u"

This currently needs a custom built Freenet, since it relies on 3 not yet included pull-requests. To test it, see https://github.com/freenet/fred/pull/510#issuecomment-192769133 (sorry for the clearnet link, I don't have anything better right now)

mp3-based radio (thanks to bertm) with a simple m3u playlist for multiple song support. Und it seems to have that evil recursive playlist thing working :)


Trusted Friends, thanks to det

//

Trusted Friends, thanks to Libertatem Pugnator

This text was written by Libertatem Pugnator on FMS. It's the best explanation for whom to trust which I read till now. License public domain, WTFPL or by-nc-sa. "(link)":/SSK%40CHXMTXj-hXFhjjxBctNCHDfi4bHR-RwfHMimdnXHKZY%2CUTv54OQKNpnNLAkbEVEQMvLXuMOIfKZAvsLjKKCy25k%2CAQACAAE/fms|2016-02-28|Message-2?type=text/plain

Anyone you interact in over Freenet is just with text and binary information.

While any one you know in meatspace is more then that you have subtle facial cues when someone lies about their job or heritage, you can always follow them home and see what their personal space looks like.

Unlike over Freenet where every word you read is potentially engineered for you.

If you have enough evidence in meatspace that the person you know understands the need for anonymity and wants to help create more spaces for it, while not turning against you. Only in that case you have found a Darknet peer.

With that being said you can also do the same for people you met and have interacted with online only for several years.
Most would safely assume they do not have a plan to arrest/spy/fuck you over after so much time and memories you have shared.

To add: time and memories you have shared in a context where or when you weren't interesting for an attacker.


WoT trust list, anony-anonymized

nextgens called me up on not passing out the trust list with the literal IDs to make it easy for researchers to do analysis on the trust lists without having to bother that their results might de-anonymize people via correlation attacks. So I replaced all IDs with numbers (and deduplicated the trust relationships — some IDs were downloaded twice). The nice side-effect is that the file is now only 3.6MiB, uncompressed.

trust-deduplicated.csv


A WoT dumper in 129 lines of Guile Scheme (fixed)

crawl-wot.scm

(because I wanted to try)

Usage: guile -e main -s crawl-wot.scm

Dependencies: GNU Guile: http://gnu.org/s/guileguile-2.0.11.tar.gz

//

//


Answers for "I can't use Freenet"

Answer to a message in FMS

psst@GdwOemQBWXsp4XV0QKBmzn9-3p06AdYCQw—rfL5DYI wrote :
> ArneBab@-jtTqLLTLaRaqqNx4Jq9Kxw5ejhGDxkeCdlDN9ckH1w wrote :
>
>> Yes. And that's one of the reasons why we need Freenet: to wrestle back control over our communication channel.
>
> Good luck getting people to use it though.

Yes, that's something we need to fix. And there's a lot we can do for that. It's just a lot of boring work.

And thank you for that list!

Let's go through these and see which we could fix:

> I can't use Freenet. It's illegal! It isn't? How do you know?

It's created by a registered tax-exempt charity, how can it be illegal?

> I don't want people to think I'm some kind of paranoid nutjob.

Maybe we could quote the New York Times or the Guardian on the frontpage?

> Why don't you grow up, and just accept that you have to be ruled by authority? It's just the way the world works!

Democracy without free press is meaningless. Let's quote some presidents on this. Does anyone have a quote at hand?

> There's no need for Freenet, because nothing is wrong, otherwise my daily commute in my gas guzzler and my TV would be bad, and I like those!

You don't have to change your life to use Freenet. You do harm yourself quite a bit if you let others control your communication, though. They might make you think your life is bad.

> Get a life, you fat neckbeard.

Let's play some games on Freenet. We need more fun and life here, that's true.

> Why are you being so distrustful and negative? What are you hiding?

Did you see what they did to Edward Snowden?

> If I use it, then I'm helping terrorists blow us up!

If you let terrorists listen in on your communication, you help them scout out their targets!
(maybe that's a bit too aggressive…)

> It's slow!

Let's not advertise sending movies. Chat over Freenet is nice (FLIP/FLIRCP).

> I have to install two programs?

Need to recover flircp and enable it by default. Also advertise node-to-node textmessages (friend-to-friend talk).

Same for Sharesite and Darknet Chat.

> I'm not good with computers!

Freenet is easier to install than Starcraft.

> im confuse can i install without thinking loll??? I don't care enough to bother.

Yes you can. Most times it actually works.

> My computer says it's a dangerous virus!

Need to get fred whitelisted in more anti-virus databases… the new C# based installer should help. Needs released 1471.

> I'm not a hacker!

I don't break into computers either. And I don't want others to publish what I tell you in private.

> Is there an app for my iPhone?

There is something for your Android:

> Can't you just send me the files on Skype?

Sure, but I won't send anything I wouldn't also send to the local newspaper. Microsoft has been shown to actually try out login links sent by skype.

> I don't have time for this I have to go to work.

Just try again a few weeks or months later.


Short term solutions (stuff which should take less than 6 months to deploy):

Pitch Black Attack Defense using median distance

250-mean-median2-mean-peerdist.png
250-mean-median2-mean-lochist.png

(details some other time…)


fred infocalypse repo working again

I had broken the updating of the infocalypse repo. It's now fixed:

hg clone freenet://USK@3Xvf~RI-N8YC-xFtQIEnEwR~ZLC05UhQjQzKAS0lL4Y,PqTg9Y5Me6~WthiW5FoHG9Mq18c7oRbe0owRutJJJZc,AQACAAE/fred1.R1/129


Decentralize Everything

A great talk by Aral Balkan: Decentralize Everything

With Freenet Darknet we're already fully decentralized, but we miss the kind of interface shown here for Heartbeat. Anyone up for a design challenge?


Recover your keys from a broken WoT database

My WoT DB broke a few times. This is how I once recovered a private key I had forgotten to put into my (external) encrypted key file:

grep --text 'A.Q.E.C.A.A.E' WebOfTrust/WebOfTrust.db4o 

(in reply to a question by baffled from FLIP)

Happy Hacking!


Fixed simulation shows that Sandbergs fix stops the Pitch Black attack

I found a bug in the simulation by Michael Grube. Fixing that shows that the Sandberg fix blocks the pitch-black attack. That the link length distribution isn't great but much better than random shows that routing should still work well enough (I did not test that, though).

pitch-black-attack-fix-works-with-a-fix-to-the-algorithm.png
pitch-black-attack-fix-works-with-a-fix-to-the-algorithm-node-positions.png

Download:

Compare this to the link length distribution we had in opennet before the link length fix (where routing still worked, though not optimally): 6.2 Link length distribution before and after deployment

The code is here:

USK@qteH9dWOu8cnCWCLdii8Ht-7oI889zd5zbeRbVnbVNo,nI355HUzDsj~Ord1g8684—~iK8LNwbeX-DGcQWRo5Y,AQACAAE/pbsim.R1/1

(run ./testfixpitchblack.py )


The Oracle Java update breaks Freenet on Windows

nextgens: for those who wonder why we have an influx of windows users with broken JVM setups...
nextgens: it looks like oracle has decided to  auto-migrate java1.7 32bit into java 1.8 64bit where possible
nextgens: maybe we should document that users should reinstall a 32bit java1.8 to keep a functional setup

If your Freenet breaks, reinstall a 32bit java1.8.


I hope I did not make Linkageddon stop :(

You might have noticed that Linkageddon stopped updating. I hope that isn't because I wrote that we should have censored indexes. If it is, I'm sorry. That wasn't my intention.


Observed Climate Change Indicators

2016-01-04-ipcc-2013-climate-change-indicators.png

//


I'm a tiny bit worried

STOA-privacy-Break-out_sessions-allocation_03-12-2015.pdf

//

If you have something which you think should be said there, please condense it into less than 270 letters and write it in FMS, Sone or Freemail. I plan to check them on monday and write it down into my paper notebook.


misinformation about Freenet

Some of you might have seen the discussions on devl. If you read my messages, you know my opinion about them. This is my answer to a user who attacked the project with misinformation. It shows one more point why such discussions are problematic.

> A centralized model of authority servers run by trusted project
> members is the way to go.

This would be dumb, because it would turn us into central points of
failure.

> Freenet users have to trust you to not backdoor the program.

This is wrong, since users can check the code and test whether the
code release corresponds to the binary release with the verify-build
scripts: https://github.com/freenet/scripts/blob/master/verify-build

> Darknet is private not anonymous and lacks the quality of data
> availability after the publisher is offline.

This is wrong.

The rest of your message does not get better so I won't spend more
time on it.

Your message here shows clearly, however, that when we're wasting time
on rehashing discussions of things which we already found to be
contraproductive, we're giving ammunition to people who want to
disrupt Freenet development.

I agree with Ximin here. I answered the three most glaring
misinformations in the message to avoid others stumbling over them. I
should blog about them. (I hereby did)

For all who don't understand what Ximin means with psy-ops:
http://draketo.de/english/freenet/de-orchestrating-phk

De-Orchestrating Freenet with the QUEEN program


hybrid: towards a global Darknet

After I wrote It is a time for Darknet, someone asked me whether that means that Freenet is only for those who have at least 5 Friends running Freenet. That's not the case.

Adding a single Darknet friend while keeping Opennet enabled already increases your safety.

Even a single Darknet friend makes you less dependent on the seednodes. That's the hybrid mode. It's an important milestone on the road to pure Darknet, since as soon as most people run hybrid, using pure Darknet becomes much easier. Most of your Darknet friends will have other Darknet friends, and if you connect via pure Darknet, your requests will exit into Opennet at many different points.

So by adding Darknet connections you don't only increase your own safety, you also contribute to making Freenet safer for whistleblowers.

Florent/nextgens asked me on the devl list what I consider necessary to make Freenet safe for the usecases I care about. Those usecases are my personal one and whistleblowers. For the first, hybrid suffices (even Opennet alone would be enough if I gave up on confidential messaging with friends), for the second the answer is:

  • Darknet invitations (send a friend a zip with a prepared Freenet node

which connects to me without further interaction),

  • Darknet FOAF (connecting to friends of friends, so 3-5 friends give

you good performance and it doesn't hurt that much if friends are only online a few hours each day),

  • transport plugins (to hide the connections from ISP-level

monitoring),

  • WoT with faster bootstrapping (getting the initial IDs).

On censored indexes…

I always thought that the indexes should always at least include a way to get a full listing of the sites known to the maintainer. Over the past weeks I changed that stance. I still think that it is good to include all sites in a parsable way. The sites.xml format spearheaded by Linkageddon and also used by Enzo's Index is great for this. But I no longer think that an index maintainer should be required to list all sites there, even the ones not listed in the index.

It is not hard to get a list of all sites by running YaCy, but creating good indexes with interesting content is hard work. So if you want to create an index which only lists sites you do not deem as offensive — or only those you consider interesting — please go for it.

If you manage to update regularly, that could help Freenet a lot, because we could put it into the default bookmarks and improve the initial impression new users get.

The "free speech means anyone can say anything, I'll shove your face through all the stuff you won't like to ensure that you understand that"-feeling we currently give new users likely turns off many potential users. Just imagine how many people would have never touched the internet again if the first thing shown to them had been the nastiest of reddit-threads or twitter death-rape-threat-rages (not implying that these are the worst parts) and not the shiny gmail interface.

(as most others, this post is my personal opinion, not a message from the freenet developers)


Please don't trust us, run the validation scripts

Someone on Frost said "compromising the devs, and if that happened, we'd here about it real quick." and got the correct answer: "Of course they'd tell us straight away rather than cut a deal with the "bad guys". /:) Everyone has a price, whether it's money, employment, or impunity."

There used to be a tool to compare the dev built jars to the source. It might still exist. — mmaalfdks

I want to ask you on behalf of at least some members of the developer team: Please do not trust us completely. If all Freenet users trust us, you put us in danger. We do have a price — we're living people after all.

That's why there are the jar-file check tools with which you can test that what is released is actually created from the code. And some people can check and diff the code to ensure that it does not try to betray you. If there are people who check that (not necessarily the same), you keep us safe. If corrupting us cannot corrupt Freenet, there is little incentive for surveillance agencies to corrupt us.

Even if you do not have the time or skills to contribute to development directly, you might still be able to run the test scripts.

get the test scripts

Here's a tarball with the current state of the scripts (releases and verification): freenet-scripts.tar


The stegosploit tools served via stegosploit

stegosploit_tool.png

Enjoy how the content filter of Freenet butchers the exploit. You'll need to force an unfiltered download by appending ?forcedownload=true to the URL to get the exploit code.


Ademan ported Winterface to purge-db4o

Get it via

hg clone freenet://ArneBab/winterface

Or from https://github.com/ArneBab/Winterface


It is a time for Darknet

Seven years ago Freenet was reborn with friend-to-friend support. Most people complained that they have no friends running Freenet and started trading node references with random strangers, so Opennet was added — and this is still a common theme today. But for all you who read this, the time for excuses is over.

Seven years ago most people wouldn't have installed a program just to escape surveillance. Today many will do that.

You might say that you have no friends running Freenet, but that's not important. You know people. Colleagues. Family. Online aquaintances you've been talking with for a few years.

Invite them.

You don't need to tell them your pseudonyms or your freesites. Just invite them to connect with you over darknet. And if something breaks, tell us.

You might send them a mail asking them to connect with you for confidential communication as I did

Or write something yourself.

Maybe only one in ten will connect with you. That's OK. Even a single darknet connection makes you safer against attacks on seednodes. And that will be one person you can contact confidentially if you run into problems.

Darknet is the only structure which can survive on the long term. So invite the people you know to connect with you over Freenet. If you already tried that before, just try again. Sometimes important things take persistence, and confidential communication is important. In these days of pervasive data mining more than ever before.

It is a time for Darknet.


Günther Oettinger

A freesite reaches everyone in Freenet

Just as a reminder: If you want to reach all people in Freenet, create a Freesite and add a Bookmark link. That way your updates reach all people in here.

And this is really cool: We have a distributed tool which can really reach everyone here and which is dead easy to use — or at least it will be once ShareWiki becomes an official plugin (I'm working on that).


1944 CIA field manual on how to sabotage enemy workplaces from within.

cia-1944-field-guide-sabotage-enemy-organization.jpg

From The CIA (yes, the real deal)

(you might not want to click that link, luckily Freenet will warn you if you see this in Freenet; yes, going to the website of the CIA will definitely jeopardize your anonymity — you could only top this by going to the website of the NSA ☺)

Thanks to Bryan Gaensler


plugins relying on db4o? Please check!

As you might have seen there were discussions on the devl mailing list about splitting up the bulging beast of freenet-ext — or rather: Objections from me on doing so in a way which might break plugins.

We don't know all non-official plugins — and can't know them — so I'd like to ask you whether any of your plugins rely on db4o from fred. If you know a plugin developer who isn't here, please forward this question.

If there are no non-official plugins which use db4o, then we can remove db4o from ext and include it directly in the plugins — which will for example allow updating db4o and will make packaging much easier.

If you can check that, it would help us a lot!

You can reach us on FMS (board freenet), Sone or flip (#freenet channel). People might also catch your messages if you write on Frost.


DoJ: Apple licenses software, so it has to decrypt

From Cory Doctorow http://boingboing.net/2015/10/23/doj-to-apple-your-software-is.html

The DoJ is currently trying to force Apple to decrypt data stored on a defendant's Iphone, and Apple, to its great credit, is fighting back, arguing that on the one hand, it doesn't have the technical capability to do so; and on the other, should not be required to do so.

A new filing from the DoJ attacks this second point in a novel and far-reaching way. The Justice Department lawyers argue that because Apple licenses its software — as opposed to selling it outright — that it is appropriate for the government to demand that Apple provide assistance in its legal cases.

To my knowledge, this is an entirely novel argument, but as I say, it has far-reaching consequences. Virtually every commercial software vendor licenses its products, rather than selling them. If the DoJ establishes the precedent that a product's continued ownership interest in a product after it is sold obliges the company to act as agents of the state, this could ripple out to cars and pacemakers, voting machines and tea-kettles, thermostats and CCTVs and door locks and every other device with embedded software.

(the quoted part in this entry is licensed under cc by-nc)


Winterface: Where the Freenet GUI should be headed

freenet-winterface-2015-10-06.png

There's an infocalypse repo you can get via

hg clone freenet://ArneBab/winterface

or

hg clone freenet://USK@6~ZDYdvAgMoUfG6M5Kwi7SQqyS-gTcyFeaNN1Pf3FvY,OSOT4OEeg4xyYnwcGECZUX6~lnmYrZsz05Km7G7bvOQ,AQACAAE/winterface.R1/13

Also it's on github:


preserving Gantros flog via shoeshop

Gantros has left us, as we know from his/her supporters who had the key in case of problems: Goodbye World

I said goodbye in the last Sone post of Gantros

I downloaded the last version of the flog authored by Gantros as well as this final information with Shoeshop, so we can reinsert them if they should happen to fall out.

To upload these you need the Shoeshop-plugin


Up-to-date infocalypse freesite and repo

I started a small site to give up to date information about infocalypse and pyFreenet: infocalypse_and_pyFreenet

Develop over Freenet, safely. General Information site. Tries to keep it short.


Category software missing from default bookmarks (sorry)

Due to an error on my side while reorganizing bookmarks, new nodes were missing the complete software category. The fix is simple: use the right name for the documentation category and change the index-numbers in software to actually start from 0 — likely I had moved one last bookmark short before committing which killed the zero bookmark. There's a pull-request and the fix should be in the next release.

I'm sorry for the trouble this caused. No wonder newbies had problems finding FMS…


port forwarding in a screen

If you don't want to or can't fiddle with system files, but you want to forward Freenet to your current system, you can simply run the port forwarding in GNU screen:

$ screen -RR # recover an old, detached screen, or start a new one.
$ while true; do 
  ssh -NL 8888:localhost:8888 \
  -L 4242:localhost:4242 -L 8080:localhost:8080 \
  -L 8088:localhost:8088 -L 8889:localhost:8889 \
  -L 9481:localhost:9481 -L 9482:localhost:9482 HOST;
  date; sleep 5; done
(hit CTRL-a d to detach the screen)

Ports: 8888 (freenet), 4242 (quassel), 8080 (FMS), 8088 (Winterface), 8889 (second Freenet node), 9481 (FCP control of Freenet), 9482 (FCP for second node).


Klarnamenspflicht hilft nicht gegen Nazis, sondern bedroht Diskussionen

Die Pflicht zum gesicherten Klarnamen bringt keine Verbesserung — schon heute hetzen viele Leute mit Klarnamen.

Das Gegenteil ist der Fall: Die Klarnamenspflicht ist eine Bedrohung für all diejenigen, die sich gewaltbereiten Nazis argumentativ entgegenstellen. Die müssen dann nämlich mit physischen Angriffen rechnen.

Als Hintergrund: Ein Blogger gibt auf

(leider darf ich das wohl nicht hochladen…)

Ein Blogger gibt auf, weil er und seine Familie massiv bedroht
wurden. Die Erklärung von Heinrich Schmitz, Ex-Kolumnist von The
European und ehemaliges Mitglied der Initiative #HeimeOhneHass, im
Wortlaut.


Dayblind, a cyberpunk novel published incrementally on Freenet

Yay!

The author is IOKU from Sone


Python to Guile Scheme — Freenet exclusive version

This is the Freenet exclusive ebook. If you got it via other channels, please install Freenet and share it there! https://freenetproject.org
— when free speech dies we need a place to organise!

You get this, because you cannot buy it without exposing your identity. And because by using Freenet you contribute to securing free communication.

If you like the book and you don't fear for your pseudonymity, please buy the paperback or regular ebook! draketo.de/py2guile

py2guile-book-image-300x425-brighter.jpg

follow the blue rabbit


= 🐇 =
follow the blue rabbit
through the looking glass
to find your real self
= 🔍 =


„Weitgehend von der Öffentlichkeit unbeachtet“

Falls mal jemand eine Webseite über politische Korruption schreiben will, wäre das ein toller Titel…

Hat auch gleich ein Kürzel: WevodÖffu ☺


scheme-based FCP library (Racket and Guile)

Dinky's Evil Twin (sone://EWtk1limedjBM2LnGE3~z98tC8bLTu9ryLIMcFgg8PI) created an FCP tool for Racket and Guile:

  • Racket:

fcp.rkt

  • Guile:

fcp.scm

This started with an alternate Python FCP library:

For details see the Sone-Thread


Lunar eclipse tonight

There will be a lunar eclipse this night. See http://eclipse.astronomie.info/2015-09-28/

The total eclipse starts at 4:10 MESZ (UTC+2) and ends at 5:23 MESZ. 4:47 MESZ is the darkest point. I plan to get up around half past 4 and wake the little ones so we can enjoy the red moon together :)


Roter Mond, überm Silbersee,
Feuerglut wärmt den kalten Tee,
Kiefernwald in der Nacht,
und noch ist der neue Tag nicht erwacht.

Roter Mond, played with my 12-String

//

PS: the upload of Earth Warrior finished. Get it while it's hot :)

Earth Warrior


cronjob: update freesitemgr site at random

I created a cronjob which chooses a freesitemgr site at random and uploads it with some obfuscation. Throw it into /etc/cron.hourly/ and make it executable (chmod +x /etc/cron.hourly/17-freenet-update-random-freesite.cron) to have one upload per day. It will upload on average once every 24 executions.

The purpose of this script is to allow people to upload several different freesites without exposing that all of them come from the same person.


Activism, Larp, nature and a pagan folk band playing reggae

Earth Warrior

(also "you may copy it on any kind of medium", which I hereby do ☺)


Ask yourself whose Freedom it is

If the office worker has most opportunities, it is the freedom of the office worker. If the capital owner has most opportunities, it is the freedom of the capital owner. Look at BitCoin and ask yourself, whose Freedom it is.
— lose translation from Die Schmetterlinge (1977)

bitcoin-freedom-quote.png

http://draketo.de/zitate.html#bitcoin-freedom


my first paper is peer-reviewed! ☺ happy

Comparing the CarbonTracker and TM5-4DVar data assimilation systems for CO₂ surface flux inversions

On the clearnet you can find it on http://www.atmos-chem-phys.net/15/9747/2015/acp-15-9747-2015.html

The supplement includes the full sourcecode for the plots as well as most plotted data (as much as I could release), and all of it is licensed under CC by-sa (our institute changed its policies, and now open access licensing is the preferred form of publication! It's hard to overstate the significance of that decision — say again that you can't change big institutions ☺).

babenhauserheide2015-acp-2015-128-discussions-f12-thumb.png
babenhauserheide2015-acp-2015-128-discussions-f13-thumb.png
babenhauserheide2015-acp-2015-128-discussions-f04-thumb.png
babenhauserheide2015-acp-2015-128-discussions-f05-thumb.png

Profile based privacy for Pseudonyms: A legend

I've long been thinking about profile-based privacy.

When I create a new anonymous Pseudonym, it should create an activity profile based on common patterns. Some people are active on weekends, others write in the evening of their time zone, or in the lunch break at work. The definition of weekends differs across the world. And this differs by language (English is pretty widespread and Spanish is only missing in Asia, but if you speak Japanese any timezone outside Japan is unusual).

Then there are the holiday seasons. The system should automatically choose a holiday season and then stop updating during a randomly selected interval in the holiday season.

What else is there?

The cost of this is that communication between these anonymous Pseudonyms is slower than between non-anonymous people, since a reply can only arrive in the next activity interval after it was written. And it needs a minimum wait time to avoid spilling your real communication pattern by replying too quickly (when the real activity time and the fake one overlap).

Essentially we need an automatically created and enforced legend, an expanded version of bug #4753

To discuss this, please come to FMS, public forum, thread "Holiday season and security of Freenet/FMS".


Using Freenet for Static Websites in the Clearnet

Have a look at the article from Bluish Coder

Freenet now directly powers his clearnet site via nginx serving as reverse proxy. And yes, the URLs are nice: bluishcoder.co.nz/2015/09/14/using-freenet-for-static-websites.html

Happy Hacking!


no longer working darknet connection after restoring from backup

Some months ago there was an update to the crypto which causes the node to compute new types of (more secure) keys. If you restore a backup from before this update, your node will compute a different set of keys, breaking all your darknet connections.

So best do a backup of FREENET_FOLDER/node-PORT right now. And keep it somewhat up to date.

(this already struck twice: once it killed all my darknet connections and just now it killed the connections of one of my darknet friends)

Ideally when this occurs the Freenet UI should show a warning: "The secure keys for Friend NAME changed, but the old, insecure keys still fit. Either this is a MitM attack, or your peer restored from an ancient backup. [disable peer] [update peer (I asked and he or she restored from an ancient backup)]"


get the test scripts

> So, if you can, please run the release-checks. They are the
only effective protection against corruption of the whole network by
compromised-and-remote-controlled developer-machines.

Is there a guide of how to do this? It's probably possible to spin up a VM with a specific build environment we can check against but the key thing is to know what that evironment is.

Toad wrote about that in 2012

I just cloned the maintenance scripts repo into Freenet:

hg clone freenet://ArneBab/freenet-scripts

This needs Infocalypse with WoT integration

If you use Infocalypse without WoT, you can clone the repo via

hg clone freenet://USK@6~ZDYdvAgMoUfG6M5Kwi7SQqyS-gTcyFeaNN1Pf3FvY,OSOT4OEeg4xyYnwcGECZUX6~lnmYrZsz05Km7G7bvOQ,AQACAAE/freenet-scripts.R1/1

(both links are equivalent — the WoT one is just shorter and easier to memorize :))


More optimized streaming

Warning: Running arbitrary commands like these can be dangerous for your anonymity and your system: m3u8 playlists can trigger access to any resource, even local devices. If you want to be safe, read the playlist file before running the command.


mplayer -prefer-ipv4 -fixed-vo -nocache -playlist SSK@vJ9s3JNTQZDKADPcFyAj7XyL0gtVSC3~Lc3ewvoA2KI,2Ft9oY0SrCJH83E9OYTATEPN7G~9LjizmjVoMiUeU80,AQACAAE/w8-playlist.m3u8?forcedownload=true

To create a stream yourself:

./freestream-webm.sh big_buck_bunny_480p_stereo.ogg w8

using the script freestream-webm.sh

The main goal of this is to allow playing videos while they are being downloaded, essentially providing a distributed streaming platform.

This script is adapted from the one bertm created, adjusted to use vp9 and vorbis instead of mp4. If you have opus, you can reduce the required bitrate a lot.

The target segment size is set to <400 kiB, because this allows the splitfile info to fit into the toplevel SSK.

Caveat: The video isn't seamless,yet, since mplayer does not preload the next video in the playlist.

Get the repo via hg clone freenet://ArneBab/stream-over-freenet

For details on getting the repo, see Infocalypse and pyFreenet

If we wanted to make this secure, we'd need a content filter for m3u8 (then the url could drop the ?forcedownload=true) and for video (we have unreviewed ogg filters which haven't been merged yet). If you want to contribute, have a look at the existing two pull-request for video (which both need work to be merge-ready):

An option to improve the experience of the stream would be to increase SEGMENT_SIZE_KBYTE to 3500 (below 4MiB) and always use one level of indirection (having the splitfile info in a CHK instead of embedded in the top-level SSK).

Thanks to doublec for the shoutout from Pitcairn Island


Streaming a video over Freenet

Update: TheSeeker found the gist with the old and more advanced script from bertm again: https://gist.github.com/bertm/69b05cac7ae2121ed700 — I added the script into the repository.

We once experimented with streaming over Freenet. Today a collegue asked me about whether we could build a youtube-portal using Freenet as backend. Within an hour we reconstructed the streaming solution. Before starting, have a look at the playlist file we'll use to ensure that it only accesses content within Freenet (this ensures that it does not compromise your privacy): "stream.m3u":

Watch the stream with


mplayer -prefer-ipv4 -fixed-vo -playlist CHK@FgF2w6K5wOPrA7NYzw4eTABq9gyPjHUBEhRJuER7uV4,xZ5dtAL9sLi4sgLFRAa4piaAO6FrJ97Gt6NfStnvix4,AAMC—8/stream.m3u?type=text/plain

Get the repo via hg clone freenet://ArneBab/stream-over-freenet

For details on that, see Infocalypse and pyFreenet

Something like this would be cool for that:

Morphis and Freenet

Since the question how morphis differs from Freenet came up more than
once, here's the short version: from what I understood, morphis has no
friend-to-friend layer (the Darknet-mode in Freenet — by building on
Kademlia, morphis relies on being able to connect directly to all
participants), its anonymity is tor (easy to crack with timing analyses
and DoS attacks), its spam-resistance is proof-of-work where Freenet
uses a web of trust (morphis threat model: commercial spammers, freenet
threat model: people who want to break freenet), it claims to be fast,
its keys are predictable (censorable).

In short: Freenet can already provide everything morphis wants to do,
and more.

To compare: Forgotten Cypherpunk Paradise

"Even if X should work, it would provide only half of Freenet, and none of the really important features - friend-to-friend darknet, access dependent content lifetime, decentralized spam resistance, stable pseudonyms, hosting without a server"

Missing features in morphis: friend-to-friend darknet and
access-dependent content lifetime (what does it do if the datastores are
full?). Morphis comes closer to Freenet than any other system I know,
but it's still a long way from it. Or rather: Freenet already provides
what morphis only promises. Morphis sounds ambitious, and the developer
sounds very motivated, but that's it.

On the upside, I just released Freenet Communication Primitives part 2:
Service Discovery and Communication: how to find new people, build
secure communication channels and create community forums — in 300
lines of Python.


Kleingeister

Heute in Twitter ☺

ArneBab, "(2015-08-13)":https://twitter.com/ArneBab/status/631832396476903426

und ein „Kleingeister bleiben Kleingeistig“ an all jene, die sich gerade über Rechtschreibung aufregen.

German-Catholic (@Christ_Germany):

@ArneBab ein ist Singular , von daher ist Kleingeister falsch

ArneBab:

@Christ_Germany „ein“ steht offensichtlich für den Satz „Kleingeister bleiben Kleingeistig“. Hätten Sie nun über Großschreibung gesprochen…☺

@Christ_Germany das zeigt schön, wie Konzentration auf Unwichtiges den Blick auf das Größere versperrt ☺


Mirroring a (small) website into Freenet

This is the script I use to mirror the freenetproject.org site into Freenet. It isn't perfect, but it works well enough for now.


#!/bin/sh
cd ~/freenetproject-mirror
wget -m -N -nH -k -p -E —no-check-certificate -e robots=off —no-cookies -U 'Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.6) Gecko/20070802 SeaMonkey/1.1.4' https://freenetproject.org https://freenetproject.org/jnlp/freenet_installer.jar https://downloads.freenetproject.org/latest/new_installer_offline.jar https://freenetproject.org/jnlp/FreenetInstaller.exe https://freenetproject.org
rm *\?*html


Blogger vor Nazis verstummt

Wer das hier nicht weitergibt hat den Knall nicht gehört.

Schmitz Heinrich gehörte zu den Initiatoren der Petition #HeimeohneHass.
Warum er nicht mehr bloggt: Rechte Hassbürger und Meinungsfreiheit - Eine Kapitulationserklärung

(leider darf ich das wohl nicht hochladen…)

Ein Blogger gibt auf, weil er und seine Familie massiv bedroht
wurden. Die Erklärung von Heinrich Schmitz, Ex-Kolumnist von The
European und ehemaliges Mitglied der Initiative #HeimeOhneHass, im
Wortlaut.

Wer das hier nicht weitergibt, hat den Knall nicht gehört. Ja, das meine
ich genau so hart, wie ich es sage.

Wenn es dich motiviert selbst aktiv zu werden, achte darauf, dich auch
in der echten Welt zu vernetzen - Leute physisch zu kennen, die dich
unterstützen, falls Rechte dich angreifen. Im Zweifel Leute zu haben,
die sich einem Rechten Mob in den Weg stellen würden, wenn die Polizei
nicht oder nicht rechtzeitig kommt.

Leute zu haben, die es merken, wenn du nicht bei der Arbeit auftauchst
oder psychisch an den Bruchpunkt kommst.


Discussion Paper: Ice melt, sea level rise and superstorms: evidence\\ from paleoclimate data, climate modeling, and modern observations that 2\\°C global warming is highly dangerous

Since last week there's a paper in pre-publication public discussion in
ACPD (Atmospheric Chemistry and Physics). Its implications are
staggering.

acpd-15-20059-2015-hansen-sealevel-measured.png
acpd-15-20059-2015-hansen-sealevel-air-temp.png

License:
CC attribution (open access)


Infinite Hands finally in Freenet

It took far too long, but now it's in Freenet:

With a partial
Russian
and
Esperanto
translation.


Down again

Less than a day after posting the “my sites are back” message

They are down again. This time united-domains which provides my domain names has network problems.

Was up again after a few minutes


Why GNU Guile

with input from amz3

What is Freenet? The answer in 2015.

The Freenet Project is what you get when mate Tor or i2p with
decentralized hosting (no single point of failure).

Is is what you get when you take Maid Safe and add a friend-to-friend
darknet in which those files stay available which users actually access
(instead of the ones for which people pay).

And it is being used for anonymous communication and improved by people
around the world since 2000.

It is the forgotten cypherpunk paradise which this year won the SUMA
award for online privacy:
https://freenetproject.org/news.html#20150211-suma-award


Männliche Lust, immernoch ein Tabu

Da 1w6.org nach dem Hacker-Angriff vor einem Monat noch immer down ist,
aber das Thema gerade durch das Hotpants-Verbot einer Schule in BW akut ist, gibt es hier die
Freenet exklusive Vorabversion eines
geplanten Artikels.

Kurzfassung: Ja, Männer haben oft Probleme,
kurze Klamotten zu ignorieren. Weil sie ihre eigene Lust nicht
verstehen. Das ist, was wir ändern müssen, und nicht die Kleidung von
Frauen. Jetzt dazu, wie wir das verstanden haben.

Wer ohne die vorherigen Artikel auf 1w6.org den Kontext vermisst, kann auf archive.org den vorletzten Artikel nachlesen: Sexualität im Rollenspiel
und bei Skythief den letzten: Sexualität im Rollenspiel – Ein Kommentar

Die Spielerin des Fuchsmenschen in unserer Runde hat beschrieben, wie ihr
Charakter versuchte, den Vorzügen seiner Liebessklavin zu widerstehen
und dabei den Männern in der Runde ungewollt gezeigt, wie tief
verwurzelt bestimmte Tabus noch sind. Doch von vorn.

Wir haben gerade einen Nachfolger zur Herrenrunde gespielt. Die
Charaktere kamen zurück auf das Schiff der Menschenhändler, diesmal mit
dem Plan, ihrem Treiben ein Ende zu setzen.

Wieder hat eine Spielerin den Charakter gespielt, der sich als
Menschenhändler ausgeben sollte (Neminis gab „Neru Toharu“), doch
diesmal war die Charakterin ihres Freundes nicht Frau und Partnerin
ihres Charakters, sondern nur noch Frau und Sekretärin (Mira gab
„Kieru“), denn um ein für die Herrenrunde möglichst plausibles und
schmeichelhaftes Bild abzugeben, hatte sie entschieden, dass sie die
Liebessklavin Kerani, die Neminis bei dem letzten „Besuch“ in der
Herrenrunde (der vielen der Herren den Hals brach, wenn auch nicht den
schlimmsten) geschenkt worden war, als dessen neue Gespielin auszugeben.

Jetzt genug mit Einführung. Neminis hatte Kerani gerade mit einer der
Sklavinnen von dem Schiff mitgeschickt, und der Sklavin die Anweisung
gegeben, Kerani so elegant und gleichzeitig aufreizend wie möglich zu
kleiden. Dann beschrieb die Spielerin, wie Neminis sich vorbereitete, um
den Reizen Keranis widerstehen zu können (er war ihnen bisher erst
einmal erlegen, im Vollsuff, und er geißelte sich seitdem dafür, weil er
ihren absoluten Gehorsam nicht ausnutzen wollte). Sie erzählte, wie er
meditierte und sich konzentrierte. Die Männer in der Runde wurden schon
unruhig. Wir spürten, dass das so nicht klappen konnte. Ich schlug eine
kalte Dusche vor, was aber auch nicht besser war - stereotyp, hilft aber
erfahrungsgemäß nicht wirklich - dann sagte jemand „na einen abwedeln“
(oder so) und alle Männer der Runde lachten verschämt. Kein befreiendes
Lachen, und erst Recht kein Auslachen, sondern das beschämte Lachen, das
entsteht, wenn alle wissen, dass ein Tabu gebrochen wird, dazu aber
nicht wirklich stehen können. Einer erklärte „die Luft rauslassen, wenn
dann nach dem dritten Mal nichts mehr da ist“ und noch ein paar weitere
Umschreibungen fielen. Ich merkte, wie komisch die Situation sein
konnte, deswegen sagte ich, „Du siehst, dass wir mit dem Thema alle
nicht ganz klar kommen, sonst würden wir nicht so verschämt lachen“, und
andere bestätigten das. Die Stimmung entspannte sich wieder und die
Runde ging weiter, aber in mir blieb die Überraschende Erkenntnis
zurück, wie stark in allen Männern in der Runde das Tabu der Onanie noch
verwurzelt war. Wir sind alle um die 30, zwei der Männer in unserer
Runde sind verheiratet, davon habe ich schon zwei Kinde, zwei weitere
sind Single. Und wir alle haben Probleme, frei über Onanie zu sprechen.
Und damit über einen zentralen Aspekt der männlichen Lust - genau wie
auch über männliche Lust allgemein. Für alle Männer in der Runde war
klar, dass die Selbstkontrolle, die Neminis an den Tag legte, teilweise
ans Unrealistische grenzte. Das haben unsere Blicke deutlich gezeigt.
Aber wirklich beschreiben konnten wir es nicht.

Das soll nicht heißen, dass ein Mann eine Frau nicht ohne Lust ansehen
kann. Das geht, und ich konnte es selbst lange Zeit sehr gut - solange
ich noch Jungfrau war deutlich leichter als seit ich meine Frau kenne -
doch das braucht eine bestimmte Geisteshaltung, eine Geisteshaltung, die
aufrechterhalten werden muss, und die schneller Sprünge kriegen kann,
als man erwartet.

Und das ist ein tieferes gesellschaftliches Problem, als dass wir einer
Spielerin nur schwer erklären können, wie sie ihren Charakter plausibel
spielen kann.

Es wird viel über sexuelle Belästigung gesprochen, doch die
Lösungsansätze dafür bleiben oft in den Symptomen stecken. Rote Karten,
Strafbewehrte Verhaltensregeln, Klagemöglichkeiten, usw. Diese
Lösungsansätze sind wichtig, denn sie reduzieren den akuten Leidensdruck
von Frauen, helfen also, eine Situation zu entschärfen, die für die
Hälfte der Bevölkerung unerträgliche Belastungen bedeuten kann. Aber sie
schieben Frauen die Aufgabe zu, die Symptome von Problemen zu lindern,
die ihren Ursprung darin haben, dass nicht nur Onanie, sondern männliche
Lust an sich in unserer Gesellschaft zutiefst tabuisiert ist. Wir
können uns heutzutage mit einem Mausklick Bilder von männlicher
Lustbefriedigung besorgen. Doch Lust selbst, wie sie entsteht, wann sie
entsteht (oder auch nicht) und wie man mit ihr umgehen kann, das ist so
Tabu wie Onanie. Es berührt die Ideologie des immer freien Willens, und
es berührt den Zwang, immer funktionieren zu müssen.

Ich persönlich bin hier einer Autorin von eroticstories.com zutiefst
dankbar: Sie schrieb „erst war es für mich komisch, dass mein Mann auch
während unserer Ehe onanierte, doch inzwischen habe ich verstanden, dass
er mich trotzdem liebte und unser Sex trotzdem erfüllend für ihn ist“.
Hätte ich diesen Satz nicht gelesen, hätte meine Beziehung vermutlich
kaum ein Jahr, mit Sicherheit aber keine 10 Jahre gehalten. Und das ist
ein gesellschaftliches Problem: Warum muss ich erst auf einer obskuren
Seite noch obskurere Texte lesen, um Weisheiten zu finden, die heute ein
essenzieller Teil meiner Ehe sind?

Unsere Eltern können das nicht leisten, die haben selbst noch mit der
verklemmten Sexualerziehung unserer Großeltern zu kämpfen, und wir
können froh sein, wenn sie uns nur einen Teil davon weitergeben und
nicht gleich das ganze Paket von Schuld und der Schmutzigkeit unserer
Körper.

Wie sollen wir lernen, ein gesundes Verhältnis zu unserer eigenen Lust
zu haben, wenn wir zulassen, dass sie so stark tabuisiert wird - wenn
wir uns selbst erlauben, sie zu tabuisieren?

Nicht nur angeblich reine Liebe, sondern auch die genauso menschliche
und auch genauso positive Lust war Auslöser schrecklicher Schlachten und
eine zentrale Triebfeder von Politik, doch wir als aufgeklärte Menschen
lachen, wenn wir darüber reden, dass Männer Onanieren, um ihre Lust im
Zaum halten zu können.

Ich erinnere mich da an eine Szene aus den Säulen der Erde (Ken Follet):
Der (böse) Prinz onaniert, nachdem er die Frau des (guten) Maurers
beobachtet hat. Kaum eine Szene hat meine eigene Haltung zu meiner Lust
und zu Onanie mehr beschädigt als diese: Lust wird hier als dunkle Kraft
gezeigt, die in die geistigen Abgründe der Höllenqualen führt. Als eine
Verderbtheit, eine Schwäche des Charakters. Und nur der Böse hat
onaniert. Die Guten taten sowas nicht - auch nicht in den meisten
anderen dieser in Beziehungen erschreckend verklemmten Fantasy- und
Science-Fiction-Literatur. Über Sexorgien lässt sich leicht schreiben,
aber über die Lust selbst wagt es kaum einer dieser Bücher zu sprechen
(auch wenn Bücher hier schon viel weiter sind als Filme).

Und auch diejenigen, in die ich bei diesem Thema die meisten Hoffnungen
gesetzt hätte, lassen uns erschreckend alleine: Während durch
feministische Aktionen Frauen mehr und mehr Selbstbestimmung der eigenen
Sexualität zugestanden wird (ja, das meine ich so böse, wie es klingt),
haben sie zum Verständnis der Lust des eigenen und des anderen
Geschlechtes kaum etwas beigetragen - zumindest kaum etwas, das ich
mitbekommen hätte. Was heißt, dass obwohl es solche Beiträge gibt
(Stichwort sexpositiver Feminismus), diese Beiträge die heutige
Gesellschaft bei Weitem nicht durchdringen - obwohl die wirklich helfen
könnten, eine der Ursachen von sexueller Gewalt in unserer Gesellschaft
zu beheben.

Jetzt genug des Meckerns, zurück zum Thema: Nicht nur Sexualität ist
heute tabuisiert, die Lust an sich ist es. Sobald lustvolles Handeln
Gedanken der Sexualität beinhaltet, nennen wir es nicht mehr Genuss,
sondern Wolllust. Und Wollust wird als Böse verschrieben, doch nicht
wirklich thematisiert (wie so oft dienen Schubladen dazu, es zu
vermeiden, sich mit dem Thema wirklich zu beschäftigen).

Ist es ein Problem, wenn ich meine Frau mit Wollust betrachte? Ist es
nicht ein viel größeres Problem, wenn ich das nicht tue? Oder ist es ein
Problem, wenn ich es tue und sie sich gerade nicht so sehen will? Wann
hat meine Frau Lust und wann nicht? Ich verstehe es nicht - und doch ist
das für mich noch viel einfacher, als für ungebundene oder Leute in
freier Ehe. Die müssen in der Lage sein, zu erkennen, wann relativ
Fremde Lust haben, und sie auch ausleben wollen. Und das können wir kaum
verlässlich schaffen, solange Lust so ein starkes Tabu ist wie heute.
Ich verstehe nur teilweise, wann mein Körper reagiert, und was das
bedeutet. Und ich kann es noch viel schwerer mit anderen besprechen -
selbst wenn ich mit meiner Frau spreche, greife ich auf Umschreibungen
zurück.

Überall um uns sind Reize, aber wer sich von ihnen berühren lässt, wird
als schwach gesehen. Leute sagen „Die ist scharf!“ und in Filmen gibt es
dann und wann ein „Die macht mich geil!“, aber kaum jemand spricht
davon, wie sich das eigentlich anfühlt, was es eigentlich bedeutet.

Es ist so viel leichter, über Sex zu tratschen und sich nicht selbst zu
offenbaren, als über Lust zu reden und dabei einen Teil des eigenen
Selbst zu offenbaren - und damit einen Berührungspunkt zu liefern.

Obwohl Lust ein völlig natürlicher Teil unseres Lebens ist, so wie
Hunger und genussvolles Essen.

Beantworte ich hiermit Fragen? Lasse ich sie offen? Ich glaube ja, aber
ich hoffe, ihr seht es mir nach. Ich würde das Thema gerne tiefer
durchdringen, aber ich befürchte, dass ich meine Runde damit an ihre
Grenzen bringen würde und möglicherweise auch für mich gefährliches
Terrain betreten würde.

Nachdem ich diesen Artikel geschrieben hatte (aber noch nicht
abgetippt), habe ich in einer anderen Gruppe noch eine Runde Barbaren
gespielt. Die Ansage „nur beiderseitig gewünschter Sex“ war überraschend
gut darin, die Runde von Exzessen abzuhalten, aber ich habe auch wieder
eigene Grenzen gespürt. Was ist Lust, was ist Lebendigkeit, was ist
Freiheit, was ist Macht? Warum kann ich Flirten, Annäherung, das
Erwachen der Lust, die ersten Berührungen, den Moment des Eindringens
und die Ektase des innigsten Kontaktes nicht mal in einer reinen
Männerrunde frei ausspielen?

Ist das eine Freiheit, die mir fehlt? Hätte ich sie erlangt, wenn ich in
meiner Jugend mit gleichaltrigen unterwegs gewesen wäre, statt Bücher
zu lesen? Oder wäre ich dann noch verklemmter, weil ich mich nicht so
leicht auf eigene Faust gegen gesellschaftliche Konventionen hätte
stellen können? Weil ich das Urteil meiner Kumpel gefürchtet hätte?

Vielleicht könnt ihr mir helfen: Fällt es euch auch schwer, offen über
Lust zu sprechen? Fällt es euch leichter? Oder lasst ihr das völlig
außen vor? Sind Sexualität und Lust Teil eurer Runden?

Fühlt euch frei, hier anonym zu schreiben: Das hier ist die
Freenet-Version des Artikels. Der Freenet Social Networking Guide
beschreibt, wie ihr Freenet für anynome, spamresistente, komplett dezentrale Kommunikation verwenden könnt.


Pre-Crime comment: If it's not illegal, it's legal.

Currently people are discussing pre-crime in Sone

> What if someone researched blunt trauma damage with hammers and started carrying a hammer around?

This is my contribution:

If he does not make death threats, he doesn't do anything illegal.

For all we know he could be a blogger who wants to write about hammers
as weapons. Or a roleplayer researching realistic rules for his
contemporary martial arts rulebook.

Back in the days I was in an email list where we discussed how to get
dirty nuclear weapons into the US, because one of the members wanted to
run a campaign where they players have the goal to stop terrorists from
doing that. I'm pretty sure that that got us on all kinds of watchlists -
except if we were already in their "crazy SR_D freaks, they only play
Shadowrun" filter.

Strange coincidence that I'm in Freenet now, which is the closest
real-world equivalent to jackpoint, the darknet p2p data haven in Shadowrun


Das Problem der Troika: Syriza meint es ernst

Ich habe gerade einen Artikel in der Taz gelesen, der ein völlig anders
Bild auf die Syriza geworfen hat, als andere Medien. Genauer: Es war der
erste Artikel, den ich gesehen habe, der von den Leuten gesprochen hat,
die Syriza am Laufen halten. Von der Gruppe junger Deutsch-Griechen,
die sich des Vertrauens der Bevölkerung sicher sind und daran glauben,
dass sie etwas verbessern können.

Zu Besuch bei Griechenlands Führung: Wie tickt Syriza?

Heute ist mir dann aufgegangen, warum die Troika mit Syriza nicht klar
kommt. Syriza meint es ernst. Sie wollen wirklich die Situation der
Griechen verbessern und für die Bevölkerung kämpfen, die sie gewählt
hat. Und dabei noch für echte Demokratie in Europa kämpfen.

Und das Neuland für die Troika.


My deepweb story

On reddit someone asked: What's your deepweb story?

This is my answer
Please share it!

I am a Freenet user, and I had quite a few frightening experiences.

Once someone threatened me for telling him that killing Netanjahu is a
dumb idea which would only make matters worse for Palestina. But wait,
that was on G+…

Then that other time, when I was insulted by Neonazis. But wait, that
was on twitter…

How about when someone brought down my site to hack into other
computers? No, that was my normal clearnet site. Twice…

So there's the problem with Freenet. We have few horrorstories. People
who use Freenet generally know what they are getting into. They are
warned at every moment to be careful with what they click on and what
they talk about. To the point of generating random names by default, so
they aren't tempted to reuse a nickname. I know that there is bad stuff,
but I ignore it, because in Freenet that actually makes it go away: If
no one accesses it, it gets overwritten by new uploads.

So we don't actually have much interesting to share in this thread,
except for: "Freenet works. It works really well." And this is my
deepweb story.

That wasn't what you wished for? Well: That's the darknet where it
works. It ensures freedom of communication by making sure that it works
for all its users, including those with a weaker stomach AND those who
want to dig into the ugly stuff.


Setting up a Freenet Seednode from the commandline

(english translation of the commandline freenet seednode setup from the
libertyserver page)

Download and Installation of the Software

  • wget 'https://freenetproject.org/jnlp/freenet_installer.jar' -O

new_installer.jar

  • java -jar new_installer.jar -console # -console activates

installation
without X11

Setup a Seed-Node

  • lynx http://127.0.0.1:8888
  • # follow the wizard for basic setup:
  • # - low security
  • # - next
  • # - 20 GiB -> next
  • # - no monthly limit -> custom limit: 100KiB, 100KiB -> next
  • # - lynx forwards to the wizard again, Firefox to the Freenet

startpage. Just exit.

  • lynx http://127.0.0.1:8889/connectivity/
  • # read opennet port, forward for incoming UDP
  • lynx config/node.opennet?fproxyAdvancedMode=2
  • # be a seednode: click, select true -> apply
  • lynx config/node?fproxyAdvancedMode=2
  • # IP address override: (dynamic) DNS addres / hostname. Only

necessary
if you don't have a static IP. See http://freedns.afraid.org

  • wget strangers/myref.fref
  • # myref.fref an devl@freenetproject.org schicken, Subject: "New seed

node: "

Once freenet developers add the seednode to the list of seeds, you're a
seednode. This might take a while (till the next release).

Accessing the Freenet interface from another computer is easierst by
forwarding th ports via SSH:

  • ssh -NL 8888:localhost:8888 -L 9481:localhost:9481 -L

4025:localhost:4025 -L 4143:localhost:4143

Ports:

)

  • the interface for tools like pyFreenet:

http://github.com/freenet/pyFreenet

  • 4025: SMTP (provided by the freemail plugin with the WebOfTrust

plugin)

  • 4143: IMAP (provided by the freemail plugin with the WebOfTrust

plugin)


Letting it burn

For the past few weeks we again see a
meltdown
, with unreachable pages and massively worsened
fetch-pull stats
with oscillating reachability due to activating and deactivating protections against overload.

And according to TheSeeker, the Kittyporn autopatcher has been reactivated
by folks on Frost who think that several of the choices of the
non-anonymous development team are mistaken.

TheSeeker got in contact with those anonymous devs. He asked them if
they would stop publishing the autopatcher if we tested their changes
network-wide. They said they would - which could stop this self-DDoS of
Freenet users. We have counter-measures, but the only thing which can
protect Freenet if a significant number of regular, high-capacity users
runs versions which are patched to attack the network, is shutting out
these users (by reacting to the behavior of their nodes), and we don't
want to do that, because we think that they are real contributors and
want Freenet to thrive.

If we're right, then testing the changes network-wide would seriously
disrupt the network, though. Hence the title of this text: "Letting it
burn". We would prepare a release to be issued at most 2 weeks later to
revert the changes if they prove to disrupt the network. And we wouldn't
make the let-it-burn update mandatory, so you could disable auto-update
if you don't want to take part in the test (though you would still
suffer the disruption). So this should be restricted to a 2-week
disruption (2 weeks because we see oscillations on a roughly weekly
scale).

The following is only my personal opinion and no objective information:

I hope that we'll be able to run a poll with all Freenet users we can
reach before taking a decision whether to go to that or not. If we go
there, then we'll post a news entry to the freenetproject site (and it's
in-freenet mirror
) and ask you to give your opinion on any channel you have to reach us. Also I intend to post about it here. We are reachable over at least FMS, Sone, FLIP, Freemail and Frost (via TheSeeker), and I plan to look for updates of Freesites stating an opinion on the matter.

It is unclear whether we'll hold a poll. It is also unclear whether we'll
try to "let it burn". But if we do so, I intend to write about it here
before we do.

It will not happen before the 1468-release with purge-db4o. And there
are already changes staged for the next release, so if we decide to do
let-it-burn, it might still take a few months till we get there.

I'm writing this here, to ensure that no one will be surprised if we do
it, and that you all know where to watch, so you see a poll if one comes
up.

That's it for now. Except for a short status update: I did not get to
restoring my clearnet websites yet. I'll have to do that soon, but right
now I'd rather do the dishes than touch the backups to see what broke.
Mmmh, cleaning the dishes… I'm off ☺

Happy Hacking!


All my clearnet websites have been breached.

My hosted server (not (yet?) my homeserver) and all my websites have
been breached. This includes https://draketo.de https://1w6.org and
https://sn.1w6.org

I'm sorry that i did not manage to protect them better. I'm working on
restoring them and then tightening their security.

Meanwhile you can access updates from me via Freenet:

https://d6.gnutella2.info/freenet/USK@sUm3oJISSEU4pl2Is9qa1eRoCLyz6r2LPkEqlXc3~oc,yBEbf-IJrcB8Pe~gAd53DEEHgbugUkFSHtzzLqnYlbs,AQACAAE/random_babcom/52/

The most recent entries from draketo.de and 1w6.org are still available in
the in-freenet RSS copy:

https://d6.gnutella2.info/freenet/USK@y24LRrc2iTFC6eZNvi8uyNC7PBmAe8QAw51XIduangQ,85Y56-on-J9iezqatRyLhsPD5GAU96zCpw1T2Fcvdik,AQACAAE/draksites/383/

If that inproxy should go down, too, just install Freenet¹ and use the
following local links:

It's ironic that I write this after complaining that our parliaments IT has
been breached.


german government IT breached and externally controlled

our elected representatives know that their IT was breached and is still
under control by an unknown entity. That entity might have aquired
administrator priviledges and installed hardware backdoors. The ruling
fractions have their own more secure net which they do not share with
the opposition. They delay providing information.

Yet the opposition still uses the computers. And I feel as if I'm in a
secret agent thriller…

http://draketo.de/it-des-bundestages-fremdkontrolliert-abgeordnete-ratlos

https://translate.google.com/translate?sl=de&tl=en&js=y&prev=_t&hl=de&ie=UTF-8&u=http%3A%2F%2Fdraketo.de%2Fit-des-bundestages-fremdkontrolliert-abgeordnete-ratlos&edit-text=&act=url

Here is the Google translation:

This statement is just the Green Party AbgeordneteTabea Rößner in the
FAZ . I wanted the + to pass, as I have taken as a slap in my own words
only on G:

IT of the German Bundestag foreign controlled. Opposition deputies
stumped.

Damn it, what kind of world do we live? Is that a spy thriller or dark
science fiction? So a headline would fit in Star Wars, as newspaper
reports during the Emperor accepts the Senate. But in our world it has
lost nothing.

Worse Tabea Rößner asks helplessly:

Shall we just … work without electronic devices?

Yes. Of course! How else? Your IT is currently proven externally
controlled. You can not use responsibly!

If your car were riddled with bombs, you would hopefully not go, and
just as you should now treat their IT infrastructure.

Use until the acute problem is resolved, the Bundestag stenographers if
they are their own handwritten notes too slow. Let them grumble, but
they are just your only hope for safe and fast at the same time records.

Next, you should then make sure that that does not happen again: Let us
put together by BSI a laptop, is to dispense with work already from her
provided with espionage interface software. Will say: Stay away from
Windows, MacOSX or other companies controlled by US software.

Yes, that is, it remains only GNU / Linux 1 - each in a version that is
tested by BSI and constantly updated by a competent civil servant status
(and thus harder to corrupting) team. And software that is not open
source and compiled from their own team is absolutely taboo. Which can
never be trustworthy enough for the work of parliamentarians, because it
is alien controlled by definition and can be tested by BSI
insufficiently.

Maybe that helps the experience to provide the jobs of the Bundestag and
the parliamentarians on a more stable footing. Nothing is ever
completely safe, but who will buy software that can not be tested by
their own people for weaknesses and repaired in a timely manner, invites
attacks a downright.

There is the BSD and GNU Hurd , but in practical terms remains only
GNU / Linux. The BSDs depend for everyday use by non-developers still
clearly back, namely the GNU Hurd is now usable for developers, but even
further away from the suitability for normal users as the BSDs. ↩


disk write performance

xor is working on queueing downloaded WoT identities to disk instead of
keeping them waiting in blocked threads, so I did a short performance
test to determine whether this can get us into filesystem trouble.

The average hard disk access time for a spinning disk is around 8ms. See
Red Hat Storage Perf

so writing 10k files to disk should just take 100s. A small testscript I
wrote takes 28s for writing 10k versions of my own WoT ID plus 1m27s for
the susequent sync.

Call the script via

time ./testdiskperf.py ; time sync
(the sync is necessary to see the real disk performance and not just the
filesystem caches)

#!/usr/bin/env python3

with open("bigid.xml") as f:
        exampledata = f.read()

for i in range(10000):
    with open("queued/" + str(i), "w") as f:
        f.write(exampledata)

I simply used my own id for testing:


wget -O bigid.xml
freenet:USK@6~ZDYdvAgMoUfG6M5Kwi7SQqyS-gTcyFeaNN1Pf3FvY,OSOT4OEeg4xyYnwcGECZUX6~lnmYrZsz05Km7G7bvOQ,AQACAAE/WebOfTrust/11326?type=application/octet-stream&forcedownload=true


bash and implicit self modifying code

Some of you might have stumbled over ./update.sh only working on the
second try. It took us a few years with unreproducible breakage to find
the reason, but now that we have it, I think it's time to share:

A bash script can change its own code while it is executed.

This can also happen when another program edits the script. Nextgens
already knows a solution for the script: Just download the new version
under another filename and move it over the existing script to force the
filesystem to create a new inode (see how deep we suddenly got into our
OS? ^{happy}).

But that we have a solution does not mean this little exercise into
madness isn't worth sharing. On the contrary! So these are the scripts I
used to prove to nextgens that bash is even crazier - and at the same
time more powerful - than I had thought (as well as some other shells,
too, though I did not do a thorough investigation on their support for
rewriting their own content at runtime):

To test them, copy one of them to `1.sh` and execute it.


cp bash-keeps-executing.sh 1.sh
chmod +x 1.sh
./1.sh

And just for fun: This is the content of bash-keeps-executing.sh:


for i in 1 2 3; do
echo "for j in 2 3 4; do
echo \"\$j\"
done" >> 1.sh
done

this actually echos 3-times 2 3 4. Which means that if you read this far
you just looked into the abyss of self-modifying by direct editing of
the text file. And you can be sure that it also looked into you.

To exorcise it, have a look at guile scheme to learn how self-modifying
code can be done right (and safely) ☺ :
gnu.org/s/guile

Happy Hacking!


Required trust for forming a darknet connection

My take on the required trust for connecting over Darknet is:
"I need to trust them not to crack their Freenet node to spy on me".

This is the case for almost every person I know in real life and many
people I know only digitally.

It is important that you only add people you know, because the darknet
routing algorithm of Freenet depends on having a small world structure.
If you add random people, you not only risk your privacy (and to some
degree that of your other contacts because you make some attacks much
easier), you also weaken the foundation of darknet routing which will
result in much worse performance for all users - including you.

Opennet uses different assumptions to make it efficient to connect to
strangers. These assumptions would not be feasible with darknet, because
they require being able to connect to arbitrary participants in the
network, which would void the core security properties of the
friend-to-friend darknet.

For the extend of this effect, have a look at fixing the link length distribution of Freenet

The article shows how Opennet performance improved when we improved the
structure to actually follow a small world topology. The lifetime of
files improved by factor 2 and latency and speed improved so much that
returning users noticed that Freenet had become much faster.

"when did freenet get so fast? Impressive speed improvement since I
last used." — doublec

So only add people you know.

(thanks to xor for reminding me to add the darknet structure part)


My talk for the SUMA award ceremony (in German)

My talk starts at 5:56.

I hope I can provide a transcript soon (which people could translate to
english).


My WoT databased hosed?

update: fixed by killing the WoT database and restoring via insert
key.

My WoT does not start with the new preview release (1468-pre3). I fear
that the filesystem breakage I had (btrfs on kernel they call too old)
might have taken my WoT database. Luckily I should still have all my
private keys at hand.

Jun 01, ... (plugins.WebOfTrust.WebOfTrust, <noname>(1026), 
ERROR): ROLLED BACK!
java.lang.ArrayIndexOutOfBoundsException(no stack trace)
Jun 01, ... (plugins.WebOfTrust.WebOfTrust, <noname>(1026), 
ERROR): Error during startup
java.lang.ArrayIndexOutOfBoundsException(no stack trace)

The error when loading the plugin says
"java.lang.ArrayIndexOutOfBoundsException". It would be nice if that
were a bit more informative.


ShareWiki: Illegal state exception

A few days ago ShareWiki started throwing illegal state exceptions when
clicking the [Save and Preview] button: Already sent header. I don't
know why. If you use it, there's a workaround: just click the preview
link in the list of sites.

I hope I can allocate the time to fix this soon.


FMS Code review

Gerard who used to contribute to Freenet a few years ago just came back
and did a code review of FMS. He posted it on devl
and naturally on FMS.

IIRC this is our first independent review of FMS, and it's quite
favorable.

Here's the essential point:

Verdict: Nice code, could been written a bit more defensively. No
suspicious code was found….General architecture seems
well thought out and will be a good foundation for future improvements….

"It was NOT checked if the provided binaries correspond with the
source
file. To be safe® compile from source."

I'm compiling FMS from Source (it works easily, just look at the
readme). This review makes it much easier for me to suggest using FMS.


Freenet over Meshnet: A perfect match

(crossposted from FMS)

creamsoda@0vpcRHZV1ftyj4mJpZnuYaG8wpkNIvf3qa3b-LUcsZs wrote :
> This is p2p-over-p2p-over{internet,radio links}. Freenet is already
pretty slow, and I imagine cjdns is too, so building a
darknet-over-darknet doesn't seem very sensible. Freenet already has
friend to friend connections with most of the properties that you list,
so what makes freenet-over-cjdns any better? Particularly
darknet-over-cjdns, not just opennet-over-cjdns.

In a meshnet one of the expensive parts is that your data travels over
multiple hops to reach you. If you need to jump 5 hops to the host, then
you cause a total transmission equal to 5x the size of the data.

In Freenet the same happens. If you need to jump 5 hops to the node
which stores the data, then you cause a total transmission equal to 5x
the size of the data.

If you did Freenet over Meshnet where you essentially connect to Freenet
nodes in random locations (Opennet), then these numbers multiply: With 5
hops each, you would cause a total transmission equal to 25x the size
of the file, so the effectively available bandwidth would drop by factor
25 compared to direct connections.

But if most of the nodes you are connected to are also in close physical
vicinity (darknet-style), then these numbers do not multiply: There are
only 1 or 2 hops to the next Freenet node, so a transmission over
Freenet could be just as fast as a direct transmission over cjdns from a
server in a random location. In addition, Freenet provides strong
caching, so the total transmission needed to get some data might be even
lower than for a direct transmission.

In short, Freenet Darknet and Meshnet are an almost ideal match.


Securing E-Mail

Broken WoT

I'm currently out of Sone again, because since my Freenet crashed once,
WoT does not finish loading anymore so Sone does not see identities (I
cannot access the WoT login page). Possibly it hit an OOM.

Sorry for the inconvenience. I'll say hi on Sone, when my WoT works
again.

Till then: Please bookmark
this site when you want updates!


Cory Doctorov: re-publica: NSA not Stasi (Godwin)

Here's a talk from Cory Doctorov on Surveillance:

Find out more at:
https://re-publica.de/session/nsa-are-not-stasi-godwin-mass-surveillance

It's tempting to compare NSA mass surveillance to the GDR's notorious
Stasi, but the differences are more illuminating than the similarities.

Cory Doctorow
Electronic Frontier Foundation

Creative Commons Attribution-ShareAlike 3.0 Germany (CC BY-SA 3.0 DE)


Robust ssh forwarding of Freenet ports

Over the years of running Freenet on a small homeserver, I perfected my
ssh port forwarding. This is what I use now:

while true; do ssh -NL 8888:localhost:8888 -L 8088:localhost:8088 -L 9481:localhost:9481 -L 8080:localhost:8080 -L 4025:localhost:4025 -L 4143:localhost:4143 HOST; sleep 5; done

When the connection breaks for some reason, it restarts automatically.

More exactly: I have an executable file at
/etc/local.d/freenet-forward.start with the following content:

#!/bin/sh
su USER -c "while true; do ssh -NL 8888:localhost:8888 -L 8088:localhost:8088 -L 9481:localhost:9481 -L 8080:localhost:8080 -L 4025:localhost:4025 -L 4143:localhost:4143 HOST ; sleep 5; done &"

If you also want to forward yacy and a quassel IRC daemon, you can add
-L 8099:localhost:8099 and -L 4242:localhost:4242

That's all: It feels as if all the services are running locally.


Wish: Freenet, No Questions Asked

It would be nice if we had a Freenet installer which avoids asking the
user any questions. Install and it instantly connects to opennet using
the detected ideal bandwidth and datastore settings.

We could offer multiple No Questions Asked (NQA) versions, then:

  • Freenet Convenience (opennet, low security)
  • Freenet Paranoia (no opennet, high security settings)
  • Freenet Seed (opennet, seednode mode activated by default)

A big advantage of NQA versions would be that other programs could ask
the user to install them without forcing the user to go through the
wizard (skips one heavy step).


Sharewiki b22 includes minimal syntax help.

-
ShareWiki-b22.jar

ShareWiki-b22-src.zip

This
is the last thing which I felt was missing. Please test it! Since I
found Sharewiki, I liked it ever more, since it's the easiest way to
create and maintaint one or several simple freesites.

Please test it!


Generating Vanity Insert Keys

There's a utility from Bombe to create keys with nice prefixes:
https://gist.github.com/Bombe/5be29459824a0ecdbd9b

GenerateVanityKey.java

Just drop it into the fred repo under src/freenet/tools/GenerateVanityKey.java

Then run ant.

I had to add final to the variables argument and arguments (where ant
told me to) to get it compiling.

Finally cd to build/main/ and run this:

java -cp ../../../freenet/bcprov-jdk15on-151.jar:../../dist/freenet.jar:../../../freenet/freenet-ext.s/GenerateVanityKey PREFIX_YOU_WANT

(../../../freenet is my freenet directory)

This is brute force and increases the Entropy of the Universe for
dubious gain, so the Kopimists might hunt for using it, but on the other
hand it gives you vanity keys ☺


The NSA are not the Stasi: Godwin for mass surveillance

Video: re:publica 2015 - Cory Doctorow: The NSA are not the Stasi: Godwin for mass surveillance

Clearnet Link: https://re-publica.de/en/session/nsa-are-not-stasi-godwin-mass-surveillance

Short thesis: It's tempting to compare NSA mass surveillance to the GDR's notorious Stasi, but the differences are more illuminating than the similarities.

Description: The Stasi needed one snitch for every 50 people; one NSA spook can keep watch on 10,000 or more people. IT bequeathed unthinkable productivity gains to spies, and this creates structural changes in the extent to which corrupt elites can retain power without danging the carrots of redistribution, fairness and social programmes before their populace.

What I learned: We do not even have to add drones to the mix to fuck up our society. Permanently.

And Cory Doctorow is great. He makes points I would want to make. Better than I would make them and with a story arch worthy of a world class science fiction novel - with the twist that the story he tells is real.


I do not hate corrupt politicians

an answer I gave on Sone

I would not go as far as saying that I hate them. There's a system in
place which helps them to rise. A system where the elected act in the
interest of the powerful instead of the interest of the voters.

To break this we need independent media which acts in the interest of
its readers. Where the readers are the customers, and not the ware which
the media sells to the advertisers and other people who are willing to
pay.

We need stronger measures against corruption - for example control over
politicians from within civil society like http://abgeordnetenwatch.de

Funded by all, not only by a few donors.

And we need to ensure that we can survive temporary setbacks - to ensure
that the setbacks remain temporary. For that we need things like
Freenet. It's one of the reasons why I decided to contribute here.


Threat to democracy - from the elected

As Glen Greenwald quotes in the intercept

They would include a ban on broadcasting and a requirement to submit
to the police in advance any proposed publication on the web and social
media or in print
. The bill will also contain plans for banning orders
for extremist organisations which seek to undermine democracy or use
hate speech in public places, but it will fall short of banning on the
grounds of provoking hatred.

It will also contain new powers to close premises including mosques where extremists seek to influence others.

Can we close the premises of people who want to violate human rights?
Like Cameron?

stop those who seek to "undermine Our British Values" and, instead,
ensure "we are together as one society, One Nation" — Tory Home
Secretary Theresa May

Glen Greenwald comments that as follows: "I personally believe this was
all more lyrical in its original German"

I, as german, have nothing to add.


Freemail works after recompile

I compiled plugin-Freemail myself, and that version now loads. If you
want to test it yourself you can use my jarfile (with some changes: I
wanted a new message link on the inbox page):

Freemail.jar

The
code is on github: https://github.com/ArneBab/plugin-Freemail


Gleichsetzung von Faschisten und Linken darf kein Mittel sein

Jemand in Twitter nannte als Antwort zu einem Tweet mit einer Kopie
einer Kampfschrift von Rechtsradikalen Faschisten und „Ultralinke“ in
einem Satz

Erster Tweet: "zurück zu den Wurzeln,zu unseren alten
Traditionen.(…)Im Mittelpunkt stand der Kampf um die Straße" #oss
#neonazis pic.twitter.com/KDqSkeYa8x

Gleichsetzender Tweet als Antwort: @KatharinaKoenig ROFL, es kann nur
eine geben, die einzig wahrhaft wahre Religion — ein allgemeines
Problem bei Faschisten und Ultralinken.

Meine Frage: =1v3833n7h3r3 =KatharinaKoenig was sind denn „Ultralinke“?

Das hier ist die Diskussion, die sich ergab:

@ArneBab Solche,die ihre Ideologie als die einzig Wahre erachten und
deren Liturgie explizit das Himmerlreich auf Erden verspricht….

@1v3833n7h3r3 Also einfach Ideologen? Wieso nennst du „Faschisten“
und „Ultralinke“ in einem Satz, aber nicht die ganzen anderen Ideologen?

@ArneBab #ausGruenden die du gerne der Historie entnehmen kannst.,
Und ja, ich werfe die Extrempositionen ganz bewusst in einen Topf.

,@1v3833n7h3r3 Du wirfst also 60/186/849 Getötete in 21 Jahren (Zahl
je nach Zählung)und im gleichen Zeitraum 3 (2 davon RAF) in einen Topf?

,@1v3833n7h3r3 Zeitraum 1991—2011, und ja, ich habe gerade danach
gesucht. Todesopfer Linker Gewalt seit 1994 suche ich vergeblich.

,@1v3833n7h3r3 Suche nach "todesopfer linksextremer gewalt in
deutschland" ⇒ „Linke Schlagen Rechte und Polizisten“:
http://www.taz.de/!50164/

@ArneBab Nochmals, ich spreche von Gruppierungen, die letztlich
menschenverachtenden politischen Systemen das Wort reden.

@1v3833n7h3r3 Du redest von Gruppierungen bei denen eine 60 bis 849
Leute in 10 Jahren getötet hat und die andere höchstens 3.

@ArneBab Sry, DU hast das Thema Mord auf den Tisch gebracht. Ich
rede von politischer Religion.

@1v3833n7h3r3 Das ist kein „allgemeines“ Problem: Du setzt Leute die
morden mit Leuten gleich, die nicht morden.

@1v3833n7h3r3 Wenn es nur um Reden geht: Wieso nennst du Faschisten
und Ultralinke, aber nicht Scientologen, Evangelikale und Marktradikale?

@ArneBab Interessant, was du so alles hineininterpretierst. Versuch
es mal mit verstehendem Lesen.

@1v3833n7h3r3 das habe ich getan.Was ich in deinen Tweets verstanden
habe, finde ich unhaltbar. Daher habe ich nachgefragt statt zu urteilen

@1v3833n7h3r3 jetzt urteile ich.

@1v3833n7h3r3 was ich gesehen habe: Du wolltest jemanden verbal
treten und hast als Mittel dafür Faschismus und „Ultralinke“
gleichgesetzt.

@ArneBab Gut, wenn man die Wahrheit gefunden zu haben glaubt, die
einzg wahre Wahrheit natürlich… Dann urteile mal schön.

@1v3833n7h3r3 Sowohl dein Ziel als auch dein Mittel finde ich
scheiße.

Ich denke nicht, dass ich dazu noch viel sagen muss.


»for my privacy and to injure the following law!« — new french user in
IRC. The referenced law is the new surveillance law in france (which
will hopefully be cancelled by a constitutional court, but that can take
years).


French National Assembly Approves Mass Surveillance of French Citizens!

(this article is licensed under cc by-sa, published by la quadrature du
net:
http://www.laquadrature.net/en/french-national-assembly-approves-mass-surveillance-of-french-citizens
)

Paris, 5 May 2015 - The French Intelligence Bill was adopted today by
the National Assembly1 despite massive cross party opposition against
the text's highly harmful measures. With 438 votes for and 86 against,
French citizens' representatives have given the Prime Minister the power
to watch, massively and with little control, the French population.
This is one more step backwards regarding the separation of powers in
France, a founding principle of our democratic regime. La Quadrature du
Net strongly condemns this surrendering of democratic principles and
calls on senators, who will be voting the bill next, to counter this
unacceptable vote.

The Intelligence Bill, which was presented on the fast track on 19 March
by French Prime Minister Manuel Valls, rallied a very large, argued and
vigorous opposition, from a number of civil rights associations,
collectives, lawyers' and magistrates' unions, but also administrative
authorities such as the CNIL (French Data Protection authority) and the
CNCDH (French National Consultative Committee for Human Rights).

No To Mass Surveillance!
French Intelligence Bill harms your liberties!

Presented by the Government as a law both necessary and necessarily
consensual, the bill however sparked growing opposition within the
National Assembly itself from MPs from all sides of the political
spectrum, who courageously faced the slanderous insinuations of
anti-patriotism or incompetency hurled at them by Minister of the
Interior Bernard Cazeneuve or rapporteur Jean-Jacques Urvoas. The
evolution of political positions, increasingly hostile to the text as it
was studied and analysed in-depth, shows that the government's choice
to fast-track a bill concerning such a complex and fundamental issue was
a political strategy, one of a denial of democracy and an insult to
Parliamentarians' work.

Despite this strong opposition, the amendments tabled in April weren't
enough to significantly modify the Bill and the most harmful measures
were kept:

  • Extension of the scope of intelligence missions, allowing for

potential surveillance of whole parts of the political, union, activist
world, but also economic, scientific ones, etc.

  • Massive legalization of intelligence services' illegal methods and

introduction of new technologies of mass surveillance of electronic
communications

  • No real and independent control by the future commission in charge

of interceptions control (CNCTR); illusory citizens' recourse against
surveillance

Today, those who objected to the Intelligence Bill will remember the
list of MPs who refused to safeguard the fundamental liberties of French
citizens. They call on senators, now in charge of examining on the
text, to modify it in-depth in order to turn it into a real framework
for the protection of citizens and the monitoring of intelligence
services.

"The French Intelligence Bill brought forward questions that are the
basis of our democracy: fundamental liberties, the separation of powers,
control of the public power. The French government's attitude and the
MPs' decision – unworthy of them – shows to what extent a citizen
upheaval is now necessary to save the democratic principles of our
country. We call on the senators to take the lead on this bill and ask
the many citizens who took action against the bill to not let the
pressure off their representatives." declared an outraged Philippe
Aigrain, co-founder of La Quadrature du Net.

  1. Lower chamber of the bicameral French legislative system

testing-build-1468-pre2

Steve aka operhiem1 released the second pre-release for 1468 (also known
as purge-db4o).

Get it via `./update.sh testing`. If it breaks, run it twice.¹

The intention of this pre-release is to get all developers and testers
to a common, coherent state. Before this, people had several different
snapshots of the source running with different sets of patches on top.

This version should be able to run the release candidate of the Web of
Trust, so it should also run the purge-db4o enabled Sone
from TheSeeker.

¹: I had to run the update.sh script twice, because at the first run I
got a syntax error. I think that has something to do with bash stumbling
when the file changes while it is being executed.

./update.sh: Zeile 217: Syntaxfehler beim unerwarteten Wort `then'
./update.sh: Zeile 217: `ev/null; then'


Sharewiki b21

I reviewed sharewiki and replaced the non-GPL compatible parts with GPL
compatible ones, and I'd be glad if you could try whether it works for
you.

To test it, go to the plugins page
scroll to the text field under "load unofficial plugin from Freenet" and
enter the sharewiki key:
sharewiki-b21.jar


PHP

You bought a new car. You took it out for a ride. a tree falls
before you. You brake, but the car proceeded to hit the tree anyway.

You call the car company and talk to their engineers. One of them
ask. 'Did this happen on a Friday evening, when it was raining?' You say
'Yes, how do you know?'

The engineer replies.

"Our brakes does not work on rainy Friday evenings. If you REALLY
want to brake on a rainy Friday evening, you should also pull the lever
under the dash board that is normally used to open the hood. It is very
clearly printed on our manual. Didn't you read it? Our car is not the
problem. You are the problem"

You were enlightened. You came back home. You never took the car out
on rainy Friday evenings. When Somebody asks about the car, You said.
"Yea, it is a great car. But you got to know how to use it".

You took great pride in knowing how to drive this car, which can
easily kill someone who hasn't read the manual. When you hear that
someone got killed while driving this car, you simply said. 'That car is
Ok. but you should really know how to drive it, sadly this guy didn't.
He was the problem, the car ain't…

→ imakesnowflakes on Hacker News:
https://news.ycombinator.com/item?id=9485741


God wrote in Lisp

god_uses_lisp_firedaemon-ben_brockert-cc_by_sa-flickr-10212337584_596cd66833.jpg


God uses Lisp: Firedaemon

Also known as "I'm sorry to inform you that Earth is about to be been eaten
by a fire demon." :)

CC by-sa by Ben Brockert:
https://www.flickr.com/photos/wikkit/10212337584

Ich mag das Bild auf vielen Ebenen :)


ShareWiki code review

(review notes from
https://github.com/ArneBab/plugin-sharewiki/blob/master/doc/review-notes.txt
)

I reviewed all files except for mylyn (Textile). The code looks safe and
pretty readable.
./src/plugins/ShareWiki/ActivelinkCreator.java
./src/plugins/ShareWiki/common/FileStorage.java
./src/plugins/ShareWiki/common/Logger.java
./src/plugins/ShareWiki/common/MapToData.java
./src/plugins/ShareWiki/common/SmartMap.java
./src/plugins/ShareWiki/Database.java
./src/plugins/ShareWiki/Freesite.java
./src/plugins/ShareWiki/Inserter.java
./src/plugins/ShareWiki/Plugin.java
./src/plugins/ShareWiki/webui/EditToadlet.java
./src/plugins/ShareWiki/webui/HomeToadlet.java
./src/plugins/ShareWiki/webui/PreviewToadlet.java
./src/plugins/ShareWiki/webui/WebInterface.java
Sadly the Eclipse Public License of Textile is incompatible to the GPL,
we cannot publish
Sharewiki with Textile. We will have to replace textile with a GPL
compatible replacement.
We might be able to use the older Textile-J which is the base for mylyn
wikitext and licensed
under LGPL-3.0: https://www.openhub.net/p/textile-j
http://grepcode.com/snapshot/repo1.maven.org/maven2/net.java.dev.textile-j/textile-j/2.2.864/


Testing WoT and purge-db4o

Just in case it got lost: purge-db4o and a WoT which works on it are
both available. Here's the announcement from xor:

Date: Thu Mar 12 11:06:58 GMT 2015
Subject: WOT build0014 release candidate, please test
Archive-Link:
emu.freenetproject.org/pipermail/devl/2015-March/037999.html

We're finally nearing a WOT release.
The release candidate 2 can be downloaded by Freenet via:

WebOfTrust-build0014-rc02.zip

Testing instructions and a changelog are included in the zip as text files.
Please do read the testing instructions before using it.
Also before testing check this thread for new replies because I might
post a
new release candidate if the current one has any bugs.

Thanks for your patience with the release and thanks for testing :)


Democracy works - and the US does not have a democracy

The DickPic campaign showed that the
majority of people know that surveillance is bad.

People take dumb decisions when spoonfed misinformation by a small group
of people who control the mass-media.

People elect puppets if someone who wants to be elected must first beg
the 132 largest sponsors in the country for money. Yes, 132. For
explanations I defer to Lawrence Lessig: We the People, and the Republic we must reclaim

Calling
the above democracy is an insult to the concept of democracy. This is
not a democracy, but a plutocracy with an ever weakening veil in which
it claims to be democratic to keep people silent. Consequently giving up
on democracy does not solve the problem. It makes it worse. To solve
the problem, we need to revive democracy - and for that we need
independent media.

Freenet is an essential part of independent media: If people can censor
information, those in power will do so.

Since we cannot solve the problem by simply moving elsewhere, we need a
way to protect Freenet where we are. And for that we need anonymous
developers like SomeDude, Eleriseth and NowWhat. They and the other
anonymous contributors are the guardians of Freenet. Thanks to them,
pressurizing the non-anonymous developers cannot take down Freenet.

That keeps us alive and kicking.


"make cache quasi-LRU via pseudo-random key pruning"

The joy of applying Freenet features to my tools. Saves 60% mem with
little overhead ☺

Sounds complicated? Let me show you the code. When adding a key to the
cache:

        # maybe delete an existing key (=> max 16**3 entries)
        try:
            # pseudorandomly choose a key to kill (last letters of the 
md5 hexdigest)
            del _cache[_cache_hash[key[-3:]]]
        except KeyError: pass
        _cache_hash[key[-3:]] = key

That's it: just kill the cache value for a key with the same last three
letters in its hash-part. This is almost random. Then store our new key
in the same place.

Note: Do not use this for anything security critical: It definitely has
significant slow paths where functions repeatedly overwrite each others
cached values. If I detect this in my own script, I can simply change
the letters to be used in the _cache_hash, but when it is used in the
wild (wild net), someone will exploit it and DoS you with ease (in the
best case).

PS: Aside from being very useful, the title of this message also sounds
like complete gibberish ☺


Absence from Freemail and Sone

Someone noticed that I've been absent from Sone and Freemail for a few
months and wrote to me. Thank you for your concern!

I am absent, because I'm testing the new purge-db4o code (what should
become build 1468), and Sone and Freemail for that aren't yet released.
Freemail builds but does not run.

TheSeeker fixed the plugins for himself. I did not get to that, so I can
only come back once Sone and Freemail are fixed. I hope it's soon.

I miss Sone.


Freenet protects your DickPic!

freenet-protects-your-dickpic-vs-nsa.gif

http://draketo.de/english/freenet/protects-your-dickpic

The foundation of real Democracy

After the election last year, my wife and I took our children to the
counting of votes. We were the only visitors there, but the team of
volunteers who did the counting was well coordinated and highly
motivated by their feeling of doing something essential for our society.

At that point I realized that these loose groups of volunteers are the
real foundation of a working democracy: They ensure that due process is
followed. It's essential that it's possible for every citizen to watch
them, because that removes the incentive to try to cheat: We could count
the votes ourselves and later compare whether that fits with the
county-wide averages: If that would have been off, we could have
requested a recounting of the still existing physical paper-votes. And
if that incentive isn't there (nothing to be gained by cheating), the
groups who form to do the voting are most likely motivated by doing the
right thing: ensuring a fair vote.

I nearly wept when after I thanked one for her volunteer work she said
"I do it for democracy", because that's real democracy she was talking
about: Not the sham we see on TV, but voting together on decisions which
affect the group which does the voting. That societal structure works
for small-scale voting (to take decisions within a town or village) just
as well as for large-scale voting (for the whole country) and I
consider it a foundation of a society without hierarchy - even though
that society isn't real yet (because it's not what people vote for).

It means that getting a better society just means getting information to
people: The structures to realizing the expressed will of people are
already in place.


First paper published (in public discussion)

My first paper has finally entered public discussion!

surface flux inversions]]

Freenet-Uploads (it's open access, so I'm allowed to share it!)

(if you access this site over a gateway, you cannot open these, since PDFs
can contain malicious content. Run Freenet yourself or get them from the
journal linked at the beginning of this note)


Improved CSS

I adopted the CSS improvements Findings did for ShareWiki. I'll try to
get them into a ShareWiki release, but that might take some time (the
usual limited free time).


Sone Comments

If you run a site, you should really think about adding Sone comments.
Feedback is one of the main drivers of motivation, especially if you
write under Pseudonym in Freenet: You cannot use what you write to earn
money or build your future, so you have to create for the act of
creation and communication itself.

Sone Freesite Comments


Giving and Getting Feedback

In the past two weeks my anger over our conflict mellowed to grumpiness
and I started thinking about what went wrong.

This is the first result of that: How to react to feedback. Or rather
how I want to give and react to feedback.

  1. When I give feedback and I see something where I am not sure whether I know better, I try to say so. Instead of saying "do this", I try to ask a question like "why do you do this? It looks strange, because…".
  2. When I give feedback and I see something and am sure that I do know better, then I give reasons for that. The worst case is that I say "I cannot describe why, but this should change. I'll try to find out what irks me". I've been wrong with this before, though, so I've been doing this less and less.
  3. When I get feedback and I am not sure whether the feedback is valid, I ask for reasons. "Can you explain why?". If the explanations is sound, I accept it. If it feels fishy, I might ask for more explanation. This often yields much better understanding for both participants, so I think it is worthwhile. In case of doubt, I follow the advice I got: People often have a hard time giving convincing arguments, even when they are right.
  4. When I get feedback and I think I know better, I listen to authority (as I perceive it). I know that nextgens is my better at security and at structure of the Freenet codebase. So if he comments on security or the structure of the Freenet codebase and I disagree, I might ask for clarification, but there is only one reason for not following his advice: When I feel that he and I have different goals. Until now these have always been short-term goals: He tries to go for higher security first, even if it costs users now, while I want more users, even if that means improving security a year later. I know that I know my way around version tracking systems and Python, so for these I would not yield to nextgens if I do not agree with the explanation - except if he says
    something like "please trust me on this. I cannot explain it clearly, but I expect horrible fallout when we go down this route".

I know that nextgens is my better at these, because security is what
he's doing professionally and I don't really go deep on it, while for
structures within Freenet he has been proven to be right many times
over.

Nowadays there are only few topics where I consider myself advanced
enough to go head on head. Back when I started programming that was
different. After a few years I thought I knew how to best start
programming and actually tried to talk my professor into teaching Python
instead of Scheme, because that would allow students a much easier
start. Nowadays I'm learning Scheme, because after 8 years programming
in Python I hit its limitations. That taught me some humility, and I try
to take that lesson to heart.


Graffiti

(the following is from FMS)

> Art is meant to offend and disrupt society, while some graffiti is
just 15 year old kids scribbling names and pretending to claim turf for
their gang, the rest is rather deep and a decentralized way of showing
appreciation for the new urban spaces it creates.

It's great to see that we're asking deeper questions here.

One of the effect sof graffiti is that it gives a public voice to the
99% of the population who cannot afford to pay for advertisements. It
offsets part of the cultural hegemony in which the ones with money
define what all the others see in their daily life.

That graffiti seems disruptive to many shows how used we got to letting a
few rich people define our daily experiences in public spaces.


bad timing

Some of you might have wondered about the conflict in the dev team.
Quite a few things surfaced, but there's one thing which has me
confounded: This conflict has exceptionally bad timing.

Why does this happen now that there is finally a new release for WoT?
Why does it happen when I want to hack on freesitemgr to make it a
better fit for mempo? Why does it happen when we are close to a huge release
with only have a few plugins to fix and debugging to be done before it can ship?

It's crazy that instead of celebrating we are fighting.


cronscript for freesitemgr

The following cronscript selects a freesite at random and checks whether
it needs an update.

Just save it into a file, replace "arne" with your username, make it
executable and copy it to etc/cron.daily or etc/cron.weekly

Then you can update your freesites on your own schedule and freesitemgr
will take care of separating the sites from each other.

#!/bin/sh

# sleep for a random fraction of the day to avoid timezone detection 
attacks
HOURS_DELAY=$(($RANDOM % 24))
echo freesite upload delayed by $HOURS_DELAY hours >> 
/tmp/freesiteupload.log
date >> /tmp/freesiteupload.log
sleep $((3600 * $HOURS_DELAY))
echo starting freesite upload >> /tmp/freesiteupload.log
date >> /tmp/freesiteupload.log
# update a random freesite
su arne -c 'source /home/arne/.babrc && echo sourced >> 
/tmp/freesiteupload.log && for i in $(for i in $(freesitemgr 
list | sed "s/*//g"); do echo ${i}; done | shuf | head -n 1); do echo 
yes | /home/arne/.local/bin/freesitemgr cancel ${i} && 
/home/arne/.local/bin/freesitemgr cleanup ${i} && echo 
freesitemgr cleanup >> /tmp/freesiteupload.log && 
/home/arne/.local/bin/freesitemgr update 
--chk-calculation-node=127.0.0.1:9482 ${i} && echo updated ${i} 
>> /tmp/freesiteupload.log; done'
date >> /tmp/freesiteupload.log
chmod a+w /tmp/freesiteupload.log

Use the categories in the menu

It would be nice if we could reorder the menu of Freenet to have more
categories and plugins in them. An idea for that would be:

  • Browse (no change)
  • Community
    • Identities (current Web of Trust)
    • Sone
    • Chat (Flircp)
    • (install more)
  • Publish
    • Blog (Flog Helper)
    • Simple Site (ShareWiki)
    • Copy RSS Feeds (Freereader)
    • (install more)
  • Filesharing
    • Downloads
    • Uploads
    • Upload a File
    • Thaw browser
    • Keep Alive
    • KeyUtils
    • (install more)
  • Friends
    • Connections to friends
    • Add a friend
    • Messages
  • Status (no change)
  • Configuration (no change)

Conflict in the team

We had a very tiresome discussion on IRC, and there are already
distortions of what happened floating around.

I neither intend to start discussing the following, nor to ever work
with xor on something similar again.

The discussion started when xor posted a draft of his release notes.
operhiem1 commented on them:

> "this build includes more new commits than WOT ever consisted of
as of the previous build" doesn't sound like good news to me. When I
read that I think "and just IMAGINE all the bugs they introduce!" ---
operhiem1

and I said:

> to add to that: I think the humor in "good news and bad news" will
not fall on fertile ground. — ArneBab

(see
irclogs-1323/
%20)

Instead
of acknowledging that both phrases weren't received well and simply
changing them, xor answered

> the opposite of what you criticise here would me billing freenet
months of work for an infinitesimal, ridiculously small amount of
commits. would you prefer that to me being productive? what are you
trying to achieve here?

and the rest was a horribly tiring 3 day discussion trying to get xor to
understand why he should rephrase that. During that discussion xor
accused me of asking him to lie and repeatedly distorted what I said.

The one point which made me almost laugh with disbelief was when he said

> my social skills DO suck. — xor

And then, instead of rethinking what he said and saying "hm, if I know
that my social skills suck, then maybe I should accept the opinion of
others in the team and just do the change, even if I don't understand
why", he kept arguing.

When I was really weary of explaining it and getting my words twisted
again and again, I gave him two warning shots. The first was:

> xor-freenet: I have no more interest in this discussion. You should
take this as a warning that you are alienating people. — ArneBab

when he kept arguing, I wrote what should have finished the discussion:

> operhiem1 got tripped up. nextgens got tripped up. I got tripped
up. Do I really have to say any more? There is a point at which when you
don't understand something, you should just accept the input from
others. — ArneBab

This was a warning shot of a magnitude I never used before. It did not
reach him.

Instead he kept claiming that I had requested of him to take out the
commit count, when all I asked him was to remove the comparison ("more
than ever before") which rightfully tripped operhiem1 (because more new
code than old code existed means that it contains lots of new places for
bugs and that reviewing this will be hell).

I lost my temper in the time after that, along with any interest in
working with xor again.

xor ended with

> WOT release done, everybody angry. just as i expected :D

And that isn't even a self-fulfilling prophecy, because he worked hard
at making it real. I had held out for him and asked people to be patient
for years. He managed to find a way to make me angry and to make me
lose any patience I had for him.

If you want to seriously ruin your day, you can read the discussion in
the IRC logs:

  • first day:

irclogs-1323/

-
second day:
irclogs-1324/

-
third day:
irclogs-1325/

To
sum it up:

  • If you failed to deliver for years, starting the first release with

"good news/bad news" will not help appease people who are already angry.

  • The commit count is no metric for improvement. Commits are a pure

activity measure which does not relate to features.

  • In a community project with asymetric time (xor has 20 hours of paid

time per week, his work has to be reviewed by contributors in their
limited free time), a big pile of commits means a huge load on reviewers
which keeps them from working on other features. In his previous
pull-request for synchronous FCP API xor was even unwilling to split the
commits into functional and documentation changes; I did that in the
end to trim down his 13k LOC monsterdiff into almost manageable 1.3k
lines which operhiem1 reviewed on two weekends. From that experience I
do not expect xor to help much in making the review easy.

  • Comparing the commit count to the count which was there before has

even less meaning than the raw commit count. Reviewing a change which
doubles the amount of code is roughly as hard as reviewing the full
application - if not harder, because context is missing. This is not
something to brag about. Rather something to excuse "I'm sorry that this
feature required so much code. I'll help as best as I can to make it
easy to review".

  • If you put a draft up for review and people who worked on the topic

for a long time ask you to change something, then just change it. This
goes even more when you are paid for your work and you know that the
area you worked on isn't one you know by heart.

  • xor already threw these tantrums on various occasions, targeted as

various people. Currently it feels as if xor uses up more time (of
others) than he contributes. I know that this sounds damning. This is
how it feels.


Faster KDE startup

Old try at faster KDE startup: sessionk:
https://dantti.wordpress.com/2013/02/27/1-2-3-plasma/

(this is a comment I wrote in
http://blog.davidedmundson.co.uk/blog/systemd-and-plasma#comment-1862738836
)

Also I now looked into runit for simple daemon tools, and it looks
pretty easy (after stopping to read the documentation and asking a user
for a minimal working example):

echo '#!/usr/bin/env python\nfor i in range(100): a = i*i'
>/tmp/foo.py &&
chmod +x tmp/foo.py &&
mkdir -p ~
.local/run/runit_services/python &&
ln -sf tmp/foo.py ~.local/run/runit_services/python/run &&
runsvdir ~/.local/run/runit_services

now you can manage the daemon with

sv status|start|stop|restart|… ~/.local/run/runit_services/python/

and declare dependencies in the simplest way I saw: Just use a script as
…/run which uses "sv start ../service || exit 1" before exec of the
daemon: http://smarden.org/runit/faq.html#depends

To only treat a service as started once it provides a given service,
just create a check script next to the run script:

»If the script ./check exists in the service directory, sv runs this
script to check whether the service is up and available; it's considered
to be available if ./check exits with 0.«

^ only the service needs to know how to check whether it is ready.


Wir haben verloren

Netzgemeinde, wir haben verloren
(Kopie einer Pastebin)

»Die EU-Parlaments-Vertretung, Pilar del Castillo Vera, ist spanische,
konservative Politikerin,
die für den Industrie-Ausschuss das
Netzneutralitäts-Gesetzgebungsverfahren führend begleitet
hat, und im laufenden Prozess dadurch auffiel, dass sie am Anfang dieses
Prozesses lauter
Anti-Netzneutralität-Änderungs-Anträge einbrachte…
Die EU-Kommissions-Vertretung, Günther Oettinger…: ~"Es braucht
Überholspuren im Internet, um
Telemedizin und Steuerung selbstfahrender Autos zu ermöglichen"…
Und der dritte im Bunde, die Person, die die lettische
EU-Ratspräsidentschaft als Vertretung des EU-Rats
vertreten wird, wird in den Trilog-Verhandlungen zähneknirschend die
Position vertreten, die der EU-Rat
beschlossen hat; zähneknirschend deshalb, weil die lettische
EU-Ratspräsidentschaft im EU-Rat sich
grundsätzlich für Netzneutralität stark gemacht hat, und sich in ihrer
Position halt dem Mehrheits-Votum
im EU-Rat zugunsten eines 2-Klassen-Internets beugen muss.«

Die einzige Person, die für Netzneutralität ist, wurde in die Rolle des
Netzneutralitätsgegners geschoben. Ein großer Teil davon ist Fallout der
großen Koalition in Deutschland.

Was jetzt?


Kat's Flog

„Revolutions are organized by members of the middle and upper classes,
with the footsoldiers coming from the lower class.“ → Kat's Flog

Addition:
And most times, only the upper and middle class switch roles and the
lower class is left out.

The above is a really nice article, by the way: Defining classes by
their power, not only by income or such.


TODO list for pyFreenet

>> If you could help with pyFreenet, that would be great! (I'm
usually short of free time, so there are many things I cannot tackle).
>>
>
> Is there any To-Do list?

There is a bugtracker, but that is mostly resolved:
https://bugs.freenetproject.org/view_all_bug_page.php

Additionally I'm tracking some things with the distributed b-bugtracker:

6 - use logging from standardlib for logging
a - cleanup the setup.py: Get rid of the always executed man-file
install.
c4 - lots of unicode stuff with non-ascii filenames.
e - add my site to the bookmarks
c7c - switch to argparse

(stored in the file .bugs/bugs )

From these 6 and a are suitable for starting. c4 needs experimenting and
going through many places in freesitemgr / fcp/sitemgr.py where my¹
code isn't optimal…

¹: The unicode stuff is from me, and I'm not really proud of how it
looks… and it's still partially broken, for example for autogenerated
indexes (unicode handling in Python2 sucks… compared to Python3).

Finally you could try whether 2to3 works and add that to the setup.py:
Making pyFreenet compatible with Python3 - maybe by utilizing the six
project where automatic conversion fails (just copy their file into the
project to avoid external dependencies).

ArneBab 2020-03-03 Di 00:00 - Impressum - GPLv3 or later (code), cc by-sa (rest)