# random babcom

A copy of my freenet site random_babcom, converted via pandoc. Most of the resources on this page are downloaded from Freenet using the inproxy at d6.gnutella2.info/freenet/.

## Port-scanning by websites you visit is commonplace now.

(I got the permission by Charlie Belmer to upload his article into Freenet)

Port-scanning to detect locally running services has become commonplace now. Please use freenet via the proxy method.

Here’s the same as simple script.

Original article about the port-scanning: https://nullsweep.com/why-is-this-website-port-scanning-me/

## Rechtsextremisten haben seit 1990 über 190 Menschen ermordet

Sie versuchen immer wieder die Gleichsetzung mit Linksextremisten. Diese Gleichsetzung ist unehrlich, denn Linksextremisten haben seit 1990 niemanden ermordet, Rechtsextremisten dagegen haben seit 1990 über 190 Menschen ermordet.

Die Gleichsetzung von Gruppen, die morden (Rechtsextremisten), mit Gruppen, die nicht morden (Linksextremisten), ist verlogen.

Auf FMS regen sie sich über diese Fakten auf, daher hier nochmal die Quellen:

Gesamtliste der Todesopfer Rechtsextremer Gewalt: https://de.wikipedia.org/wiki/Todesopfer_rechtsextremer_Gewalt_in_der_Bundesrepublik_Deutschland#Gesamtliste Karte: https://www.belltower.news/die-liste-193-todesopfer-rechtsextremer-und-rassistischer-gewalt-seit-1990-36796/ Rechtsextremistische und rechtsterroristische Gewalt in Europa: https://www.bpb.de/politik/extremismus/rechtsextremismus/151753/rechtsextremistische-und-rechtsterroristische-gewalt-in-europa-ein-ueberblick?p=all

Ja, auch Rechtsextreme können Freenet nutzen. Ich werde sie aber weder unterstützen, noch wissentlich mit ihnen zu sprechen. Sie haben zwar das Recht und die Möglichkeit zu reden, aber kein Recht, mich zu zwingen, sie zu hören.

Wer sich schon selbst Rechtsextrem nennt, kann mir gestohlen bleiben.

## web 1-2-IoT-AI

I hope this will prove Aral wrong 10 years from now.

## The Sharesite Documentation site is awesome!

I finally got to read the full sharesitedoc: It's a great resource and covered stuff I didn't know:

Finally I can create image links:

!/SSK@~hA9BG8IXEdc3TJhim9ETgvBeGf72pXt-y7AaG9MN4A,P2u8RJ~YxMUWOVS1JStqCGTRq78vlVbaQCCKVvxTZP0,AQACAAE/sharesitedoc-3/activelink.png!:/USK@~hA9BG8IXEdc3TJhim9ETgvBeGf72pXt-y7AaG9MN4A,P2u8RJ~YxMUWOVS1JStqCGTRq78vlVbaQCCKVvxTZP0,AQACAAE/sharesitedoc/3/


Thank you!

Also note that since this is a sharesite, you can find out how to create a site like this yourself by simply clicking the "View the source" and "View the style" links at the bottom of the site.

## Make at least three identities

I suggest to anyone to have at least three identities here:

• One official that might or might not carry your real name (this is the one I'm writing from right now, you need to stick to official statements with that one),
• one only your friends know to be you (there you can still write more or less freely, but you might want to change it from time to time so accidental doxxing by friends or yourself won't be too big a problem), and
• one of which no one knows that it's connected to you (there you even have to watch your writing style and avoid all personal topics that could lead someone to you; this is where you can write stuff people might be angry about, for example writing against the close consensous of your community or whistleblowing).

This also applies to Sharesites.

If you live in the EU, please vote. There is real power in elections, please make sure to give your share of that power to people who fight for things you care about.

I added a small improvement to the fetchpullstats: It now has plots that show the lifetime. They show that large files (bulk = CHK splitfile) live somewhat reliably up to 16 days, small files live reliably up to 32 days (small = SSK splitfile) and tiny files can survive up to 128 days (realtime = raw SSK).

You can see that in the plots: When they get spotty, three separate files have fallen out. Currently the plots do not show when the first files start to fall out.

They decided 317-312 not to discuss article 13 individually.

I find no words to describe that.

The filtering does not apply to noncommercial platforms yet. Get your friends on Freenet so we can continue to organize in a space they cannot censor at the touch of a button.

If you speak german, please share these cards with all people you know, so we can keep organizing:

## writeup about the vulnerability fixed in 1484

Up to 1483 this vulnerability could result in Firefox asking the user to open an unfiltered file in an external program while skipping the warning typically shown by fproxy that the file might be unsafe.

Big thanks to thesnark/phage for finding it and to operhiem1/Steve for creating an elegant fix!

## testing release for build 1484

I inserted Freenet build 1484 to the following testing update key. If
you want to test it, you can use the key as auto-update key (please
remember to switch back tot he official key after testing!):

USK@fXwqbboBEN1s2AEOaxhtya4nh6ASGlrDbcYMlKJZcTI,Xw6DyVWgSkRccUc4XqHPD0St95JjQsC-cPK8rzwjp64,AQACAAE/jar/1483

The build included here is a followup build from several tests already
released as pure jar+sources over the past weeks and has been on github
since yesterday evening:
https://github.com/freenet/fred/releases/tag/build01484

The planned data was last weekend, and I'm sorry that it got delayed by
one more week. The release VM only works well enough to release, when
virtualization is enabled in the BIOS so qemu can use KVM. That took
quite a few hours to find out …

If we don't find new blockers, I'll release to the official auto-update
keys (Java 7 + Java 8) this weekend. After release, please run the
verify-build to ensure that what is released as jar corresponds to the
released sources.

## requirements for porting Freenet to mobile phones

It would be great to have Freenet working well on phones or tablets. However for that it has to be adjusted for the very different requirements of the platform:

• Freenet on mobile must only be connected when either both on wall-power and on wifi, or when the user is actively browsing Freenet. Otherwise it would drain the battery and bandwidth much too quickly. And
• It must use a small in-memory store to avoid wearing down the sdcard. That also means that Freenet on mobile will only route and store small amounts of data, but will not store much, because whenever the phone would be shut down for real or get fully empty (which is not that often …), the data would be lost.

If you want to do it, go for it. I'd love to see it.

There's also a longer writeup in the bugtracker. I don't agree with all the requirements (I think not all are a necessary precondition), but it's a good reference anyway: https://freenet.mantishub.io/view.php?id=6765

## Saturday 23rd of march are the demonstrations against Article 13

• Amsterdam - Dam square: 5:00 PM
• Arad - Bulevardul Revoluției 75: 1:00 PM
• Athen - Syntagma-Platz: 1:00 PM
• Aussig - Ústecký kraj Pařížská 5: 2:00 PM
• Berlin - Potsdamer Platz: 2:00 PM
• Bielefeld - Hauptbahnhof: 2:00 PM
• Bielsko-Biala - plac Bolesława Chrobrego: 4:00 PM
• Bucharest - Fântâna de la Universitate: 3:00 PM
• Budweis - náměstí Přemysla Otakara II.: 2:00 PM
• Chemnitz - Johannisplatz: 2:00 PM
• Dortmund - Europabrunnen: 2:00 PM
• Dortmund - Friedensplatz: 2:00 PM
• Dresden – Goldener Reiter Dresden: 2:00 PM
• Düsseldorf - Friedrich-Ebert-Straße 34: 1:00 PM
• Dębica - Rynek: 5:00 PM
• Erfurt - Anger: 2:30 PM
• Frankfurt - Paulsplatz: 2:00 PM
• Freiburg - Platz der alten Synagoge: 2:30 PM
• Fürth - Grüner Markt: 1:00 PM
• Gdańsk - Długi Targ: 5:00 PM
• Glasgow - The Donald Dewar Statue, Top of Buchanan Street: 1:00 PM
• Göteborg - Gustav Adolfs torg: 12:00 PM
• Göttingen - Am Nabel: 12:00 PM
• Hamburg - Gänsemarkt: 1:00 PM
• Hannover - Ernst-August-Platz: 11:00 AM
• Helsinki - Senaatintori: 6:00 PM
• Hof - Wörthstr. vor dem Scala: 1:00 PM
• Innsbruck - Annasäule: 1:30 PM
• Jena - Holzmarkt: 2:00 PM
• Karlsruhe - Stephansplatz: 1:30 PM
• Katowice - Rynek: 5:00 PM
• Kiel - Landtag Kiel: 1:00 PM
• Koblenz - Löhrrondell: 1:30 PM
• Krakow - Rynek Glowny: 5:00 PM
• Köln - Neumarkt: 2:00 PM
• Leipzig: 2:00 PM
• Liberec - náměstí Dr. E. Beneše: 2:00 PM
• Lissabon - Praça de Luís de Camões: 5:00 PM
• Ljubljana - Prešernov trg: 12:00 PM
• Luxembourg - Place de l'Europe: 2:00 PM
• Magdeburg - Landtag/Domplatz: 1:00 PM
• Malmö - Sankt Johannesplan: 12:00 PM
• München - Marienplatz: 1:30 PM
• Münster - Servatiiplatz: 1:30 PM
• Nikosia - Πανεπιστήμιο Κύπρου | University Of Cyprus: 1:00 PM
• Osnabrück - Gewerkschaftshaus: 3:00 PM
• Ostrava - Masarykovo náměstí: 2:00 PM
• Plzeň - náměstí Republiky: 2:00 PM
• Potsdam - Luisenplatz: 10:00 AM
• Poznań - Plac Adama Mickewicza: 5:00 PM
• Praha - Palackého náměstí: 2:00 PM
• Ravensburg - Marienplatz: 1:00 PM
• Rostock - Universitätsplatz: 12:00 PM
• Saarbrücken- Tbilisser Platz vor dem Staatstheater: 2:00 PM
• Saloniki - Άγαλμα Μεγάλου Αλεξάνδρου: 2:00 PM
• Salzburg - Hauptbahnhof: 2:00 PM
• Stockholm - Rosenbadsparken: 12:00 PM
• Stuttgart - Rotebühlplatz: 2:00 PM
• Tallinn - Freedom Square: 3:00 PM
• Ulm - Hans-und-Sophie-Scholl-Platz: 3:00 PM
• Villingen-Schwenningen - Latschariplatz: 12:00 PM
• Warsaw - Jasna 14/16: 5:00 PM
• Wałbrzych - plac Magistracki 1: 12:00 PM
• Wien - Christian Broda Platz: 3:30 PM
• Wrocław - Rynek 1: 5:00 PM
• Würzburg - Bahnhofsplatz: 3:00 PM
• Zürich - t.b.a Zentrum: 1:30 PM
• České Budějovice - náměstí Přemysla Otakara II.: 2:00 PM
• Łódź - Plac Wolności: 5:00 PM

Please join them, and pass on the info!

## still saving the world tomorrow

Even if you are fighting to save the world, keep in mind that it will still need saving tomorrow. Please stay around. — ArneBab

In life, as in kernels, the most important thing is that the system stays up. — operhiem1 in IRC

## A small crowd-funding, RPG, non-freenet, but free licensed

If you want to help out on one of my other projects: I just started a short 3-day crowdfunding to print a free roleplaying game for the German free RPG day on march 23rd 2019.

All the rules needed to play the Zettel-RPG, a small universal game system designed to be played with minimal preparation. The rules take a few minutes to read, character generation even less. Simple and portable.

Jens Stengel's photographs of everything from dice to walnut shells provide a refreshingly unorthodox backdrop.

If you want to support that, please join the crowdfunding at https://www.startnext.com/zettel-rpg-grt2019

And remember to also take to the street on march 23rd against Article 13 of the new copyright directive of the EU! Let's combine the German free RPG day with the demonstration and give double meaning to our gathering!

It should be able to play FLAC songs directly in the browser: infinite-hands-free-software.flac

… and in an audio-tag:

## how fetchpullstats avoids a database

As noted on FMS, the old fetchpullstats used quite a powerful database backend to track inserted keys:

The downside to running this kind of thing is having to keep track of eventually many thousands of keys for months at a time while waiting for the trigger to try and fetch them for the first time after 2^n days.

The new fetchpullstats avoids that, since Freenet already provides this information.

The keys are simple KSKs with a long prefix followed by the target retrieval date and the days they were inserted before. Example:

Therefore if the current date is 2018-11-23 to check the lifetime of a key inserted 8 days before using realtime mode, I simply request the key above.

The prefix is generated at random (and saved) when the script is run at a place where there is no configured prefix.

That's how I can do this without a database backend. Freenet is a decentralized database and we can avoid a lot of complexity by using that. The state the fetchpullstats keeps is a single KSK prefix along with the measured results (on the order of 100 lines of text per day).

If you want to run your own fetchpull stats, too, you can get a snapshot of the code from SSK@P2fn~pFtoAPOeMQ4YZYZMelB2Q6IUHEskj8gGtZN3Vs,lql1C3-YiVgK3KVYf~ClATgNhgMTBb~MkS7NJwbb6KI,AQACAAE/fetchpullstats-d110ae753eaf.tgz

You need to install Guile on a GNU/Linux system, then you can simply run

./fetchpull.w


to collect data (run it daily, for example with a cron-job), and create the site with (needs gnuplot):

./fetchpull.w --site SITENAME ; cp fetchpull*.png SITENAME/


The latter command is only needed because there's still a bug which causes some of the files to have zero length when copied directly from the fetchpull.w script.

## new fetchpullstats

I've been direly missing the fetchpullstats by bertm, therefore I decided last weekend to recreate them. They aren't as fancy as the old ones, but all state except for a KSK prefix is stored in Freenet.

Also there's now a multithreaded message-multiplexing Scheme-library for FCP, though with only few message types implemented.

(this is a smaller version of the tool I built which avoids any external dependencies except for Guile)

If the cron-job works out, this should update daily, and in a few weeks time the info should be actually interesting.

## watch 1482

with 1481 Windows users had some sever performance problems. The initial workaround for that will be to reduce the peer-count. We got 3 reports that this fixes the problems.

Regarding anonymity, this should have little effect. You have fewer peers that mask HTL18 requests, but it will also be much less likely that an attacker connects to you, and statistical analysis which can theoretically break the HTL18 check will have to cope with much more noise because the fewer peers will reduce the smoothing of data from other peers, so it gets harder to ignore.

(and I have not yet seen any calculation which actually took into account that actual peer-counts are far from homogenous in Freenet)

I plan to insert 1482 tomorrow. You can watch what happens on the following status page. It should keep updating, but the script which creates the site isn't very robust, so no panic if it stops.

## verify-build, demystified

Now that we're on gradle, verifying that what I release is actually what's tagged in the source is much easier than before. These instructions are for GNU/Linux, and maybe other *nixes.

Firstoff: to verify 1482 you NEED Java 7 - in general you need the Java version I release with.

Copy it to /tmp/freenet-1482.jar

Then run the following:

failureWarning="FAILED TO VERIFY.
If you determine that this failure is not due to build environent differences,
then the source files used to build the published version of Freenet are
different from the published source files. The build has been compromised.
Take care to only run version of Freenet with published, reviewable source code,
as compromised versions of Freenet could easily contain back doors."

cd /tmp/
git clone git@github.com:freenet/fred.git
cd fred
git checkout build01482
mv build/libs/freenet.jar ../freenet-built.jar
cd ..
mkdir unpacked-built
unzip freenet-built.jar -d unpacked-built
(cd unpacked-built; find -type f) | sort > unpacked-built.list
mkdir unpacked-official
unzip freenet-1482.jar -d unpacked-official
(cd unpacked-official; find -type f) | sort > unpacked-official.list
if ! cmp unpacked-official.list unpacked-built.list; then
echo FAILED TO VERIFY: Different files in official vs built
echo Files in official but not in built are marked as +
echo Files in built but not in official are marked with -
diff -u unpacked-built.list unpacked-official.list
echo ""
echo "$failureWarning" fi while read x; do if ! cmp "unpacked-official/$x" "unpacked-built/$x"; then if [[ "$x" = "./META-INF/MANIFEST.MF" ]]; then
echo "Manifest file is different; this is expected."
diff "unpacked-official/$x" "unpacked-built/$x"
else
echo "File is different: $x" echo "$x" >> "differences"
fi
fi
done < unpacked-official.list
if [[ -s "differences" ]]; then
echo VERIFY FAILED: FILES ARE DIFFERENT:
cat differences
echo ""
echo "$failureWarning" fi  PS: This is a shorter version of the verify-build script: https://github.com/freenet/scripts/blob/master/verify-build#L169 ## Test for Freenet 1482 emergency release This release addresses increased CPU load in 1481 by reducing the peer-count. The lower number of peers should reduce the necessary work for routing. Since all nodes reduce their peercount, the bandwidth per peer rises, so the speeds should stay the same. If you give Freenet 100kiB/s upload speed, it will now request only 13 opennet-peers. Also 1482 applies the winterfacey theme adaptions by poet. You can test the winterfacey theme by activating it in Configuration -> Web interface. To help with testing 1482, please set the following as your auto-update key: USK@dLxKiIFKlfhgdgkYNlHoGoSO~KWRYPTkdbWfznZyatg,OwghtrmoY5Mj~1pfUHbo308FHZyTVwXfEXNX5C2EKT8,AQACAAE/jar/1481 This is also available on github as pre-release: https://github.com/freenet/fred/releases/tag/build01482 We especially need testers using Windows, ideally in a setup where Freenet 1481 caused extremely high CPU load. ## Freenet 0.7.5 build 1481 released Freenet 0.7.5 build 1481 is now available The Freenet Team is proud to release Freenet build 1481, the first build to be compiled from gradle! This concludes work during the past two years to make it easier for new developers to start hacking on Freenet. Your Freenet node should update itself from Freenet via the auto-update. This release rekeys the update URIs to ensure they are compliant with RFC6979. It also splits off java 7 into its own update key for 1482, so we can use java 8 starting with 1483. The updated keys have been split into shares using ssss-split and distributed among core developers to maximize our release management bus factor: https://en.wikipedia.org/wiki/Bus_factor We also added the Winterfacey theme and set sky-static as default theme until Winterfacey got more testing. You can test switch between themes on Configuration -> Web Interface Thank you for using Freenet! And a special thank you to DC* (desyncr) who tracked down an OOM so we could finally fix it and release after 6 weeks of fruitless search! • Arne Babenhauserheide, current release manager ## Basic Values around the world I think it is useful to understand that other people value other things than I do. My current best reference of that are the 18 values of the "Lebe Balance" program: Act Self Want Freedom in thinking Pleasure Prosperity Self-determination Power Social prestige Variation Influence Security Tradition Modesty Tolerance Willingness to adapt Caring Justice Follow rules Reliability Environmental Protection These values exist around the world, but the values which give you strength is only a subselection of them: your personal core values. When you act in accord with your values, you are happier and can more easily go forward. Note that you cannot easily change what you value. When someone does something alien to you, he or she might just put different weights on these values. Only one of them is prosperity (getting richer). ## Freenet World Domination Plan This is a high-level roadmap. We had several roadmaps in the past. They focussed on releases and on "when are we done". This one is different. It focusses on visions to find a stronger audience. It does not shun controversial topics and it is not a request for input. These are the powerful visions I see, ordered alphabetically: • Beautiful Freenet: Winterfacey by default, clean up UI warts (i.e. first time wizard). Get rid of those UX hurdles which are likely to cost us the most users. • Hosted Freenet: provide images (i.e. docker) to make it easy to run a Freenet node for all the transparent Freenet stuff which does not need highest security but which should still be available to people who need highest security. • Icicle Freenet: a crystal seed for darknet via mobile. Try the icicle app. Improve it. Show it. It's how we devs should be able to ping other devs on their mobiles. • Mobile Freenet: transient nodes without storage which only connect while on wifi and external power (~40% of the time) — and while the user browses. Announcement is fast enough for that nowadays, and median uptime of desktop nodes is lower (only two to four hours). • Multimedia Freenet: add more content filters and media tools. I want to stream songs over Freenet with <2 minutes delay => m3u + opus + tools to make that easy. Streaming video works well if pre-recorded. Must avoid recently failed. • Stronger Freenet: Increase security against attackers, i.e. with simple channels to hide activity from directly connected nodes. • Transparent Freenet: backend to other apps, installed and started on-demand. Makes Freenet available from any technology stack. Get Freenet into all major distributions, so programs can use it there, and provide a freenet-browser script and a run-with-freenet script which does all the steps needed to start Freenet and connect the browser or app securely (i.e. to Freenet with random IP and Port). • Unblocked Freenet: fix the pitch black attack and scale WoT. Makes Freenet interesting to tech-savvy folks with >10 years of experience. addition from FMS • Traceless Freenet: GNU/Linux LiveCD .iso image that can run entirely on a CD or USB stick, like Tails for Freenet. Locked down with all ports blocked except Freenet's opennet and darknet ports for that node*. Preconfigured with a locked-down browser. Distro: 1) nice-looking, 2) easy to use for people not used to Linux, and 3) work on older computers including 32-bit ones. ## 1481 test release If you saw a message by me about 1481, that was me. We have the hopefully final test release! ## optimizations for a chat app over Freenet Some info how to optimize inserts for a chat app: some optimizations that could help: DontCompress=true, use PriorityClass 1, ExtraInsertsSingleBlock=0, RealTimeFlag=1 take your Freenet node, go to plugins, enable KeyUtils, then open one of the inserted messages with the KeyExplorer: http://127.0.0.1:8888/KeyUtils/ what you need is for the key to NOT have a CHK redirect this is how it should NOT look for a chat app: http://127.0.0.1:8888/KeyUtils/?key=SSK@sUm3oJISSEU4pl2Is9qa1eRoCLyz6r2LPkEqlXc3~oc,yBEbf-IJrcB8Pe~gAd53DEEHgbugUkFSHtzzLqnYlbs,AQACAAE/random_babcom-368&hexwidth=32 this is how it SHOULD look for a chat app: http://127.0.0.1:8888/KeyUtils/?key=SSK@YOeUMvHNyr2RY1dQB0-4cppO2Ip-8zKf7CaszRhPqU4,OaISGGFz52FaD98m2JZo-2gQ2XErr0pb3DPkpvDkKxs,AQACAAE/changelog-1481&hexwidth=32 make the uploaded files small enough that you get an upload like the second one. jamesaxl: the effect is that Freenet then only downloads one single 1KiB key and is done. If you get a redirect (like the first link), then Freenet has to download the SSK, then download the 32KiB CHK referenced in the SSK. You NEED such a redirect if the data you upload is bigger than 1KiB. For text messages, better split them into two than go above the 1KiB (1KiB is one A4 page of ASCII text) You will WANT a redirect if your file is larger than 100KiB, because the redirect also adds redundancy: You then only need to download half the fileparts, so your file will live much, much longer. Do NOT split your file if it is larger than 32KiB. At that size the redundancy added by splitfiles increases the lifetime of the complete message a lot. You will most likely want that. That's it. I hope it is helpful for some of you out there! ## Changes in stats from bandwidth changes I noticed big changes in the network size estimate from the probes These correlate with changes I did to the bandwidth of the stats collecting node, so most of them are likely bogus. To get better stats, we'll need to re-check the algorithm which scales from probe results to the size estimate. It seems to have some dependency on the peer-count of the collecting node. More testing required … ## Wow, we won for now. Das EU-Parlament hat das Zensurgesetz vorerst gestoppt | The EU Parliament stopped the fast-tracking censorship law: https://twitter.com/Senficon/status/101481446048841318 Great success: Your protests have worked! The European Parliament has sent the copyright law back to the drawing board. All MEPs will get to vote on #uploadfilters and the #linktax September 10–13. Now let's keep up the pressure to make sure we #SaveYourInternet! — Julia Reda (Senficon) ## Petition against censorship in the EU, still open today; Parliament vote is tomorrow Tomorrow the EU Parliament decides about censorship in the EU. Please sign today to ask them to stop the censorship directive which would let chinese censorship look like kindergarden! (you're not anonymous there — you can't be in a petition — but you'll be one of almost one million petitioners, and it needs every single voice) ## Talk about Freenet by Aaron Jones in Phoenix Linux User Group Aaron Jones permitted me to upload his talk about Freenet. I enjoyed watching it, so I thought you might, too: "Aaron_Jones_+/Introduction_To_Freenet-zu9gM3_gIfM-vp9.webm":/CHK@cxNRV0398Q5xebr5L~J0JKDNRXxMMZ4WQ03ZsYJgUg0,tsiIOJEZNBWwa146PvTjEWo-JRPx5bYmErVjiGbG4~k,AAMC—8/Aaron_Jones/+_Introduction_To_Freenet-zu9gM3_gIfM-vp9.webm ## Quotes for Freenet Last year I wrote "we should quote presidents and the Guardian". I found a better quote by CNN — and by presidents. Here they go: /»there is no central server and no one knows who's using it so it can not be shut down … where there is a message it is likely to find a medium.«/ — CNN, 2005-12-19 »The liberty of the press is essential to the security of freedom in a state: it ought not, therefore, to be restrained in this commonwealth.« — John Adams, 1780, second president of the USA. /»When people talk of the Freedom of Writing, Speaking, or thinking, I cannot choose but laugh. No such thing ever existed. No such thing now exists; but I hope it will exist. But it must be hundreds of years after you and I shall write and speak no more.«/ — John Adams Letter to Thomas Jefferson (15 July 1817) /»No experiment can be more interesting than that we are now trying, and which we trust will end in establishing the fact, that man may be governed by reason and truth. Our first object should therefore be, to leave open to him all the avenues to truth. The most effectual hitherto found, is the freedom of the press.«/ — Thomas Jefferson, Letter to Judge John Tyler (June 28, 1804) »Our liberty depends on the freedom of the press, and that cannot be limited without being lost.« — Thomas Jefferson, letter to Dr. James Currie (28 January 1786) Lipscomb & Bergh 18:ii. /»What makes it possible for a totalitarian or any other dictatorship to rule is that people are not informed; how can you have an opinion if you are not informed?«/ — Hannah Arendt, 1974 /»And that is why our press was protected by the First Amendment — the only business in America specifically protected by the Constitution — … to inform, to arouse, to reflect, to state our dangers and our opportunities, to indicate our crises and our choices, to lead, mold, educate and sometimes even anger public opinion.«/ — John F. Kennedy's Address before the American Newspaper Publishers Association (27 April /»Without general elections, without freedom of the press, freedom of speech, freedom of assembly, without the free battle of opinions, life in every public institution withers away, becomes a caricature of itself, and bureaucracy rises as the only deciding factor.«/ — Rosa Luxemburg, Reported in Paul Froelich, Die Russische Revolution (1940). /»A popular Government without popular information, or the means of acquiring it, is but a Prologue to a Farce or a Tragedy, or perhaps both.«/ — James Madison, Letter to W.T. Barry (1822-08-04). »A critical, independent and investigative press is the lifeblood of any democracy.« — Nelson Mandela on freedom of expression, At the international press institute congress (14 February 1994). /»we believe that when governments censor or control information, that ultimately that undermines not only the society, but it leads to eventual encroachments on individual rights as well.«/ — Barack Obama, Rangoon, Burma on November 14, 2014 »If in other lands the press and books and literature of all kinds are censored, we must redouble our efforts here to keep them free.« — Franklin D. Roosevelt, Address to the National Education Association (30 June 1938). »The liberty of the press is no greater and no less than the liberty of every subject of the Queen.« — Lord Russell of Killowen, Reg. v. Gray (1900), L. R. 2 Q. B. D. 40. Also added on my clearnet page: http://www.draketo.de/english/freenet/answer-to-cannot-use ## Why freesites below 2 MiB live longer A rule of thumb which works for well-designed sites: As long as its below 2 MiB, every bookmark referencing the activelink of the site will keep the whole site alive. This goes double for crawlers. That way the site will live almost forever. However, a site larger than 2 MiB will fall out about one month after people stop browsing it: Once the site surpasses the 2 MiB limit, it must be split into multiple containers and the activelink will only keep one of the containers alive. // ## Building Freenet next branch offline While being offline for 6 weeks I had to build Freenet offline. The following tarball contains fred prepared with gradle so you can run it offline. Just check the README. This should allow all our anon devs to hack on next. Say something about finding something good in every problem :-) (the tarball is uncompressed, because freenet will do the compression transparently — it's around 330 MiB uncompressed) And if you value your anonymity, please use something which is actually offline: I did not check this setup for not trying to access the web, only for being able to operate without internet access. ## EU wants to filter all uploads, action tuesday 20th, with GitHub! EU wants to require platforms to filter uploaded content (including code). Yes, this is bad, and we have a chance to reach them next tuesday. With GitHub: https://blog.github.com/2018-03-14-eu-proposal-upload-filters-code/ More details: https://juliareda.eu/2018/02/voss-upload-filters/ (from Julia Reda) // ## changing ISPs, some downtime I'll be offline for a few days to weeks: Our current ISP is ceasing operations in the area and the new one might take some time to connect us. ## Watching 1479 spread over a day 75% of nodes update within a day. The gap up to 2000 represents about 9 more days. Generated with: for i in {2000..3440}; do wget -O$i-"$(date -u +%Y-%m-%dT%H-%M-%S)".html http://127.0.0.1:8889/strangers/; sleep 60; done  (VERSIONS="$(echo {1468..1479})"; echo index datafile $VERSIONS; for i in *.html; do for j in$VERSIONS; do
grep -A1 peer-version $i | grep -cP '\t'$j\$; done | xargs echo$(echo $i | sed "s/-/ /") ; done) > /tmp/frac.dat  gnuplot set xlabel "time / minutes since insert" set ylabel "peer count / strangers" set title "Freenet update propagation (seen from a non-updating node)" plot for [n=3:8] '/tmp/frac.dat' u (15+$1):(column(n)/column(n)*column(n)) w points title columnhead(n), \
"< tail -n +2 /tmp/frac.dat" using (15+$1):4 with lines title "1479"  ## releasing 1479 now Short notice: I am working on doing the release right now. ## the reason for the different peer counts The only reason why you can have anything between 10 and 140 peers is that bandwidth is distributed very unevenly across the globe. Freenet has to work well for users from Japan/Korea/HongKong (their internet speed is awe inspiring!) as well as for users with the equivalent of a double-ISDN line. (a reply I gave on FMS) ## snapshot pre-release for 1479 I created a preliminary snapshot of the first round of changes planned for 1479. It's built from https://github.com/freenet/fred/pull/621 — please give it some testing! CHK@azFEEEuDpDBBsOKkhvL5vfkVnOem9OBd6lXNKXkeLpA,lRfvSQ54DyeYLMYHOyV3npdh-Od8IzFQ4elkcpaQX3Y,AAMC—8/freenet-20171010-r1-snapshot.jar CHK@fIp8QFC2-iBxP~–5pWEdtkUZgxPARSvH8efKYqDcDC8,inlD8D~adR1ynt4481CDObstBimGcFayqQZshvNqr-s,AAMC—8/freenet-20171010-r1-source.tar.bz2 CHK@nOVBNOQTOH~MbUWenwlFVi0DDiJ6VT2QbHEg0N8WdJo,1J96YQ3~~bOtrAnnv9S3UiIPB1edY0Ux99DCDJudUPU,AAMC—8/freenet-20171010-r1-snapshot.jar.sig CHK@Vsaj-0-wGiX-Rr2i2aSml0b3CY7852yoOoCxP2rNgd0,6KpzZQJeJJzfAnRdloXD4d5api9fsqMJJRmwM2HSSfw,AAMC—8/freenet-20171010-r1-source.tar.bz2.sig Here's the high-level changelog: ## Sharesite, FlogHelper, or plain HTML In FMS there's a discussion about creating Freesites. Some contributions (each with quoted messages, I'm trying to include most of the thread with as few links as possible): The following is the second message I wrote. The three advantages of Sharesite over Floghelper are: • It's more robust, since it does not depend on WoT, it inserts (and provides links to) all resources you need to make a copy of the site, and it gives you backups of all your sites with a single click. In a Sharesite it's the base content which should stay available. It's single-page to keep it simple and small and efficient. Though random_babcom stretches the definition of small nowadays :) • It has additional privacy protections by only inserting at a fixed (but randomly selected) hour of the day. That way it hides your timezone and most of your activity patterns. • It has a wider range of usecases from very simple ones (just throw in some links and click "find keys and save") to simple ones (throw in a text, i.e. a manifesto), to medium complex ones (a single-page flog with a table of contents but without convenience like automatic dates for the entries). There are no complex ones, though. There could be (optional!) WoT integration, but that isn't on the current short-term roadmap, since I want to keep its inter-plugin dependencies minimal. Advantages of Floghelper are: • It holds vastly more promise for usability: no need to even know about keys (you upload to a WoT Identity), and the WoT IDs could be spidered automatically to generate local indexes of Flogs, following the trust tree (which prevents spam). You could even detect other flogs which reference yours and provide some kind of pingback with spam-protection. Floghelper could work just like Wordpress. Sharesite cannot: Sharesite will always have to expose some lower-level details to the user. • It provides multi-page sites in a style of typical blogs. Sharesite could not do that without changing its datastructure (i.e. a single page of sources), and that would reduce its robustness. I prefer Sharesite, because FlogHelper does not yet have the robustness and simplicity I need to just jot down something quickly, and because FlogHelper's speed is partly limited by the speed of the WoT-plugin. But I'm sure that if someone decided to invest a few weeks into it, FlogHelper could quickly close the robustness gap. It should never ever lose a Flog. ## New FMS ID for my role as release manager Up till now, if a user on FMS posted stuff I can't take, I could unsee him, but if he or she would have chosen to unsee me, he or she would not have seen freenet release discussions anymore. That's a power disbalance I don't want. Therefore I just created a freenet-release-manager account. Key: freenet-release-manager@vPuRconm3n2mbkhU~ZvrSg8DSJm3NAgX-dP4l-h4b2U,LndUgYvJSC-iNfE~xAOwRE1NYcoHqlUSfQ8ISbPIhrM,AQACAAE If you don't want to see my personal opinion, you can now set my FMS trust to 0 and still see my posts about freenet release management. Thanks goes to FreedomForever for alerting me of that power disbalance. He did not actually make this point, but I think it is the reason why he got upset — and it is a good reason. Finally a clarification: I am release manager, not "the manager of Freenet". I take care of getting stuff released, but otherwise I do not have any more power than anyone else, and I don't want it. I hold it with Casilda (Kass) Aguero: My father got busted for getting into a central position where too much rested only on him. I don't plan to make that mistake. (german site) ## the zen of tolerance You are entitled to voice your opinion. — freedom of speech You are not entitled to force it upon everyone. — freedom from noise You are not entitled to force it upon a subgroup repeatedly. You are not entitled to force your opinion upon someone if you are part of a group and each of you wants to do that. — freedom from harrasment You are also not entitled to hurl hate towards participants, since that would disrupt communication. — freedom from injury If you cannot stay respectful and friendly after being asked to, I will unsee you and advise others to do the same with a clear and brief explanation, so they can take an informed decision. — freedom to ignore I will use technical means to realize the zen of tolerance. Tolerance for intolerance is self-defeating. Continuous disruption of communication is censorship. Constant outrage disrupts communication. As does constant mocking. This could also be called the paradox of free speech: your freedom of speech is worth as much as mine. It ends where it impedes on mine. And vice versa. FMS and the WebOfTrust plugin implement a technical method which can be used to realize this. ## Freenetproject website mirror updated I found a way to make the freenetproject website mirror much nicer: make html SITEURL=/USK@0iU8[…public key]/freenetproject-mirror/490/  ## My Freenet talk for the SUMA award 2015 Here's a re-encoded version of the talk I gave to thank the SUMA folks for the award they gave to Freenet (in German): ## State of the climate I was seriously freaked out by a paper which showed significant increases in arctic emissions. Mike Perry (nodicemike.com) created this strip for me to finally visualize how I see the two main pathways of our future. The license is cc by. It's crazy to think that even in the best case scenario (humans keeping total CO₂ concentration below 470 ppm) the probability of staying below 2°C warming is just about 80%. More details are available on my website (http://www.draketo.de/english/politics/roll-a-die) and its Freereader mirror: draksites ## What is needed to release next? update: seems we need to switch to a new TUF tool for updates. This might take more time than I had hoped, since I'll have to dive into the release scripts and adjust what they do. • fix update.sh/.cmd (the last-line-of-defense failover updaters) in an on-freenet update¹ (requires fixing sha1test.jar from the java_installer) • prepare shipping JNA • check and use the new release scripts from operhiem1/Steve • create an on-freenet test release from gradle • include the new Windows tray with 64bit support from mrsteveman/Stephen • document how to release to the AWS-based website • do a test release to the website which works with ./update.sh testing • do a real release While I work on the release this list might get a bit longer with stuff I missed. ¹: they were broken during the switch to AWS because the old links no longer work. That said, my pyProbe-based statistics site (based on the work from operhiem1) is finally not-completely-broken anymore, and suddenly its node-count makes sense: Freenet Statistics Here's the working probe.config ## Unicorn shitting in my backyard A talk by Aral Balkan. License: cc by. ## Freenet devs on social media I found a Freereader site which aggregates social media posts from Freenet Developers: freereader Freenet devs I thought it might interest you. ## "what if I have no friends?" "I have no friend. How do you help people without friend?" Use opennet; and find friends, or at least comrades. People you meet to play scrabble, chess or skat — or my favorite pasttime: fantasy roleplaying games. Or just watch the sunday football game. Seriously. You'll need them if the shit hits the fan, and be it only that you have someone who calls you if you don't turn up some day. Given that you already worry enough that you're using Freenet, the shit might just hit the fan some day, without relation to Freenet, so go and try to make some friends. As a side effect that will increase your life expectancy and improve your health. Humans are terribly social creatures, even down to their immune system. ## security: darknet vs. opennet In Darknet your friends can launch the attacks which any stranger can launch in Opennet. In Darknet attackers have to corrupt your friends or invade your longterm social circle while in opennet they can simply wait till they get a connection to you (and there are ways to speed that up). So please use darknet. Build it one ref at a time Nowadays more than ever before: it is a time for darknet And if you cannot go darknet-only right away, start in hybrid. It is the path towards a global darknet ## What's announcement? who announces what to whom about what? Announcement means that you talk to the seednodes and tell them that you'd like to have references of other opennet nodes which fit to your position in the keyspace. Essentially you say "tell me who's close to this location". Then the seednodes send a request to that location and they tell you of all the nodes the request reaches. That way the nodes you get already fit the small world structure quite well (which is needed for efficient routing in Freenet). copied from an answer I gave on IRC ## Delay tolerant networking references This provides a sneakernet, but as far as I see it, it is without strong censorship prevention. It's still pretty interesting, though. Also Delay Tolerant Networking is getting ESA grants right now: They want to make satellites communicate reliably via non-permanent and high-latency links. ## Standard Score and Prediction Interval From Wikipedia, Public Domain. ## Better proxying freenet-browser script After creating the freenet profile, simply launch your freenet like this: firefox --profile ~/.config/freenet/firefox-profile --no-remote --new-instance http://somewhere.else ## GNU/Linux desktop share 2008 to 2017 Unit: GNU per kilowindows. Change: Growth by factor 2.5 Growth relative to all devices (desktop and mobile): factor 1.4 Mac changes nothing. Larger version: gnu-linux-desktop-share.png Background and data source: http://www.draketo.de/licht/politik/leserbriefe/gnulinux-gewinnt-marktanteile New data, somewhat depressing: • 2017-08: 2.7% / 89.15% • 2018-08: 2.24% / 87.78% • 2019-08: 1.76% / 87.86% ## Vision for a social Freenet An uploaded article of mine: ## Infinite Hands Sheet Music This is a two-page version of the Infinite Hands Sheet Music, fit for printing and playing at a campsite. ## Freenet als Proxy, praktisch (in German) Tut mir Leid, dass mein letzter Post komplizierter war: Er ist nur unter GNU/Linux automatisch umsetzbar, unter Windows geht das etwas anders (ich habe nur GNU/Linux). Praktisch: • In freenet.ini sollte irgendein zufälliger Port als fproxy.port stehen (zwischen 5001 und 32767). Ich nenne ihn mal NNNNN. • Die IP address to bind to sollte 127.x.y.z sein, mit x und y zufälligen Zahlen zwischen 0 und 255 und z zwischen 1 und 254. • In deinem Firefox stellst du in deinem Freenet-Profil¹ unter Erweitert->Netzwerk einen Proxy ein (den gleichen für alle Protokolle). Für diesen nimmst du Host 127.x.y.z und Port NNNNN (die Zahlen aus der freenet.ini) Dazu brauchst du noch die Einstellung, dass DNS über den Proxy gehen soll. Freenet-Links sollten jetzt im Freenet-Profil funktionieren (mit beliebigem Host und Port: das geht damit alles über den Proxy), aber im nicht-Freenet-Profil nicht mehr. Dafür kann das Freenet-Profil jetzt nicht mehr auf das Clearnet zugreifen. Auch das ist gewollt (ich habe schon mehrfach ausversehen nach einem Freenet-Link gegooglet, was fast schon der Worst-Case an Privatsphärenverlust ist). Viel Erfolg und weiter viel Spaß mit Freenet! Danke an den Nutzer, der mich darauf hingewiesen hat, dass mein Post zu kompliziert war! ¹: Der Nutzer verwendet JonDoFox, um einfach Profile wechseln zu können. Ich starte im vorigen Post Firefox via Befehlszeile mit dem anderen Profil. Die Befehlszeile steht bei mir auch in Der Grund dafür, dass das nicht Standard ist, ist übrigens, dass manche Nutzer sich beklagt hatten, dass sie nicht wussten, wie sie aus dem Freenet-Profil rauskommen. Wenn Firefox einfach neue Fenster im gleichen Profil startet, muss man alle Firefox-Fenster schließen (oder es mit --new-instance aufrufen). Ich starte meinen Freenet-Browser seit neustem mit dem folgenden Skript: freenet-browser ## Use Freenet as proxy (secure against spying attacks) By using Freenet as a proxy instead of connecting via HOST:PORT (i.e. 127.0.0.1:8888), you can avoid most attacks which try to find your freenet node by randomizing host and port (i.e. bind to host 127.15.19.2 and port 25678), but in your proxied browser all the standard links will work (i.e. http://127.0.0.1:8888/…). IP: 127.x.y.z with x y being random numbers between 0 and 255 and z between 1 and 254) PORT: a number between 5001 und 32767 (inclusive interval) If you forward it via SSH, also change your ssh forward to ssh -NL IP:PORT:IP:PORT HOST  with IP and PORT as the new 127.x.y.z and port you defined in http://127.0.0.1:8888/config/fproxy?fproxyAdvancedMode=2 as "IP address to bind to" and "Web Interface Port". The first IP:PORT pair is the local one, the second the remote one. (this might require additional work on MacOSX, since it might only use 127.0.0.1 as local IP) • Firefox This setup should be the strongest, because it uses a special profile for Freenet which should not interact with your normal browsing profile. Remember using private window mode, though, if you worry about your computer being infiltrated in some way. Setup: rm -r ~/.config/freenet/firefox-profile/ mkdir -p ~/.config/freenet/firefox-profile echo '//Firefox Default Settings //set proxy server settings user_pref("network.proxy.http", "127.0.0.1"); user_pref("network.proxy.http_port", 8888); user_pref("network.proxy.ssl", "127.0.0.1"); user_pref("network.proxy.ssl_port", 8888); user_pref("network.proxy.gopher", "127.0.0.1"); user_pref("network.proxy.gopher_port", 8888); user_pref("network.proxy.ftp", "127.0.0.1"); user_pref("network.proxy.ftp_port", 8888); user_pref("network.proxy.socks", "127.0.0.1"); user_pref("network.proxy.socks_port", 8888); user_pref("network.proxy.no_proxies_on", "127.0.0.1:8080"); // allow FMS user_pref("network.proxy.type", 1); user_pref("network.proxy.socks_remote_dns", true); user_pref("network.proxy.share_proxy_settings", true); ' > ~/.config/freenet/firefox-profile/prefs.js  (Replace 127.0.0.1 with the new "IP address to bind to", and 8888 with the new "Web interface port"). Usage: firefox --profile ~/.config/freenet/firefox-profile --new-instance --private-window http://somewhere.else/  • Chromium Chromium with proxy is easier to setup, but does not separate the two browsing modes as strongly: chromium --proxy-server=127.0.0.1:8888 --incognito http://somewhere.else/  ## New FMS ID I just switched to a new FMS ID. Find me at SSK@t-YmshUm43nS16QFieoZMfBdfieb9Opy0a2aMWsoH8o,7NqDX88r1R4SC~elmpW4SuKbnAOka~MKUuBufUWa2xQ,AQACAAE/ ## Please re-send your freemails Due to my recent loss of my node, I also lost my old freemails. If you sent me a freemail in the past 2 months, please re-send it (I most likely did not see it and now cannot access it anymore). ## Privacy Handbuch (german) Just found at privacy-handbuch.de, with latex sources: It's public domain (it says). ## Lost and recovered my node and Sharesites and WoT IDs Three days ago I lost my node to a disk crash. The first SSD I lost. I installed Freenet anew (just followed the headless instructions on https://freenetproject.org/download.html) and restored all node-* and node-*/* files from an old backup, stopped Freenet and adjusted the node.listenPort[PORT]= line in freenet.ini (in the freenet folder)) to have the same port as the node-[PORT] file and added the darknet noderefs again, but they would not connect: The backup was from before the switch to elliptic curves. Luckily I found a more recent backup. I stopped my node, copied the node-[PORT] file from the more recent backup into the freenet folder and started the node again. All darknet peers connected again. Then I loaded the Sharesite plugin and restored from my backups (luckily I had a recent backup: being able to just click a link to store a backup is great!). This page (random babcom) was slightly outdated: I simply copied the source off the version in Freenet. Finally I loaded the WoT plugin and hit You can create a new identity here. Just select Re-use an old secret key, enter the key and confirm that you know what you're doing. After barely one hour it's all running again now. It's so awesome to work with a system where almost everything can be recovered from the network — without needing any centralization. Thank you for taking part in it! Takeaway: The one file you need to backup in addition to your private keys is node-[PORT]. As long as you have that, your friends can send you their noderefs again without having to worry that someone else could use them to connect. That's it for today. ☺ Happy Hacking ☺ — and remember to do your backups! ## New attack against Freenet Update: The solution to this attack should be using a samesite cookie and as fallback for browsers without samesite support a check whether the referrer is a freesite (from Freenet). If both are missing, present a click-through (click to activate). There's an attack against Freenet and other networks. It allows one attacker to identify which freesites were visited, however if there are multiple attackers, each of them will see what other attackers checked as visited sites, so for freesites the false positives rate will be huge. The vulnerability was reported responsibly but then the reporter was pushed to publish before we had a mitigation ready :( I inserted a mirror of the attack description: timebleed As first measure, change the fproxy port: • shut down freenet, • go to ~/Freenet (GNU Linux) or %appdata%\Freenet (Windows) or the relevant OSX folder, • edit freenet.ini to contain fproxy.port=N with N a random number between 5001 and 49151 • start Freenet again. • You can now access your node at http://127.0.0.1:n (change the port from 8888 to N). This is not a perfect solution, it just makes the attack harder (an attacker needs on average 22000 requests to identify you as Freenet user — and must run them against all visitors — instead of needing just one). All help to mitigate this attack is welcome! (please write in FMS, freenet board) ## Unterstützung gegen Selbsthass Kann ein Mensch seine Sexualität sein Leben lang unterdrücken? Wenn Jonas ein guter Mensch sein will, wird er es müssen – er ist pädophil. Wir haben ihn bei seiner Therapie begleitet. Ein Bericht über die Erfolge eines Unterstützungsprogrammes der Bundesrepublik. Der Sinn des Deutschen Strafrechts ist nicht die Rache, sondern der Schutz der Gesellschaft und die Resozialisierung der Verurteilten. In dieses Programm kommt aber nur, wer noch nicht straffällig wurde. Dieser Artikel ist Gewinner des Henri-Nannen-Preises 2013. Meiner Ansicht nach zurecht. Das Hilfsprogramm der Charité findet sich im Netz unter https://www.kein-taeter-werden.de/ Es bietet inzwischen Zweigstellen in fast allen Bundesländern. ## Eternal Flame: Lisp (it's allowed to spread this as non-commercial + verbatim) Also known as "I'm sorry to inform you that Earth is about to be been eaten by a fire demon." :) Image CC by-sa by Ben Brockert: https://www.flickr.com/photos/wikkit/10212337584 ## the site was back after 6 hours We're up and running again on https://freenetproject.org — now with the new design. Have fun and Happy Hacking! ## HSTS and expired cert: our site is down for now The SSL certificate expired and we use HTTP Strict Transport Security (HSTS). That means: Our old site is down until the DNS can be switched over to the AWS site. Let's treat this as a test of what would happen if an attacker were to take down our clearnet infrastructure. ## 1478: add pinned certs I released 1478. It just adds pins to our new CA certs for the failover download if no Freenet connection can be established (via Amazon Web Services). This should allow us to switch to the new infrastructure, but it will not avoid short-term breakage. ## Infrastructure … This evening our certs run out. I uploaded a new update.sh which includes the new AWS certs. I'll make a release with the new certs in Freenet. We will have to get stuff working again after the certs run out, but there will be a chain of trust with the new certs having initially been released from infrastructure verified by the old certs (so people can compare what they get). (changes noted in https://github.com/freenet/fred/pull/611/files ) If you do not need to hide that you use Freenet, please test ./update.sh testing (accesses the clearnet site!) I posted a news item on the website that there are infra changes incoming: https://freenetproject.org/news.html#20170405-infra-changes I wish we could have done this much cleaner. We're still doing this as clean as our time constraints permit, but keeping to hard deadlines as volunteers with real-life obligations requires some trade-offs (this is my personal stance, not the position of the project. We cannot do what we cannot do so we have to make do with what we can do). On the upside: Updates over Freenet should keep working regardless of the clearnet infrastructure. ## Freenet infrastructure migration This lays out the steps needed to migrate to our new infrastructure with the new SSL certs. It is a short-term plan, but it should be compatible with moving to gradle and signed jars for validation of downloads (instead of sha1 files). If you find any problem in this plan, please say so — ideally with a suggested fix! If there's something missing, please do likewise! I plan to send this in an email to devl this evening. Basics: The new repo should be compatible with both plain file storage and retrieving and verifying dependencies from maven via gradle. I suggest a maven structure, but we won't be able to push that to maven central without changing our package to org.freenetproject — which would break all plugins and scripts and pull requests (which I think it's a no-go¹). Nextgens is preparing an S3 bucket at mvn.freenetproject.org. We'll start by uploading the binaries there, as https://mvn.freenetproject.org/org/freenet/build<#>/freenet-build<#>.jar{,.sha1,.sig} Tasks: • release a new build to the new and the existing infrastructure: • adjusted paths in updater.sh, updater.cmd, sha1test.jar and fred. • adjusted release scripts to upload to the new repo (and create the directories as needed). • adjusted gradle to allow publishing to the new repo (with full maven metadata) - • adjust download paths on the website paths: https://mvn.freenetproject.org/org/freenet/build<#>/freenet-build<#>.jar{,.sha1,.sig} ¹: it took us more than one year to partially recover from the db4o purge. We still have plugins which aren't adjusted to working without db4o, so I don't think we're currently in a position to do large refactoring with side-effects like that. ## Wiki and old-wiki, full backup I crawled the old-wiki and the wiki to avoid losing any content in the transition to the new wiki on github. The following are the tarballs. The actual source data is in /raw (old-wiki) or.raw (wiki). I also uploaded a clone of the new github wiki, as well as a tarball of the most current version. If you want to help to ensure that we do not lose any content, please grab the tarball or clone the repo with infocalypse or gitocalypse and add what is still missing. Then leave a note in FMS or Sone or FLIP/flircp with either a link to your repo or a tarball with the added files. USK@6~ZDYdvAgMoUfG6M5Kwi7SQqyS-gTcyFeaNN1Pf3FvY,OSOT4OEeg4xyYnwcGECZUX6~lnmYrZsz05Km7G7bvOQ,AQACAAE/freenet-wiki.R1/1 Note that some pages where combined, so not every missing sub-page is actually missing content. ## Freenet 1477 imminent: fixes regressions • fix clickjacking vulnerability • patch open redirect and header injection vulnerability introduced in 1476 • fix SSL which broke with Java7 due to missing cypher Sorry about that. ## Freenet 1476 released This is my first release as release manager. Main changes: • efficiency improvements: routing for fast nodes and sparse bitmaps • a new gif filter with improved security • improved maintainability by replacing custom code with standard code • show update info alongside bookmarks • ssl fixes • update plugins: Sharesite 0.4.4, Library v37, Freereader 6 Release notes with details: Thank you for using Freenet! Release information for the website is upcoming, but might wait till monday so we can give the press a fair "warning" (see https://github.com/freenet/website/pull/77/ ). ## Mailing list archives I uploaded the mailing list archives for devl and support: ## flircp: chat as plugin I built the flircp plugin from SeekingFor with fixes from TheSeeker and some experiments for speed hacks. If you want to try it, you can load the plugin from the following key: CHK@o1eRsD8vV5PM~wZzAxoT4IiTiZ0Ucub7uGtGZdTQRGs,mepNADzOVopYoTsRgb0fcmdVc4W949nC3TDao5nNMSc,AAMC--8/FLIRCP.jar  Here's an example session with timing information: [01:00:25] ArneBab I see myself! [01:01:38] ArneBab_flircp_10578 not seeing myself right now… [01:03:28] ArneBab I just got the outdated information that I don't see myself :) [01:09:13] ArneBab_flircp_10578 and read it here [01:09:49] ArneBab which I just learned about [01:10:06] ArneBab_flircp_10578 do your own timing [01:10:36] ArneBab it seems like my inserts from FLIP are seen almost instantly by flircp, but my inserts from flircp are seen by flip after more than 6 minutes [01:11:28] ArneBab_flircp_10578 :) [01:12:46] ArneBab_flircp_10578 just 22 seconds until I see my FLIP-insert in flircp! [01:15:06] ArneBab now 2 minutes until I see my flircp insert [01:15:10] ArneBab getting better :) (ArneBab is from FLIP, ArneBab_flircp_10578 from flircp) Current source: CHK@Dgm9KyIg1Ajw96IEJ3NTefWxQjPHGVnneNmS6WachBU,QITJtIWRXZJJ0dGsoMKYn8xSuh1n5wxVSYT34hwxij8,AAMC--8/flircp-2017-03-01.tar CHK@ySDd~JlBeCYfbyRV-fJH3C0Z-qxEMveAurC9-BL0ZgU,IUMz6YUo8OIJVBGOZnB53YpY~X45jwEZ1Sfye4-GZyY,AAMC--8/flircp-2017-03-01.zip  To build the source, copy freenet.jar and freenet-ext.jar from your freenet folder to ../ and then run ant. If building fails, please use the pre-built jar and tell us in flircp! ## deciphering flip datastructures (just a short pointer) flip identities are for example at flip messages for example at Note that they are inserted without any manifests or other added cost to keep latency low. This is from current work on FLIRCP thanks to TheSeeker (see https://github.com/ArneBab/flircp/ ). Use KeyUtils to check the keys. ## Theft! A history of Music I'm at page 87 right now. ## Scientific exploration of Freenet as a social space "Diagram of a Darknet: Exploring the Characteristics of an #Anonymous Space Online" — by +Roderick Graham This is something I'd long wished to see. From experience it's clear that people on Freenet are a strange mix, but this is the first investigation I saw into the social groups in Freenet from the perspective of social science. Practically it shows that we have been underestimating the societal importance of Freenet as an archive — despite users asking for "Freenet as backup solution" quite often. Deep social dynamics could be a driver of the lasting popularity of the keepalive plugin • the above Keepalive is broken, but there is a working version of Keepalive from TheSeeker Abstract: Journalistic accounts describe the Darknet as the "Wild West" of the Internet – a space for unsavory, criminal behavior. We apply Merton's strain theory to argue that the activity found on darknets is a result of a disconnect between the goals of private communication online and an Internet that is routinely surveilled. We use a random sample of 420 websites, or "freesites" as the primary unit of analysis. We ask two questions. First, what types of content are found on Freenet? We observe a wide array of content, consonant with a strain theory perspective. Second, we ask w hat are some of the characteristics that define Freenet as a unique space? We describe three characteristics: (1) Freenet is an archive of subcultures, (2) Freenet is a nonmarket space, and (3) Freenet is a digital wilderness. ## On Paranoid Release Management When I published the first version of Freenet Release Management users on FMS harshly criticised that I did not check hashes of jars I downloaded, nor of GPG signatures — I violated well-known good practice (which is rarely followed, but should be). In response I did all the tests possible to check whether files were corrupted — i.e. using a man-in-the-middle attack — and now the release VM is as well checked as I can make it. Thank you for this. Taking all possible precautions is less convenient than just downloading stuff from the clearnet, but it is good practice for a reason: The more care we take on securing our environment — the more paranoid we act where we can actually change things — the less likely we are to be attacked. And I don't want to be attacked. I want to make myself so utterly replaceable for Freenet that taking me out would only cost someone else 30 minutes of setup until we have a new release manager in place. And then maybe someone anonymous. Yes, this feels paranoid. But acting paranoid does not mean you're not followed. And thanks to GPG, hashed data and version tracking, we can ensure that attacking the release manager does not allow attacking Freenet users. I do not want to be in a position where I could de-anonymize Freenet users. As long as we can provide that, I can feel safe as release manager. Please help me with that by holding me to high standards. ## Freenet release test (help needed) I just made my first full Freenet release, using a test key to avoid disrupting the network in case I made a mistake (so your node will not update to this automatically). If you want to help test whether everything works, please go to the auto-update config page in advanced mode ( http://127.0.0.1:8888/config/node.updater?fproxyAdvancedMode=2 ) and replace the key with USK@82nyT~XJlSSX6pK0MBfJ8Qg4VB8BftFkUiE6KdA77GE,B3PZFyjq90O~zpzS8Dx0DC8KlTmAlWqr9Bzx3tiQlsE,AQACAAE/jar/1475  There are no changes compared to 1475, except that I did the release. For information about my release process, see ## documentation for releasing freenet The past few months I've been building my release manager setup and documenting the path to get there. I'm now almost there (I hope) and uploaded a freesite with all the steps I did till now (I plan to update it with anything else I have to do): The instructions on the site include a full set of fake key and server setups to allow for safe experimentation without actually needing the real freenet update keys. Also I just started uploading the freenet release disk image (for qemu, documentation for using it is on the site linked above) to make it easy for anyone to experiment with doing fake freenet releases. However it's 5.5 GiB compressed, so the upload will take a while :) ## FMS Discussion about Freenet on Android The past few days there were repeated questions about Freenet on Android. There was a discussion with practical experiments using Freenet on Android: You can also find this in FMS archive Look there for the current answers. ## Überwachungsmaßnahmen 2016 ## FOSDEM 2017 I'll be at FOSDEM 2017-02-04 in devroom K.3.201 with my talk starting 17:00! Full Schedule: https://fosdem.org/2017/schedule/day/saturday/ This is not a Freenet talk but a Guile talk, but might be interesting anyway. Who else will be at FOSDEM? ## money poll: robust top 20 The most robust result of the poll is: we should definitely do these five tasks: • Darknet invitation bundles (requires single use references) • Improve FProxy CSS3 support to allow better Freesite UI • Friend requests, like in Facebook • Short node references • Keepalive • Finishing the first iteration of Web of Trust speed fixes (1) • Fixing the installers (2) These 7 tasks together are already estimated as 17 person-weeks, which would leave us 15% buffer for unforseen problems. As well as in the discussion threads from December 2016 ## been there done that Dear citizens of the USA… — The Germans who hope that we won't have to repeat history with switched roles. Unsurprisingly the other side answers with long-exposed lies and FUD. ## Thinning Arctic Ice, 34 years visualization Download the original at http://svs.gsfc.nasa.gov/4510 ## Thanks for all the fish AGU publications published "The world's biggest gamble", a short commentary on how to go on with climate change. (Open Access: cc by) I am hard pressed not to become sarcastic. Not because the commentary is wrong. It's spot on. But because we, as a species, are … I'll stop speaking my mind for now. Let's hope that hope wins against frustration and our children don't have to pay too dearly for the idiocy of my generation and the generation before. ## "Building the darknet one ref at a time" - ts That's what we have to do. If you invite three people and help those of your friends with similar interests to connect¹², and the people you invited then do the same, we get exponential growth. ¹: Helping your friends connect works as follows: • ask: First ask your friends whether they want to connect to others. Just go to the friends page, tick the checkbox next to each of the friends you want to ask and click the drop-down list at the bottom named -- Select action --. Select "Send N2NTM to selected peers" and click "Go". A text field opens with which you can send a message to all the peers you selected. I typically ask something like "Hi, do you want to connect via darknet to fellow pirate party members?" (replace "pirate party members" by whatever unites the group of people you're asking). • noderefs: Go to the friends page in advanced mode ( http://127.0.0.1:8888/friends/?fproxyAdvancedMode=2 ). There you find a link named "noderef" next to each name. Just download the noderefs of the people who want to connect. • introduction file: Then copy them into a text file and add a short description of each person before the persons noderef. • upload: Now upload that text file. I use freenetupload from pyFreenet for that, but regular insert via the browser ( http://127.0.0.1:8888/insertfile/ ) works as well. When the upload finishes, you'll find the link on the uploads page ( http://127.0.0.1:8888/uploads/ - see the column "key"). • message: Go to the friends page again (I'm lazy and use simple mode: http://127.0.0.1:8888/friends/?fproxyAdvancedMode=1 ), tick the checkbox next to each of the friends you want to help connect and click the drop-down list at the bottom named -- Select action --. Select "Send N2NTM to selected peers" and click "Go". A text field opens with which you can send a message to all the peers you selected. • write and send: Write something like "The following link includes the noderefs of people you might want to connect to. Just copy the noderef (from 'identity' to 'End') into the text field on http://127.0.0.1:8888/addfriend/ if you want to connect. If both of you do that, your freenet nodes will connect". Copy the link to the uploaded introduction text file into the text field (below your text) and click "Send message". ²: Only connect those with similar interests (who might in the real world meet in a club or at work or who are related by blood or association). This is needed for efficient routing in Freenet. ## fniki is much easier to use than I thought See fniki howto Naturally it's a fniki. ## How to share a bookmark with your darknet friends Just click at http://127.0.0.1:8888/ on  (my bookmarks). Then you see "Share" next to each bookmark. When adding a bookmark you can directly choose with whom to share the new bookmark. ## EFF Whitepaper on IP Addresses Educating Police and Judges on IP basics. ## Celebrating FMS People on FMS are right now writing a big thank you to SomeDude for writing FMS. And I think that is great! From me, too: Thank you, SomeDude! If you do not run FMS yet, you can access the currently written messages directly via Freenet: ## A clean way to devise a roadmap democratically Something I only understand now, which I wish I had had before. Steps to devise a roadmap democratically, which avoid the problems of the current process: • Propose this method. Only go for the next step if there are no strong disagreements or alternatives (including "let's not do this") which get more support. • Clearly define the scope (i.e. decide on a roadmap or spend a fixed amount of money or get a clearer picture of the wishes of the community) • Define who takes part in the vote (i.e. active contributors or active developers or donators or long-term users or all users) • Gather tasks. Ideally use existing roadmaps. • Refine tasks: complete list of non-overlapping tasks. Described briefly. • Add effort estimates to tasks, i.e. in person-weeks - from developers. If no consent can be reached for the effort of a given task, you can provide the range of the effort estimates. Now the tasks have a short description and the required effort. • Ask users "in which order should we do these tasks?" (i.e. assign letters A to Z) • Decide with a clearly defined flavor of the Condorcet method (i.e. Benham). With this, users know beforehand how many of the tasks in their list could be done with the amount of development time available. If we have money for 20 weeks, people are unlikely to choose a 30 week task as first task, because then nothing will be done when the money runs out. That way it's transparent what a given vote stands for. If we don't have time for clean gathering, revising and cost estimation, do not use a democratic decision. Democratic decision making takes time, becaues it is necessary to ensure that all who are eligible to vote have all information necessary to take an informed decision. Instead, you can reduce the scope to just getting a sorted wishlist. If less is at stake, you can be sloppier. Only ask people to decide on things we can definitely deliver with the resources we are sure to have. ## I was targeted by an attack on GnuPG/PGP See the details on the Sharesite gnupg-attack Or check my website in the clearnet: draketo.de/english/gnupg-attack ## 20 years of KDE, the book Infocalypse repo: hg clone freenet://ArneBab/20-years-of-KDE  If you like it, donate or buy it: https://20years.kde.org/book/ ## fms 77 vs. 78 Just as short note: - st=m_db->Prepare("SELECT IdentityID FROM tblIdentity WHERE IdentityID NOT IN (SELECT TargetIdentityID FROM vwCalculatedPeerTrust);"); + st=m_db->Prepare("SELECT IdentityID FROM tblIdentity WHERE (PeerMessageTrust IS NOT NULL OR PeerTrustListTrust IS NOT NULL) AND IdentityID NOT IN (SELECT TargetIdentityID FROM vwCalculatedPeerTrust);");  In short: Now only checks identities which are actually trusted. That should give quite a nice speedup. Here's the full diff: fms-src-77-to-78.html Created with: diff -ur fms-0.3.7*/src > fms-src-77-to-78.diff  And parsed to html with: cat fms-src-77-to-78.diff | pygmentize -l diff -f html -O full -o fms-src-77-to-78.html  ## My csv's in the task planning thing ## If you are interrogated by police, do not ever talk. They might be using the Reid technique to get you to confess a less evil crime than what they claim to be able to prove. And you won't find out before they get an emotional handle on you. From Wikipedia: Reid technique Under the Reid method used since the 1950s, falsely accused suspects were treated aggressively and told lies about the amount of evidence proving their guilt. Such exaggerated claims of evidence, such as video or genetics, led to potentially innocent suspects becoming overwhelmed. Juan Rivera…was wrongfully convicted of the 1992 rape and murder of 11-year-old Holly Staker. A number of pieces of evidence excluded Rivera, including DNA from the rape kit and the report from the electronic ankle monitor he was wearing at the time while awaiting trial for a non-violent burglary. However, he confessed after being interrogated for several days using the Reid Technique. You have the right to a lawyer. That's the only thing which is useful to say (until police stops using abusive methods). ## Why there are few people on FLIP / IRC over Freenet Today a user joined the #freenet channel in FLIP and asked why there are so few people there. The answer are timing attacks: Any realtime communication method allows correlation with your physical activity. Just by watching when you come online people can try to single you out. A note like "I'm going to buy something" could suffice to tie you to a PayBack card, or to a video surveillance recording — especially with Opennet where all users who take part are known, but not their Pseudonyms. That means people in a high-threat environment cannot use realtime communication. But for all than naysaying: For the majority of people here who want a pseudonym which cannot easily and provably be correlated to their reallife ID, FLIP is a pretty nice tool. FLIP makes us independent of IRC networks. We can self-host our realtime discussions. And in theory (from its protocol and the data available) it could be improved to have delayed message support (for high-threat environments) and to re-read history on startup. It just has to be done by someone. ## pyFreenet 0.4.1 with auto-spawn support in fcpupload I just put up a new pyFreenet release: If you have Python3 and pip >= 8 you can get it with pip3 install -U --user pyFreenet. It provides a cleaned up fcpupload script with —spawn support (requires GNU/Linux): pip3 install -U --user pyFreenet echo 1 > testfile fcpupload --spawn --fcpPort 9486 testfile # add -p 1 (high prio) and -e (realtime) for higher speed  It creates a Freenet node which listens at port 9486 (except if one already exists there), inserts the testfile, waits until the upload finishes, gives you a CHK link to the file and stops the node afterwards. Also fcpupload now works again when used with a remote node. This is tested by doublec, but still has rough edges (For example pip3 install can fail with error: option —single-version-externally-managed not recognized). But it works: people who have Java and Python3 installed on GNU/Linux can now upload files into Freenet without having to worry about Freenet at all — even without ever seeing it. ## EWS 3.0 nimmt langsam Form an ## Efficient commandline multiprocessing with Python3 Assume you want to run multiple commandline programs, but since you have odd file names, GNU parallel would subject you to lots of quoting hassles. Using Python3 you can do it efficiently - both in terms of always having a process running on each processor as well as in terms of being fast and easy to write. import subprocess as sp # for calling your program import shlex # to split a command as the shell would, but without the security issues of a real shell import concurrent.futures as con # for a thread pool # first get the thread pool with con.ThreadPoolExecutor(max_workers=4) as e: # 4: number of processors for i in range(100): # any kind of tasks cmd = shlex.split("echo '{}'".format(i)) e.submit(sp.check_output, cmd, shell=False)  That's it. Ensure to have readline activated in your Python so you can build these commands incrementally. Happy Hacking! ## Activate readline in Python No commandline interface is complete (or even remotely usable) without readline support. This is what I have in my ~/.pystartup: # Add auto-completion and a stored history file of commands to your Python # interactive interpreter. Requires Python 2.0+, readline. Autocomplete is # bound to the Esc key by default (you can change it - see readline docs). # # Store the file in ~/.pystartup, and set an environment variable to point # to it: "export PYTHONSTARTUP=/home/user/.pystartup" in bash. # # Note that PYTHONSTARTUP does *not* expand "~", so you have to put in the # full path to your home directory. # import atexit import os import readline import rlcompleter # historyPath = os.path.expanduser("~/.pyhistory") # def save_history(historyPath=historyPath): import readline readline.write_history_file(historyPath) # if os.path.exists(historyPath): readline.read_history_file(historyPath) # readline.parse_and_bind('tab: complete') # atexit.register(save_history) del os, atexit, readline, rlcompleter, save_history, historyPath  Happy Hacking! ## Using –1 as USK version number also gets 0 This was discussed recently in FMS and someone claimed that it's not possible to always just get the latest version because –1 cannot redirect to 0. I tested it: That statement was wrong: USK=…/-1/ happily redirects to USK=…/0/ if that is the latest version. However I'm not sure whether this only works if your node already knows the key version 0. ## Freenet over Tor See the article by doublec: Freenet over Tor ## An efficient way to remove content from freenet… … is to upload large quantities of content many people in Freenet wish to access, so they keep the data alive and your subsequent uploads have a larger chance of displacing remaining blocks of some content you actually want to remove. To say it with XKCD: cc by-nc, from Randall Munroe via xkcd 810 /It's not quite a perfect solution, because those answers might be constructive, but still bury answers which are more constructive, so mediocre answers could drown out great answers. But it gives people the chance to find good things./ ## in case anyone thinks voting is easy… Here's an implementation of the debian voting system I just found: (from http://www.seehuhn.de/pages/vote — I chose that one because it has a tarball) Just unpack and ./configure Then create a file which looks as follows V: 123 V: 213 V: 3--  With each line being a vote which orders a set of options from most preferred to least preferred (in this case 3 options). Then run ./debian-vote [your file] ## Task planning value poll documents The following are the documents for task planning. Fill out either of them and post them or a Freenet-Link to them on FMS, Sone, a freesite, FLIP or the devl-list. In the files there is one value at 10, because the original version used a value of 14.925 to fit the 1000. This is not a hint that you should put 10 there, just a simple measure to ensure that you can distribute points without having to calculate the total value - as long as you always add only what you subtract. If it goes as I think best, this is just an opinion poll, not a binding vote. So please give your honest opinion about the value you think completing a given point would provide for Freenet. ## there's no temporary mitigation; opennet is the temporary mitigation That's from Florent / nextgens. Perfectly captures the relation between darknet and opennet. If you want to be safe, get people you know to start using Freenet and connect to them over Darknet. Confidential N2N messages to your friends are a nice bonus you gain from that. (context: over the years many people suggested to make a semi-trusted darknet to mitigate the problem that some people do not know enough friends to connect. That's what Opennet provides) ## Stats down: stats node was heavily loaded Short note: The stats page shows a heavy drop of IDs online IDs. That's an artifact of overload on Steves node. He fixed it and it will be up at the value from a week ago within a few days. ## Die Principia Diskordia Eins der Werke, die ich hier her kopieren darf, und die eigentlich längst hier hätten sein müssen :) CC by-nc — zum Werk passend die umstrittenste der CC Lizenzen :) ## Publish in under 6 minutes with Freenet and Sharesite A short screencast which shows how to get your own Freesite in about 5 minutes. (I know it's not perfect. Please make a better one if you can) Details: ## Video Contact Sheet, a free video thumbnailer I looked for video thumbnail generators, and this is the best I found — the LGPL licensed bash-script vcs (be sure to use —anonymous) Full sources: vcs-1.13.2.tar.gz Requirements (most desktops should have all, or most, of them): ImageMagick (at least version 6.3.5-7) (convert, montage and identify commands), mplayer or FFmpeg (preferably both), and some common stuff available on most sane desktops: bash (≥ 3.1) (for bash v2.05b use vcs 1.12.2), sed, grep/egrep, getopt and cut. What would be even better is if someone could create a thumbnailer which chooses frames based on a measure of interestingness — for example gradients in the stills, as it is done for images. Examples (sadly the full versions are all paywalled, but the abstracts should give you a hint what I mean): ## 1475 is risky: If you don't want it to break your setup, please test it! Florent released 1475-pre1 last saturday. Please test it — especially if you use Windows (since no core dev uses that) but also on GNU/Linux and MacOSX! ./update.sh testing  ## Fun with stenography (not quite steganography, but without the text around it, it's pretty close to steganography for those who don't know the shorthand system Deutsche Einheitskurzschrift (DEK) ☺) More info in German: Die Ranmex ## the audio tag (in 1474) // Fun: Thanks to the mp3 fixes from bertm and thanks to Florent merging my audio-tag work, the above now works (if you run next built from source or at least build 1474 which is not yet released at the time of writing). We finally have convenient music in Freenet! (the song is the Hero of Freenet, adapted from the Hero of Canton from Firefly) Use it like this: <audio src="https://d6.gnutella2.info/freenet/CHK@isWfMMvheTKf37kgQi~CM82Xtgo5D5J8p-Q0C61T5~E,RaXwRgxI5DzMP9WqCClvIn5mWKt-GiUYKx1CVCAwGhs,AAMC--8/the-hero-of-freenet.mp3" type="audio/mpeg" style="height: 20px" controls="controls" preload="auto" ></audio>  ## Omnia kommt nach Karlsruhe! 23. July 2016! Vorverkauf bis 11. Juni! Mittelalterbands: • „Saltatio Mortis” • „Faun” • „Mr. Hurley & Die Pulveraffen” • „Omnia” • „Saor Patrol” • „Cobblestones” • „Rapalje” • „Cultus Ferox” • „Metusa” • „Duivelspack” Stelzentheater: • „Feuervögel” Gaukler: • Kontaktjonglage „Kerry Balder” • Kraftjongleur „Bagatelli” • „Jeremias” • „Lupus” Feuerformationen: • „Cross Fire” • „Danse Infernale ” Weitere: • Kindertheater Zauberer „Heiko” • Fechtkampfgruppe „Fictum” • „Dudelsack- und Drehleierworkshops” • „Tanzworkshop” ## hotfix testing release, please test! There's a testing release with hotfixes for three pressing problems: 1. When a bandwidth less than the minimum bandwidth is configured, the node no longer fails to start, but uses the minimum bandwidth instead. This fixes a regression introduced in build 1473. 1. Selecting the monthly bandwith limit failed and only allowed setting the minimum bandwidth. 1. A metadata validation bug that has plagued Frost users for the past two days is fixed, which caused most of the affected node's requests to stall after a malicious splitfile is fetched. Update with ./update.sh testing (this will connect over the internet, don't do this if you're using pure darknet) For details, see the mailing list or the fms message: ## Planning Freenet tasks in Freenet bertm is regularly uploading the task-planning Freesite to enable anonymous users to take part in the discussion: Submit your comments to the following FMS thread so they can be integrated by non-anonymous folks: I don't agree on using Google Docs for this, but as long as it isn't important to the workflow (though only because people proxy — thanks go to Ademan and bertm), I'll take part. ## Today I'll be 34 let's see what this day has in store ☺ ## Material to understand Freenet For the basics, have a look at some slides I wrote: http://www.draketo.de/proj/freenet-funding/slides.pdf If you want to go somewhat deeper, you can look at the articles I wrote about Freenet, as well as the wiki: And if you want to go really deep, look at the papers: https://freenetproject.org/about.html#papers After that, there's only the source, the one true source of truth: https://github.com/freenet/fred/ // ## Sharesites with style… I think all Sharesites should have a link at the bottom to get the stylesheet. Yes, I'm the one who should do that — this is just a note to myself to remember doing it :) ## 1w6 Ein-Würfel-System in Freenet Ich habe die Deutsche Druckfassung von 1w6.org in Freenet hochgeladen: Die Seite enthält nicht nur die Beschreibungen, sondern auch das komplette Technophob-Regelwerk und 10 Jahre Charakter-Logs. Und sie funktioniert in Freenet gut. Als Ergänzung habe ich das Grundregelwerk als PDF hochgeladen: 1w6-regeln-2.6.1i.pdf ## The Hero of Freenet (Thank you, Firefly!) Inspired by Hero of Canton (The Ballad of Jayne) from Firefly: http://www.browncoats.com/index.php?ContentID=468740c2b0ff2 Update: seconds -> seasons, breakage -> problems. Steve, the man they call Steve! Ref: He worked for a switch and he worked for the poor Stood up for the man and he gave him what for Our love for him now ain't hard to perceive, The hero of Freenet, the man they call Steve. Now Steve saw the gaters nodes breaking, he saw the Mac folks lament, And he saw that Oracle takin' Every dollar and leaving five cents. He said "you can't do that to my people!" "You can't grab our folks by their throats!" So Steve strapped on his hat and in five seasons flat fix the problems which sunk Freenet nodes. Ref Now here is what separates heroes from common folk like you and I, the man they call Steve gave his grudges a leave and fixed Windows boxes to fly. He ran the Microsoft devtools, He got those MacOSX bars, The man they call Steve gave his grudges a leave then used Linux to head for the stars. Here we go! Ref Head over to Youtube to hear how this could sound: /PS: If you plan to record this, please make a new, separate identity for that. Your voice and playing style are never anonymous. Chords are at the official Firefly website shown above (browncoats). I can already sing it OK, but I cannot yet play it right — maybe you'll beat me to it :)/ /PPS: And thanks to whoever once shared Masterharper of Pern mp3s in Gnutella, through which I found Filk music from which I now buy quite a few CDs every year and which became a home for me! Music which is shared on websites which are already being dropped from the Google index. Where else do you think would you meet 100 people who sing about everything from Pern to Lord of the Rings, DnD, Witchcraft, Hacking, Shadowrun and Harry Potter?/ ## Goals for Salt donations at Bountysource Hi, I now set the Bountysource Salt goals I proposed in the previous mail (contained after this text): copied here: conference travel costs$250
We can now cover the expenses to get Freenet developers to conferences for spreading Freenet

• yearly Freenet Hackathon $750 In addition to the conferences, this finances a yearly Freenet Hackathon to allow the farspread development team to actually meet in person and dedicate a weekend to the most efficient way of hacking: an in-person hackathon. • one paid part time developer$3,050

If we reach this goal, we can hire a part time developer (after taxes it's about 1.2k$/ month net salary). • one paid full time developer$10,000

At this point we can hire a dedicated full itme developer and push Freenet core forward much stronger, as well as ensure that contributions get reviewed and merged promptly (after taxes it's about 3-4k$/ month net salary). It's now also linked on the donation page ( https://freenetproject.org/donate.html#donate ), so Salt for Freenet is now as official as it gets. Please comment! Best wishes, Arne > Steve Dougherty writes: >> On 03/07/2016 05:50 AM, Arne Babenhauserheide wrote: >>> I'd like to revisit the discussion about monthly donations via salt on >>> bountysource. >>> >>> We have an account with currently one anonymous monthly supporter and >>> one non-anonymous supporter: >>> https://salt.bountysource.com/teams/freenet/supporters >>> >>> This allows us setting actual monthly targets which people can check --- >>> for example sufficient monthly donations to support a developer. >>> >>> If we want to make salt part of Freenet donations, I will put it on the >>> donation page. If I remember correctly, the previous discussion was >>> inconclusive, so I'd like to get your opinions again: >>> >>> >>> Will we take salt money? >> >> I'd be fine with that. > > Since there were no other opinions, I consider this as general > agreement. We will take Salt money. > > I added a pull-request to link Salt from our donation page: > https://github.com/freenet/website/pull/51 > > While I was at it, I also reworked the donation page a bit: > https://github.com/freenet/website/pull/52 > > So the next question rises: Do we set targets? Some ideas: > > -$250: cover expenses to spread Freenet at conferences.¹
> - $500: cover expenses for a yearly Freenet Hackathon.¹ > -$2300: one paid part time developer.²
$while true; do ssh -NL 8888:localhost:8888 \ -L 4242:localhost:4242 -L 8080:localhost:8080 \ -L 8088:localhost:8088 -L 8889:localhost:8889 \ -L 9481:localhost:9481 -L 9482:localhost:9482 HOST; date; sleep 5; done (hit CTRL-a d to detach the screen)  Ports: 8888 (freenet), 4242 (quassel), 8080 (FMS), 8088 (Winterface), 8889 (second Freenet node), 9481 (FCP control of Freenet), 9482 (FCP for second node). ## Klarnamenspflicht hilft nicht gegen Nazis, sondern bedroht Diskussionen Die Pflicht zum gesicherten Klarnamen bringt keine Verbesserung — schon heute hetzen viele Leute mit Klarnamen. Das Gegenteil ist der Fall: Die Klarnamenspflicht ist eine Bedrohung für all diejenigen, die sich gewaltbereiten Nazis argumentativ entgegenstellen. Die müssen dann nämlich mit physischen Angriffen rechnen. Als Hintergrund: Ein Blogger gibt auf (leider darf ich das wohl nicht hochladen…) Ein Blogger gibt auf, weil er und seine Familie massiv bedroht wurden. Die Erklärung von Heinrich Schmitz, Ex-Kolumnist von The European und ehemaliges Mitglied der Initiative #HeimeOhneHass, im Wortlaut. ## Dayblind, a cyberpunk novel published incrementally on Freenet Yay! The author is IOKU from Sone ## Python to Guile Scheme — Freenet exclusive version This is the Freenet exclusive ebook. If you got it via other channels, please install Freenet and share it there! https://freenetproject.org — when free speech dies we need a place to organise! You get this, because you cannot buy it without exposing your identity. And because by using Freenet you contribute to securing free communication. If you like the book and you don't fear for your pseudonymity, please buy the paperback or regular ebook! draketo.de/py2guile ## follow the blue rabbit = 🐇 = follow the blue rabbit through the looking glass to find your real self = 🔍 = ## „Weitgehend von der Öffentlichkeit unbeachtet“ Falls mal jemand eine Webseite über politische Korruption schreiben will, wäre das ein toller Titel… Hat auch gleich ein Kürzel: WevodÖffu ☺ ## scheme-based FCP library (Racket and Guile) Dinky's Evil Twin (sone://EWtk1limedjBM2LnGE3~z98tC8bLTu9ryLIMcFgg8PI) created an FCP tool for Racket and Guile: • Racket: • Guile: This started with an alternate Python FCP library: For details see the Sone-Thread ## Lunar eclipse tonight There will be a lunar eclipse this night. See http://eclipse.astronomie.info/2015-09-28/ The total eclipse starts at 4:10 MESZ (UTC+2) and ends at 5:23 MESZ. 4:47 MESZ is the darkest point. I plan to get up around half past 4 and wake the little ones so we can enjoy the red moon together :) Roter Mond, überm Silbersee, Feuerglut wärmt den kalten Tee, Kiefernwald in der Nacht, und noch ist der neue Tag nicht erwacht. // PS: the upload of Earth Warrior finished. Get it while it's hot :) ## cronjob: update freesitemgr site at random I created a cronjob which chooses a freesitemgr site at random and uploads it with some obfuscation. Throw it into /etc/cron.hourly/ and make it executable (chmod +x /etc/cron.hourly/17-freenet-update-random-freesite.cron) to have one upload per day. It will upload on average once every 24 executions. The purpose of this script is to allow people to upload several different freesites without exposing that all of them come from the same person. ## Activism, Larp, nature and a pagan folk band playing reggae (also "you may copy it on any kind of medium", which I hereby do ☺) ## Ask yourself whose Freedom it is If the office worker has most opportunities, it is the freedom of the office worker. If the capital owner has most opportunities, it is the freedom of the capital owner. Look at BitCoin and ask yourself, whose Freedom it is. — lose translation from Die Schmetterlinge (1977) ## my first paper is peer-reviewed! ☺ happy ☺ Comparing the CarbonTracker and TM5-4DVar data assimilation systems for CO₂ surface flux inversions On the clearnet you can find it on http://www.atmos-chem-phys.net/15/9747/2015/acp-15-9747-2015.html The supplement includes the full sourcecode for the plots as well as most plotted data (as much as I could release), and all of it is licensed under CC by-sa (our institute changed its policies, and now open access licensing is the preferred form of publication! It's hard to overstate the significance of that decision — say again that you can't change big institutions ☺). ## Profile based privacy for Pseudonyms: A legend I've long been thinking about profile-based privacy. When I create a new anonymous Pseudonym, it should create an activity profile based on common patterns. Some people are active on weekends, others write in the evening of their time zone, or in the lunch break at work. The definition of weekends differs across the world. And this differs by language (English is pretty widespread and Spanish is only missing in Asia, but if you speak Japanese any timezone outside Japan is unusual). Then there are the holiday seasons. The system should automatically choose a holiday season and then stop updating during a randomly selected interval in the holiday season. What else is there? The cost of this is that communication between these anonymous Pseudonyms is slower than between non-anonymous people, since a reply can only arrive in the next activity interval after it was written. And it needs a minimum wait time to avoid spilling your real communication pattern by replying too quickly (when the real activity time and the fake one overlap). Essentially we need an automatically created and enforced legend, an expanded version of bug #4753 To discuss this, please come to FMS, public forum, thread "Holiday season and security of Freenet/FMS". ## Using Freenet for Static Websites in the Clearnet Have a look at the article from Bluish Coder Freenet now directly powers his clearnet site via nginx serving as reverse proxy. And yes, the URLs are nice: bluishcoder.co.nz/2015/09/14/using-freenet-for-static-websites.html Happy Hacking! ## no longer working darknet connection after restoring from backup Some months ago there was an update to the crypto which causes the node to compute new types of (more secure) keys. If you restore a backup from before this update, your node will compute a different set of keys, breaking all your darknet connections. So best do a backup of FREENET_FOLDER/node-PORT right now. And keep it somewhat up to date. (this already struck twice: once it killed all my darknet connections and just now it killed the connections of one of my darknet friends) Ideally when this occurs the Freenet UI should show a warning: /"The secure keys for Friend NAME changed, but the old, insecure keys still fit. Either this is a MitM attack, or your peer restored from an ancient backup. [disable peer] [update peer (I asked and he or she restored from an ancient backup)]"/ ## get the test scripts > So, if you can, please run the release-checks. They are the only effective protection against corruption of the whole network by compromised-and-remote-controlled developer-machines. Is there a guide of how to do this? It's probably possible to spin up a VM with a specific build environment we can check against but the key thing is to know what that evironment is. Toad wrote about that in 2012 I just cloned the maintenance scripts repo into Freenet: hg clone freenet://ArneBab/freenet-scripts  This needs Infocalypse with WoT integration If you use Infocalypse without WoT, you can clone the repo via hg clone freenet://USK@6~ZDYdvAgMoUfG6M5Kwi7SQqyS-gTcyFeaNN1Pf3FvY,OSOT4OEeg4xyYnwcGECZUX6~lnmYrZsz05Km7G7bvOQ,AQACAAE/freenet-scripts.R1/1 (both links are equivalent — the WoT one is just shorter and easier to memorize :)) ## More optimized streaming *Warning: Running arbitrary commands like these can be dangerous for your anonymity and your system: m3u8 playlists can trigger access to any resource, even local devices. If you want to be safe, read the playlist file before running the command.* mplayer -prefer-ipv4 -fixed-vo -nocache -playlist SSK@vJ9s3JNTQZDKADPcFyAj7XyL0gtVSC3~Lc3ewvoA2KI,2Ft9oY0SrCJH83E9OYTATEPN7G~9LjizmjVoMiUeU80,AQACAAE/w8-playlist.m3u8?forcedownload=true To create a stream yourself: ./freestream-webm.sh big_buck_bunny_480p_stereo.ogg w8  using the script freestream-webm.sh The main goal of this is to allow playing videos while they are being downloaded, essentially providing a distributed streaming platform. This script is adapted from the one bertm created, adjusted to use vp9 and vorbis instead of mp4. If you have opus, you can reduce the required bitrate a lot. The target segment size is set to <400 kiB, because this allows the splitfile info to fit into the toplevel SSK. Caveat: The video isn't seamless,yet, since mplayer does not preload the next video in the playlist. Get the repo via hg clone freenet://ArneBab/stream-over-freenet For details on getting the repo, see Infocalypse and pyFreenet If we wanted to make this secure, we'd need a content filter for m3u8 (then the url could drop the ?forcedownload=true) and for video (we have unreviewed ogg filters which haven't been merged yet). If you want to contribute, have a look at the existing two pull-request for video (which both need work to be merge-ready): An option to improve the experience of the stream would be to increase SEGMENT_SIZE_KBYTE to 3500 (below 4MiB) and always use one level of indirection (having the splitfile info in a CHK instead of embedded in the top-level SSK). Thanks to doublec for the shoutout from Pitcairn Island ## Streaming a video over Freenet *Update: TheSeeker found the gist with the old and more advanced script from bertm again: https://gist.github.com/bertm/69b05cac7ae2121ed700 — I added the script into the repository.* We once experimented with streaming over Freenet. Today a collegue asked me about whether we could build a youtube-portal using Freenet as backend. Within an hour we reconstructed the streaming solution. Before starting, have a look at the playlist file we'll use to ensure that it only accesses content within Freenet (this ensures that it does not compromise your privacy): "stream.m3u": Watch the stream with mplayer -prefer-ipv4 -fixed-vo -playlist CHK@FgF2w6K5wOPrA7NYzw4eTABq9gyPjHUBEhRJuER7uV4,xZ5dtAL9sLi4sgLFRAa4piaAO6FrJ97Gt6NfStnvix4,AAMC—8/stream.m3u?type=text/plain Get the repo via hg clone freenet://ArneBab/stream-over-freenet For details on that, see Infocalypse and pyFreenet Something like this would be cool for that: ## Morphis and Freenet Since the question how morphis differs from Freenet came up more than once, here's the short version: from what I understood, morphis has no friend-to-friend layer (the Darknet-mode in Freenet — by building on Kademlia, morphis relies on being able to connect directly to all participants), its anonymity is tor (easy to crack with timing analyses and DoS attacks), its spam-resistance is proof-of-work where Freenet uses a web of trust (morphis threat model: commercial spammers, freenet threat model: people who want to break freenet), it claims to be fast, its keys are predictable (censorable). In short: Freenet can already provide everything morphis wants to do, and more. To compare: Forgotten Cypherpunk Paradise "Even if X should work, it would provide only half of Freenet, and none of the really important features - friend-to-friend darknet, access dependent content lifetime, decentralized spam resistance, stable pseudonyms, hosting without a server" Missing features in morphis: friend-to-friend darknet and access-dependent content lifetime (what does it do if the datastores are full?). Morphis comes closer to Freenet than any other system I know, but it's still a long way from it. Or rather: Freenet already provides what morphis only promises. Morphis sounds ambitious, and the developer sounds very motivated, but that's it. On the upside, I just released Freenet Communication Primitives part 2: Service Discovery and Communication: how to find new people, build secure communication channels and create community forums — in 300 lines of Python. ## Kleingeister Heute in Twitter ☺ ArneBab, "(2015-08-13)":https://twitter.com/ArneBab/status/631832396476903426 und ein „Kleingeister bleiben Kleingeistig“ an all jene, die sich gerade über Rechtschreibung aufregen. German-Catholic (@Christ_Germany): @ArneBab ein ist Singular , von daher ist Kleingeister falsch ArneBab: @Christ_Germany „ein“ steht offensichtlich für den Satz „Kleingeister bleiben Kleingeistig“. Hätten Sie nun über Großschreibung gesprochen…☺ @Christ_Germany das zeigt schön, wie Konzentration auf Unwichtiges den Blick auf das Größere versperrt ☺ ## Mirroring a (small) website into Freenet This is the script I use to mirror the freenetproject.org site into Freenet. It isn't perfect, but it works well enough for now. #!/bin/sh cd ~/freenetproject-mirror wget -m -N -nH -k -p -E —no-check-certificate -e robots=off —no-cookies -U 'Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.6) Gecko/20070802 SeaMonkey/1.1.4' https://freenetproject.org https://freenetproject.org/jnlp/freenet_installer.jar https://downloads.freenetproject.org/latest/new_installer_offline.jar https://freenetproject.org/jnlp/FreenetInstaller.exe https://freenetproject.org rm *\?*html ## Blogger vor Nazis verstummt Wer das hier nicht weitergibt hat den Knall nicht gehört. Schmitz Heinrich gehörte zu den Initiatoren der Petition #HeimeohneHass. Warum er nicht mehr bloggt: Rechte Hassbürger und Meinungsfreiheit - Eine Kapitulationserklärung (leider darf ich das wohl nicht hochladen…) Ein Blogger gibt auf, weil er und seine Familie massiv bedroht wurden. Die Erklärung von Heinrich Schmitz, Ex-Kolumnist von The European und ehemaliges Mitglied der Initiative #HeimeOhneHass, im Wortlaut. Wer das hier nicht weitergibt, hat den Knall nicht gehört. Ja, das meine ich genau so hart, wie ich es sage. Wenn es dich motiviert selbst aktiv zu werden, achte darauf, dich auch in der echten Welt zu vernetzen - Leute physisch zu kennen, die dich unterstützen, falls Rechte dich angreifen. Im Zweifel Leute zu haben, die sich einem Rechten Mob in den Weg stellen würden, wenn die Polizei nicht oder nicht rechtzeitig kommt. Leute zu haben, die es merken, wenn du nicht bei der Arbeit auftauchst oder psychisch an den Bruchpunkt kommst. ## Discussion Paper: Ice melt, sea level rise and superstorms: evidence\\ from paleoclimate data, climate modeling, and modern observations that 2\\°C global warming is highly dangerous Since last week there's a paper in pre-publication public discussion in ACPD (Atmospheric Chemistry and Physics). Its implications are staggering. License: CC attribution (open access) ## Infinite Hands finally in Freenet It took far too long, but now it's in Freenet: With a partial Russian and Esperanto translation. ## Down again Less than a day after posting the “my sites are back” message They are down again. This time united-domains which provides my domain names has network problems. Was up again after a few minutes ## Why GNU Guile with input from amz3 • include a scripting layer with ease • faster development • used in GNU Cash, Lilypond, … (TODO: finally get Lilypond to work with Guile 2.x!) • real threads, safely • for C and C programs • develop your tools with elegance • interactive shell (REPL) • multi-language runtime • efficient webserver • libraries for POSIX systems • ties into GNU Guix • Guile Scheme has your back • exact math • tail recursion • hygienic macros (can be broken explicitly) • object orientation as you need it (GOOPS) • …and if you want something else reuse strict ECMAscript (Javascript), Emacs Lisp or basic Lua - or just add a new language require("srfi.srfi-1").iota(10, 5, 7); fhtagn — works in GNU Guile when called with —language=ecmascript • Get GNU Guile ## What is Freenet? The answer in 2015. The Freenet Project is what you get when mate Tor or i2p with decentralized hosting (no single point of failure). Is is what you get when you take Maid Safe and add a friend-to-friend darknet in which those files stay available which users actually access (instead of the ones for which people pay). And it is being used for anonymous communication and improved by people around the world since 2000. It is the forgotten cypherpunk paradise which this year won the SUMA award for online privacy: https://freenetproject.org/news.html#20150211-suma-award ## Männliche Lust, immernoch ein Tabu Da 1w6.org nach dem Hacker-Angriff vor einem Monat noch immer down ist, aber das Thema gerade durch das Hotpants-Verbot einer Schule in BW akut ist, gibt es hier die Freenet exklusive Vorabversion eines geplanten Artikels. Kurzfassung: Ja, Männer haben oft Probleme, kurze Klamotten zu ignorieren. Weil sie ihre eigene Lust nicht verstehen. Das ist, was wir ändern müssen, und nicht die Kleidung von Frauen. Jetzt dazu, wie wir das verstanden haben. Wer ohne die vorherigen Artikel auf 1w6.org den Kontext vermisst, kann auf archive.org den vorletzten Artikel nachlesen: Sexualität im Rollenspiel und bei Skythief den letzten: Sexualität im Rollenspiel – Ein Kommentar Die Spielerin des Fuchsmenschen in unserer Runde hat beschrieben, wie ihr Charakter versuchte, den Vorzügen seiner Liebessklavin zu widerstehen und dabei den Männern in der Runde ungewollt gezeigt, wie tief verwurzelt bestimmte Tabus noch sind. Doch von vorn. Wir haben gerade einen Nachfolger zur Herrenrunde gespielt. Die Charaktere kamen zurück auf das Schiff der Menschenhändler, diesmal mit dem Plan, ihrem Treiben ein Ende zu setzen. Wieder hat eine Spielerin den Charakter gespielt, der sich als Menschenhändler ausgeben sollte (Neminis gab „Neru Toharu“), doch diesmal war die Charakterin ihres Freundes nicht Frau und Partnerin ihres Charakters, sondern nur noch Frau und Sekretärin (Mira gab „Kieru“), denn um ein für die Herrenrunde möglichst plausibles und schmeichelhaftes Bild abzugeben, hatte sie entschieden, dass sie die Liebessklavin Kerani, die Neminis bei dem letzten „Besuch“ in der Herrenrunde (der vielen der Herren den Hals brach, wenn auch nicht den schlimmsten) geschenkt worden war, als dessen neue Gespielin auszugeben. Jetzt genug mit Einführung. Neminis hatte Kerani gerade mit einer der Sklavinnen von dem Schiff mitgeschickt, und der Sklavin die Anweisung gegeben, Kerani so elegant und gleichzeitig aufreizend wie möglich zu kleiden. Dann beschrieb die Spielerin, wie Neminis sich vorbereitete, um den Reizen Keranis widerstehen zu können (er war ihnen bisher erst einmal erlegen, im Vollsuff, und er geißelte sich seitdem dafür, weil er ihren absoluten Gehorsam nicht ausnutzen wollte). Sie erzählte, wie er meditierte und sich konzentrierte. Die Männer in der Runde wurden schon unruhig. Wir spürten, dass das so nicht klappen konnte. Ich schlug eine kalte Dusche vor, was aber auch nicht besser war - stereotyp, hilft aber erfahrungsgemäß nicht wirklich - dann sagte jemand „na einen abwedeln“ (oder so) und alle Männer der Runde lachten verschämt. Kein befreiendes Lachen, und erst Recht kein Auslachen, sondern das beschämte Lachen, das entsteht, wenn alle wissen, dass ein Tabu gebrochen wird, dazu aber nicht wirklich stehen können. Einer erklärte „die Luft rauslassen, wenn dann nach dem dritten Mal nichts mehr da ist“ und noch ein paar weitere Umschreibungen fielen. Ich merkte, wie komisch die Situation sein konnte, deswegen sagte ich, „Du siehst, dass wir mit dem Thema alle nicht ganz klar kommen, sonst würden wir nicht so verschämt lachen“, und andere bestätigten das. Die Stimmung entspannte sich wieder und die Runde ging weiter, aber in mir blieb die Überraschende Erkenntnis zurück, wie stark in allen Männern in der Runde das Tabu der Onanie noch verwurzelt war. Wir sind alle um die 30, zwei der Männer in unserer Runde sind verheiratet, davon habe ich schon zwei Kinde, zwei weitere sind Single. Und wir alle haben Probleme, frei über Onanie zu sprechen. Und damit über einen zentralen Aspekt der männlichen Lust - genau wie auch über männliche Lust allgemein. Für alle Männer in der Runde war klar, dass die Selbstkontrolle, die Neminis an den Tag legte, teilweise ans Unrealistische grenzte. Das haben unsere Blicke deutlich gezeigt. Aber wirklich beschreiben konnten wir es nicht. Das soll nicht heißen, dass ein Mann eine Frau nicht ohne Lust ansehen kann. Das geht, und ich konnte es selbst lange Zeit sehr gut - solange ich noch Jungfrau war deutlich leichter als seit ich meine Frau kenne - doch das braucht eine bestimmte Geisteshaltung, eine Geisteshaltung, die aufrechterhalten werden muss, und die schneller Sprünge kriegen kann, als man erwartet. Und das ist ein tieferes gesellschaftliches Problem, als dass wir einer Spielerin nur schwer erklären können, wie sie ihren Charakter plausibel spielen kann. Es wird viel über sexuelle Belästigung gesprochen, doch die Lösungsansätze dafür bleiben oft in den Symptomen stecken. Rote Karten, Strafbewehrte Verhaltensregeln, Klagemöglichkeiten, usw. Diese Lösungsansätze sind wichtig, denn sie reduzieren den akuten Leidensdruck von Frauen, helfen also, eine Situation zu entschärfen, die für die Hälfte der Bevölkerung unerträgliche Belastungen bedeuten kann. Aber sie schieben Frauen die Aufgabe zu, die Symptome von Problemen zu lindern, die ihren Ursprung darin haben, dass nicht nur Onanie, sondern männliche Lust an sich in unserer Gesellschaft zutiefst tabuisiert ist. Wir können uns heutzutage mit einem Mausklick Bilder von männlicher Lustbefriedigung besorgen. Doch Lust selbst, wie sie entsteht, wann sie entsteht (oder auch nicht) und wie man mit ihr umgehen kann, das ist so Tabu wie Onanie. Es berührt die Ideologie des immer freien Willens, und es berührt den Zwang, immer funktionieren zu müssen. Ich persönlich bin hier einer Autorin von eroticstories.com zutiefst dankbar: Sie schrieb „erst war es für mich komisch, dass mein Mann auch während unserer Ehe onanierte, doch inzwischen habe ich verstanden, dass er mich trotzdem liebte und unser Sex trotzdem erfüllend für ihn ist“. Hätte ich diesen Satz nicht gelesen, hätte meine Beziehung vermutlich kaum ein Jahr, mit Sicherheit aber keine 10 Jahre gehalten. Und das ist ein gesellschaftliches Problem: Warum muss ich erst auf einer obskuren Seite noch obskurere Texte lesen, um Weisheiten zu finden, die heute ein essenzieller Teil meiner Ehe sind? Unsere Eltern können das nicht leisten, die haben selbst noch mit der verklemmten Sexualerziehung unserer Großeltern zu kämpfen, und wir können froh sein, wenn sie uns nur einen Teil davon weitergeben und nicht gleich das ganze Paket von Schuld und der Schmutzigkeit unserer Körper. Wie sollen wir lernen, ein gesundes Verhältnis zu unserer eigenen Lust zu haben, wenn wir zulassen, dass sie so stark tabuisiert wird - wenn wir uns selbst erlauben, sie zu tabuisieren? Nicht nur angeblich reine Liebe, sondern auch die genauso menschliche und auch genauso positive Lust war Auslöser schrecklicher Schlachten und eine zentrale Triebfeder von Politik, doch wir als aufgeklärte Menschen lachen, wenn wir darüber reden, dass Männer Onanieren, um ihre Lust im Zaum halten zu können. Ich erinnere mich da an eine Szene aus den Säulen der Erde (Ken Follet): Der (böse) Prinz onaniert, nachdem er die Frau des (guten) Maurers beobachtet hat. Kaum eine Szene hat meine eigene Haltung zu meiner Lust und zu Onanie mehr beschädigt als diese: Lust wird hier als dunkle Kraft gezeigt, die in die geistigen Abgründe der Höllenqualen führt. Als eine Verderbtheit, eine Schwäche des Charakters. Und nur der Böse hat onaniert. Die Guten taten sowas nicht - auch nicht in den meisten anderen dieser in Beziehungen erschreckend verklemmten Fantasy- und Science-Fiction-Literatur. Über Sexorgien lässt sich leicht schreiben, aber über die Lust selbst wagt es kaum einer dieser Bücher zu sprechen (auch wenn Bücher hier schon viel weiter sind als Filme). Und auch diejenigen, in die ich bei diesem Thema die meisten Hoffnungen gesetzt hätte, lassen uns erschreckend alleine: Während durch feministische Aktionen Frauen mehr und mehr Selbstbestimmung der eigenen Sexualität zugestanden wird (ja, das meine ich so böse, wie es klingt), haben sie zum Verständnis der Lust des eigenen und des anderen Geschlechtes kaum etwas beigetragen - zumindest kaum etwas, das ich mitbekommen hätte. Was heißt, dass obwohl es solche Beiträge gibt (Stichwort sexpositiver Feminismus), diese Beiträge die heutige Gesellschaft bei Weitem nicht durchdringen - obwohl die wirklich helfen könnten, eine der Ursachen von sexueller Gewalt in unserer Gesellschaft zu beheben. Jetzt genug des Meckerns, zurück zum Thema: Nicht nur Sexualität ist heute tabuisiert, die Lust an sich ist es. Sobald lustvolles Handeln Gedanken der Sexualität beinhaltet, nennen wir es nicht mehr Genuss, sondern Wolllust. Und Wollust wird als Böse verschrieben, doch nicht wirklich thematisiert (wie so oft dienen Schubladen dazu, es zu vermeiden, sich mit dem Thema wirklich zu beschäftigen). Ist es ein Problem, wenn ich meine Frau mit Wollust betrachte? Ist es nicht ein viel größeres Problem, wenn ich das nicht tue? Oder ist es ein Problem, wenn ich es tue und sie sich gerade nicht so sehen will? Wann hat meine Frau Lust und wann nicht? Ich verstehe es nicht - und doch ist das für mich noch viel einfacher, als für ungebundene oder Leute in freier Ehe. Die müssen in der Lage sein, zu erkennen, wann relativ Fremde Lust haben, und sie auch ausleben wollen. Und das können wir kaum verlässlich schaffen, solange Lust so ein starkes Tabu ist wie heute. Ich verstehe nur teilweise, wann mein Körper reagiert, und was das bedeutet. Und ich kann es noch viel schwerer mit anderen besprechen - selbst wenn ich mit meiner Frau spreche, greife ich auf Umschreibungen zurück. Überall um uns sind Reize, aber wer sich von ihnen berühren lässt, wird als schwach gesehen. Leute sagen „Die ist scharf!“ und in Filmen gibt es dann und wann ein „Die macht mich geil!“, aber kaum jemand spricht davon, wie sich das eigentlich anfühlt, was es eigentlich bedeutet. Es ist so viel leichter, über Sex zu tratschen und sich nicht selbst zu offenbaren, als über Lust zu reden und dabei einen Teil des eigenen Selbst zu offenbaren - und damit einen Berührungspunkt zu liefern. Obwohl Lust ein völlig natürlicher Teil unseres Lebens ist, so wie Hunger und genussvolles Essen. Beantworte ich hiermit Fragen? Lasse ich sie offen? Ich glaube ja, aber ich hoffe, ihr seht es mir nach. Ich würde das Thema gerne tiefer durchdringen, aber ich befürchte, dass ich meine Runde damit an ihre Grenzen bringen würde und möglicherweise auch für mich gefährliches Terrain betreten würde. Nachdem ich diesen Artikel geschrieben hatte (aber noch nicht abgetippt), habe ich in einer anderen Gruppe noch eine Runde Barbaren gespielt. Die Ansage „nur beiderseitig gewünschter Sex“ war überraschend gut darin, die Runde von Exzessen abzuhalten, aber ich habe auch wieder eigene Grenzen gespürt. Was ist Lust, was ist Lebendigkeit, was ist Freiheit, was ist Macht? Warum kann ich Flirten, Annäherung, das Erwachen der Lust, die ersten Berührungen, den Moment des Eindringens und die Ektase des innigsten Kontaktes nicht mal in einer reinen Männerrunde frei ausspielen? Ist das eine Freiheit, die mir fehlt? Hätte ich sie erlangt, wenn ich in meiner Jugend mit gleichaltrigen unterwegs gewesen wäre, statt Bücher zu lesen? Oder wäre ich dann noch verklemmter, weil ich mich nicht so leicht auf eigene Faust gegen gesellschaftliche Konventionen hätte stellen können? Weil ich das Urteil meiner Kumpel gefürchtet hätte? Vielleicht könnt ihr mir helfen: Fällt es euch auch schwer, offen über Lust zu sprechen? Fällt es euch leichter? Oder lasst ihr das völlig außen vor? Sind Sexualität und Lust Teil eurer Runden? Fühlt euch frei, hier anonym zu schreiben: Das hier ist die Freenet-Version des Artikels. Der Freenet Social Networking Guide beschreibt, wie ihr Freenet für anynome, spamresistente, komplett dezentrale Kommunikation verwenden könnt. ## Pre-Crime comment: If it's not illegal, it's legal. Currently people are discussing pre-crime in Sone > What if someone researched blunt trauma damage with hammers and started carrying a hammer around? This is my contribution: If he does not make death threats, he doesn't do anything illegal. For all we know he could be a blogger who wants to write about hammers as weapons. Or a roleplayer researching realistic rules for his contemporary martial arts rulebook. Back in the days I was in an email list where we discussed how to get dirty nuclear weapons into the US, because one of the members wanted to run a campaign where they players have the goal to stop terrorists from doing that. I'm pretty sure that that got us on all kinds of watchlists - except if we were already in their "crazy SR_D freaks, they only play Shadowrun" filter. Strange coincidence that I'm in Freenet now, which is the closest real-world equivalent to jackpoint, the darknet p2p data haven in Shadowrun ## Das Problem der Troika: Syriza meint es ernst Ich habe gerade einen Artikel in der Taz gelesen, der ein völlig anders Bild auf die Syriza geworfen hat, als andere Medien. Genauer: Es war der erste Artikel, den ich gesehen habe, der von den Leuten gesprochen hat, die Syriza am Laufen halten. Von der Gruppe junger Deutsch-Griechen, die sich des Vertrauens der Bevölkerung sicher sind und daran glauben, dass sie etwas verbessern können. Heute ist mir dann aufgegangen, warum die Troika mit Syriza nicht klar kommt. Syriza meint es ernst. Sie wollen wirklich die Situation der Griechen verbessern und für die Bevölkerung kämpfen, die sie gewählt hat. Und dabei noch für echte Demokratie in Europa kämpfen. Und das Neuland für die Troika. ## My deepweb story On reddit someone asked: What's your deepweb story? This is my answer Please share it! I am a Freenet user, and I had quite a few frightening experiences. Once someone threatened me for telling him that killing Netanjahu is a dumb idea which would only make matters worse for Palestina. But wait, that was on G+… Then that other time, when I was insulted by Neonazis. But wait, that was on twitter… How about when someone brought down my site to hack into other computers? No, that was my normal clearnet site. Twice… So there's the problem with Freenet. We have few horrorstories. People who use Freenet generally know what they are getting into. They are warned at every moment to be careful with what they click on and what they talk about. To the point of generating random names by default, so they aren't tempted to reuse a nickname. I know that there is bad stuff, but I ignore it, because in Freenet that actually makes it go away: If no one accesses it, it gets overwritten by new uploads. So we don't actually have much interesting to share in this thread, except for: "Freenet works. It works really well." And this is my deepweb story. That wasn't what you wished for? Well: That's the darknet where it works. It ensures freedom of communication by making sure that it works for all its users, including those with a weaker stomach AND those who want to dig into the ugly stuff. ## Setting up a Freenet Seednode from the commandline (english translation of the commandline freenet seednode setup from the libertyserver page) Download and Installation of the Software • wget 'https://freenetproject.org/jnlp/freenet_installer.jar' -O new_installer.jar • java -jar new_installer.jar -console # -console activates installation without X11 Setup a Seed-Node • lynx http://127.0.0.1:8888 • # follow the wizard for basic setup: • # - low security • # - next • # - 20 GiB -> next • # - no monthly limit -> custom limit: 100KiB, 100KiB -> next • # - lynx forwards to the wizard again, Firefox to the Freenet startpage. Just exit. • lynx http://127.0.0.1:8889/connectivity/ • # read opennet port, forward for incoming UDP • lynx config/node.opennet?fproxyAdvancedMode=2 • # be a seednode: click, select true -> apply • lynx config/node?fproxyAdvancedMode=2 • # IP address override: (dynamic) DNS addres / hostname. Only necessary if you don't have a static IP. See http://freedns.afraid.org • wget strangers/myref.fref • # myref.fref an devl@freenetproject.org schicken, Subject: "New seed node: " Once freenet developers add the seednode to the list of seeds, you're a seednode. This might take a while (till the next release). Accessing the Freenet interface from another computer is easierst by forwarding th ports via SSH: • ssh -NL 8888:localhost:8888 -L 9481:localhost:9481 -L 4025:localhost:4025 -L 4143:localhost:4143 Ports: ) • the interface for tools like pyFreenet: • 4025: SMTP (provided by the freemail plugin with the WebOfTrust plugin) • 4143: IMAP (provided by the freemail plugin with the WebOfTrust plugin) ## Letting it burn For the past few weeks we again see a meltdown , with unreachable pages and massively worsened fetch-pull stats with oscillating reachability due to activating and deactivating protections against overload. And according to TheSeeker, the Kittyporn autopatcher has been reactivated by folks on Frost who think that several of the choices of the non-anonymous development team are mistaken. TheSeeker got in contact with those anonymous devs. He asked them if they would stop publishing the autopatcher if we tested their changes network-wide. They said they would - which could stop this self-DDoS of Freenet users. We have counter-measures, but the only thing which can protect Freenet if a significant number of regular, high-capacity users runs versions which are patched to attack the network, is shutting out these users (by reacting to the behavior of their nodes), and we don't want to do that, because we think that they are real contributors and want Freenet to thrive. If we're right, then testing the changes network-wide would seriously disrupt the network, though. Hence the title of this text: "Letting it burn". We would prepare a release to be issued at most 2 weeks later to revert the changes if they prove to disrupt the network. And we wouldn't make the let-it-burn update mandatory, so you could disable auto-update if you don't want to take part in the test (though you would still suffer the disruption). So this should be restricted to a 2-week disruption (2 weeks because we see oscillations on a roughly weekly scale). The following is only my personal opinion and no objective information: I hope that we'll be able to run a poll with all Freenet users we can reach before taking a decision whether to go to that or not. If we go there, then we'll post a news entry to the freenetproject site (and it's in-freenet mirror ) and ask you to give your opinion on any channel you have to reach us. Also I intend to post about it here. We are reachable over at least FMS, Sone, FLIP, Freemail and Frost (via TheSeeker), and I plan to look for updates of Freesites stating an opinion on the matter. It is unclear whether we'll hold a poll. It is also unclear whether we'll try to "let it burn". But if we do so, I intend to write about it here before we do. It will not happen before the 1468-release with purge-db4o. And there are already changes staged for the next release, so if we decide to do let-it-burn, it might still take a few months till we get there. I'm writing this here, to ensure that no one will be surprised if we do it, and that you all know where to watch, so you see a poll if one comes up. That's it for now. Except for a short status update: I did not get to restoring my clearnet websites yet. I'll have to do that soon, but right now I'd rather do the dishes than touch the backups to see what broke. Mmmh, cleaning the dishes… I'm off ☺ Happy Hacking! ## All my clearnet websites have been breached. My hosted server (not (yet?) my homeserver) and all my websites have been breached. This includes https://draketo.de https://1w6.org and https://sn.1w6.org I'm sorry that i did not manage to protect them better. I'm working on restoring them and then tightening their security. Meanwhile you can access updates from me via Freenet: The most recent entries from draketo.de and 1w6.org are still available in the in-freenet RSS copy: If that inproxy should go down, too, just install Freenet¹ and use the following local links: It's ironic that I write this after complaining that our parliaments IT has been breached. ## german government IT breached and externally controlled our elected representatives know that their IT was breached and is still under control by an unknown entity. That entity might have aquired administrator priviledges and installed hardware backdoors. The ruling fractions have their own more secure net which they do not share with the opposition. They delay providing information. Yet the opposition still uses the computers. And I feel as if I'm in a secret agent thriller… Here is the Google translation: This statement is just the Green Party AbgeordneteTabea Rößner in the FAZ . I wanted the + to pass, as I have taken as a slap in my own words only on G: IT of the German Bundestag foreign controlled. Opposition deputies stumped. Damn it, what kind of world do we live? Is that a spy thriller or dark science fiction? So a headline would fit in Star Wars, as newspaper reports during the Emperor accepts the Senate. But in our world it has lost nothing. Worse Tabea Rößner asks helplessly: Shall we just … work without electronic devices? Yes. Of course! How else? Your IT is currently proven externally controlled. You can not use responsibly! If your car were riddled with bombs, you would hopefully not go, and just as you should now treat their IT infrastructure. Use until the acute problem is resolved, the Bundestag stenographers if they are their own handwritten notes too slow. Let them grumble, but they are just your only hope for safe and fast at the same time records. Next, you should then make sure that that does not happen again: Let us put together by BSI a laptop, is to dispense with work already from her provided with espionage interface software. Will say: Stay away from Windows, MacOSX or other companies controlled by US software. Yes, that is, it remains only GNU / Linux 1 - each in a version that is tested by BSI and constantly updated by a competent civil servant status (and thus harder to corrupting) team. And software that is not open source and compiled from their own team is absolutely taboo. Which can never be trustworthy enough for the work of parliamentarians, because it is alien controlled by definition and can be tested by BSI insufficiently. Maybe that helps the experience to provide the jobs of the Bundestag and the parliamentarians on a more stable footing. Nothing is ever completely safe, but who will buy software that can not be tested by their own people for weaknesses and repaired in a timely manner, invites attacks a downright. There is the BSD and GNU Hurd , but in practical terms remains only GNU / Linux. The BSDs depend for everyday use by non-developers still clearly back, namely the GNU Hurd is now usable for developers, but even further away from the suitability for normal users as the BSDs. ↩ ## disk write performance xor is working on queueing downloaded WoT identities to disk instead of keeping them waiting in blocked threads, so I did a short performance test to determine whether this can get us into filesystem trouble. The average hard disk access time for a spinning disk is around 8ms. See Red Hat Storage Perf so writing 10k files to disk should just take 100s. A small testscript I wrote takes 28s for writing 10k versions of my own WoT ID plus 1m27s for the susequent sync. Call the script via time ./testdiskperf.py ; time sync (the sync is necessary to see the real disk performance and not just the filesystem caches) #!/usr/bin/env python3 with open("bigid.xml") as f: exampledata = f.read() for i in range(10000): with open("queued/" + str(i), "w") as f: f.write(exampledata)  I simply used my own id for testing: wget -O bigid.xml freenet:USK@6~ZDYdvAgMoUfG6M5Kwi7SQqyS-gTcyFeaNN1Pf3FvY,OSOT4OEeg4xyYnwcGECZUX6~lnmYrZsz05Km7G7bvOQ,AQACAAE/WebOfTrust/11326?type=application/octet-stream&forcedownload=true ## bash and implicit self modifying code Some of you might have stumbled over ./update.sh only working on the second try. It took us a few years with unreproducible breakage to find the reason, but now that we have it, I think it's time to share: A bash script can change its own code while it is executed. This can also happen when another program edits the script. Nextgens already knows a solution for the script: Just download the new version under another filename and move it over the existing script to force the filesystem to create a new inode (see how deep we suddenly got into our OS? ^{happy}). But that we have a solution does not mean this little exercise into madness isn't worth sharing. On the contrary! So these are the scripts I used to prove to nextgens that bash is even crazier - and at the same time more powerful - than I had thought (as well as some other shells, too, though I did not do a thorough investigation on their support for rewriting their own content at runtime): To test them, copy one of them to 1.sh and execute it. cp bash-keeps-executing.sh 1.sh chmod +x 1.sh ./1.sh And just for fun: This is the content of bash-keeps-executing.sh: for i in 1 2 3; do echo "for j in 2 3 4; do echo \"\$j\"
done" >> 1.sh
done

this actually echos 3-times 2 3 4. Which means that if you read this far
you just looked into the abyss of self-modifying by direct editing of
the text file. And you can be sure that it also looked into you.

To exorcise it, have a look at guile scheme to learn how self-modifying
code can be done right (and safely) ☺ :
gnu.org/s/guile

Happy Hacking!

## Required trust for forming a darknet connection

My take on the required trust for connecting over Darknet is:
"I need to trust them not to crack their Freenet node to spy on me".

This is the case for almost every person I know in real life and many
people I know only digitally.

It is important that you only add people you know, because the darknet
routing algorithm of Freenet depends on having a small world structure.
If you add random people, you not only risk your privacy (and to some
degree that of your other contacts because you make some attacks much
easier), you also weaken the foundation of darknet routing which will
result in much worse performance for all users - including you.

Opennet uses different assumptions to make it efficient to connect to
strangers. These assumptions would not be feasible with darknet, because
they require being able to connect to arbitrary participants in the
network, which would void the core security properties of the
friend-to-friend darknet.

For the extend of this effect, have a look at fixing the link length distribution of Freenet

The article shows how Opennet performance improved when we improved the
files improved by factor 2 and latency and speed improved so much that
returning users noticed that Freenet had become much faster.

"when did freenet get so fast? Impressive speed improvement since I
last used." — doublec

So only add people you know.

(thanks to xor for reminding me to add the darknet structure part)

## My talk for the SUMA award ceremony (in German)

My talk starts at 5:56.

I hope I can provide a transcript soon (which people could translate to
english).

## My WoT databased hosed?

update: fixed by killing the WoT database and restoring via insert
key.

My WoT does not start with the new preview release (1468-pre3). I fear
that the filesystem breakage I had (btrfs on kernel they call too old)
might have taken my WoT database. Luckily I should still have all my
private keys at hand.

Jun 01, ... (plugins.WebOfTrust.WebOfTrust, <noname>(1026),
ERROR): ROLLED BACK!
java.lang.ArrayIndexOutOfBoundsException(no stack trace)
Jun 01, ... (plugins.WebOfTrust.WebOfTrust, <noname>(1026),
ERROR): Error during startup
java.lang.ArrayIndexOutOfBoundsException(no stack trace)


"java.lang.ArrayIndexOutOfBoundsException". It would be nice if that

## ShareWiki: Illegal state exception

A few days ago ShareWiki started throwing illegal state exceptions when
know why. If you use it, there's a workaround: just click the preview
link in the list of sites.

I hope I can allocate the time to fix this soon.

## FMS Code review

Gerard who used to contribute to Freenet a few years ago just came back
and did a code review of FMS. He posted it on devl
and naturally on FMS.

IIRC this is our first independent review of FMS, and it's quite
favorable.

Here's the essential point:

Verdict: Nice code, could been written a bit more defensively. No
suspicious code was found….General architecture seems
well thought out and will be a good foundation for future improvements….

"It was NOT checked if the provided binaries correspond with the
source
file. To be safe® compile from source."

I'm compiling FMS from Source (it works easily, just look at the
readme). This review makes it much easier for me to suggest using FMS.

## Freenet over Meshnet: A perfect match

(crossposted from FMS)

creamsoda@0vpcRHZV1ftyj4mJpZnuYaG8wpkNIvf3qa3b-LUcsZs wrote :
pretty slow, and I imagine cjdns is too, so building a
darknet-over-darknet doesn't seem very sensible. Freenet already has
friend to friend connections with most of the properties that you list,
so what makes freenet-over-cjdns any better? Particularly
darknet-over-cjdns, not just opennet-over-cjdns.

In a meshnet one of the expensive parts is that your data travels over
multiple hops to reach you. If you need to jump 5 hops to the host, then
you cause a total transmission equal to 5x the size of the data.

In Freenet the same happens. If you need to jump 5 hops to the node
which stores the data, then you cause a total transmission equal to 5x
the size of the data.

If you did Freenet over Meshnet where you essentially connect to Freenet
nodes in random locations (Opennet), then these numbers multiply: With 5
hops each, you would cause a total transmission equal to 25x the size
of the file, so the effectively available bandwidth would drop by factor
25 compared to direct connections.

But if most of the nodes you are connected to are also in close physical
vicinity (darknet-style), then these numbers do not multiply: There are
only 1 or 2 hops to the next Freenet node, so a transmission over
Freenet could be just as fast as a direct transmission over cjdns from a
server in a random location. In addition, Freenet provides strong
caching, so the total transmission needed to get some data might be even
lower than for a direct transmission.

In short, Freenet Darknet and Meshnet are an almost ideal match.

## Broken WoT

I'm currently out of Sone again, because since my Freenet crashed once,
WoT does not finish loading anymore so Sone does not see identities (I
cannot access the WoT login page). Possibly it hit an OOM.

Sorry for the inconvenience. I'll say hi on Sone, when my WoT works
again.

this site when you want updates!

## Cory Doctorov: re-publica: NSA not Stasi (Godwin)

Here's a talk from Cory Doctorov on Surveillance:

It's tempting to compare NSA mass surveillance to the GDR's notorious
Stasi, but the differences are more illuminating than the similarities.

Cory Doctorow
Electronic Frontier Foundation

Creative Commons Attribution-ShareAlike 3.0 Germany (CC BY-SA 3.0 DE)

## Robust ssh forwarding of Freenet ports

Over the years of running Freenet on a small homeserver, I perfected my
ssh port forwarding. This is what I use now:

while true; do ssh -NL 8888:localhost:8888 -L 8088:localhost:8088 -L 9481:localhost:9481 -L 8080:localhost:8080 -L 4025:localhost:4025 -L 4143:localhost:4143 HOST; sleep 5; done

When the connection breaks for some reason, it restarts automatically.

More exactly: I have an executable file at

#!/bin/sh
su USER -c "while true; do ssh -NL 8888:localhost:8888 -L 8088:localhost:8088 -L 9481:localhost:9481 -L 8080:localhost:8080 -L 4025:localhost:4025 -L 4143:localhost:4143 HOST ; sleep 5; done &"

If you also want to forward yacy and a quassel IRC daemon, you can add
-L 8099:localhost:8099 and -L 4242:localhost:4242

That's all: It feels as if all the services are running locally.

## Wish: Freenet, No Questions Asked

It would be nice if we had a Freenet installer which avoids asking the
user any questions. Install and it instantly connects to opennet using
the detected ideal bandwidth and datastore settings.

We could offer multiple No Questions Asked (NQA) versions, then:

• Freenet Convenience (opennet, low security)
• Freenet Paranoia (no opennet, high security settings)
• Freenet Seed (opennet, seednode mode activated by default)

A big advantage of NQA versions would be that other programs could ask
the user to install them without forcing the user to go through the
wizard (skips one heavy step).

## Sharewiki b22 includes minimal syntax help.

This
is the last thing which I felt was missing. Please test it! Since I
found Sharewiki, I liked it ever more, since it's the easiest way to
create and maintaint one or several simple freesites.

## Generating Vanity Insert Keys

There's a utility from Bombe to create keys with nice prefixes:
https://gist.github.com/Bombe/5be29459824a0ecdbd9b

Just drop it into the fred repo under src/freenet/tools/GenerateVanityKey.java

Then run ant.

I had to add final to the variables argument and arguments (where ant
told me to) to get it compiling.

Finally cd to build/main/ and run this:

java -cp ../../../freenet/bcprov-jdk15on-151.jar:../../dist/freenet.jar:../../../freenet/freenet-ext.s/GenerateVanityKey PREFIX_YOU_WANT

(../../../freenet is my freenet directory)

This is brute force and increases the Entropy of the Universe for
dubious gain, so the Kopimists might hunt for using it, but on the other
hand it gives you vanity keys ☺

## The NSA are not the Stasi: Godwin for mass surveillance

Short thesis: It's tempting to compare NSA mass surveillance to the GDR's notorious Stasi, but the differences are more illuminating than the similarities.

Description: The Stasi needed one snitch for every 50 people; one NSA spook can keep watch on 10,000 or more people. IT bequeathed unthinkable productivity gains to spies, and this creates structural changes in the extent to which corrupt elites can retain power without danging the carrots of redistribution, fairness and social programmes before their populace.

What I learned: We do not even have to add drones to the mix to fuck up our society. Permanently.

And Cory Doctorow is great. He makes points I would want to make. Better than I would make them and with a story arch worthy of a world class science fiction novel - with the twist that the story he tells is real.

## I do not hate corrupt politicians

an answer I gave on Sone

I would not go as far as saying that I hate them. There's a system in
place which helps them to rise. A system where the elected act in the
interest of the powerful instead of the interest of the voters.

To break this we need independent media which acts in the interest of
its readers. Where the readers are the customers, and not the ware which
the media sells to the advertisers and other people who are willing to
pay.

We need stronger measures against corruption - for example control over
politicians from within civil society like http://abgeordnetenwatch.de

Funded by all, not only by a few donors.

And we need to ensure that we can survive temporary setbacks - to ensure
that the setbacks remain temporary. For that we need things like
Freenet. It's one of the reasons why I decided to contribute here.

## Threat to democracy - from the elected

As Glen Greenwald quotes in the intercept

They would include a ban on broadcasting and a requirement to *submit
to the police in advance any proposed publication on the web and social
media or in print*. The bill will also contain plans for banning orders
for extremist organisations which seek to undermine democracy or use
hate speech in public places, but it will fall short of banning on the
grounds of provoking hatred.

It will also contain new powers to close premises including mosques where extremists seek to influence others.

Can we close the premises of people who want to violate human rights?
Like Cameron?

stop those who seek to "undermine Our British Values" and, instead,
ensure "we are together as one society, One Nation" — Tory Home
Secretary Theresa May

Glen Greenwald comments that as follows: "I personally believe this was
all more lyrical in its original German"

I, as german, have nothing to add.

## Freemail works after recompile

I compiled plugin-Freemail myself, and that version now loads. If you
want to test it yourself you can use my jarfile (with some changes: I
wanted a new message link on the inbox page):

The
code is on github: https://github.com/ArneBab/plugin-Freemail

## Gleichsetzung von Faschisten und Linken darf kein Mittel sein

Jemand in Twitter nannte als Antwort zu einem Tweet mit einer Kopie
einem Satz

Erster Tweet: "zurück zu den Wurzeln,zu unseren alten
Traditionen.(…)Im Mittelpunkt stand der Kampf um die Straße" #oss

Gleichsetzender Tweet als Antwort: @KatharinaKoenig ROFL, es kann nur
eine geben, die einzig wahrhaft wahre Religion — ein allgemeines

Meine Frage: =1v3833n7h3r3 =KatharinaKoenig was sind denn „Ultralinke“?

Das hier ist die Diskussion, die sich ergab:

@ArneBab Solche,die ihre Ideologie als die einzig Wahre erachten und
deren Liturgie explizit das Himmerlreich auf Erden verspricht….

@1v3833n7h3r3 Also einfach Ideologen? Wieso nennst du „Faschisten“
und „Ultralinke“ in einem Satz, aber nicht die ganzen anderen Ideologen?

@ArneBab #ausGruenden die du gerne der Historie entnehmen kannst.,
Und ja, ich werfe die Extrempositionen ganz bewusst in einen Topf.

,@1v3833n7h3r3 Du wirfst also 60/186/849 Getötete in 21 Jahren (Zahl
je nach Zählung)und im gleichen Zeitraum 3 (2 davon RAF) in einen Topf?

,@1v3833n7h3r3 Zeitraum 1991—2011, und ja, ich habe gerade danach
gesucht. Todesopfer Linker Gewalt seit 1994 suche ich vergeblich.

,@1v3833n7h3r3 Suche nach "todesopfer linksextremer gewalt in
deutschland" ⇒ „Linke Schlagen Rechte und Polizisten“:
http://www.taz.de/!50164/

@ArneBab Nochmals, ich spreche von Gruppierungen, die letztlich
menschenverachtenden politischen Systemen das Wort reden.

@1v3833n7h3r3 Du redest von Gruppierungen bei denen eine 60 bis 849
Leute in 10 Jahren getötet hat und die andere höchstens 3.

@ArneBab Sry, DU hast das Thema Mord auf den Tisch gebracht. Ich
rede von politischer Religion.

@1v3833n7h3r3 Das ist kein „allgemeines“ Problem: Du setzt Leute die
morden mit Leuten gleich, die nicht morden.

@1v3833n7h3r3 Wenn es nur um Reden geht: Wieso nennst du Faschisten

@ArneBab Interessant, was du so alles hineininterpretierst. Versuch
es mal mit verstehendem Lesen.

@1v3833n7h3r3 das habe ich getan.Was ich in deinen Tweets verstanden
habe, finde ich unhaltbar. Daher habe ich nachgefragt statt zu urteilen

@1v3833n7h3r3 jetzt urteile ich.

@1v3833n7h3r3 was ich gesehen habe: Du wolltest jemanden verbal
treten und hast als Mittel dafür Faschismus und „Ultralinke“
gleichgesetzt.

@ArneBab Gut, wenn man die Wahrheit gefunden zu haben glaubt, die
einzg wahre Wahrheit natürlich… Dann urteile mal schön.

@1v3833n7h3r3 Sowohl dein Ziel als auch dein Mittel finde ich
scheiße.

Ich denke nicht, dass ich dazu noch viel sagen muss.

»for my privacy and to injure the following law!« — new french user in
IRC. The referenced law is the new surveillance law in france (which
will hopefully be cancelled by a constitutional court, but that can take
years).

## French National Assembly Approves Mass Surveillance of French Citizens!

net:
)

Paris, 5 May 2015 - The French Intelligence Bill was adopted today by
the National Assembly1 despite massive cross party opposition against
the text's highly harmful measures. With 438 votes for and 86 against,
French citizens' representatives have given the Prime Minister the power
to watch, massively and with little control, the French population.
This is one more step backwards regarding the separation of powers in
France, a founding principle of our democratic regime. La Quadrature du
Net strongly condemns this surrendering of democratic principles and
calls on senators, who will be voting the bill next, to counter this
unacceptable vote.

The Intelligence Bill, which was presented on the fast track on 19 March
by French Prime Minister Manuel Valls, rallied a very large, argued and
vigorous opposition, from a number of civil rights associations,
collectives, lawyers' and magistrates' unions, but also administrative
authorities such as the CNIL (French Data Protection authority) and the
CNCDH (French National Consultative Committee for Human Rights).

No To Mass Surveillance!
French Intelligence Bill harms your liberties!

Presented by the Government as a law both necessary and necessarily
consensual, the bill however sparked growing opposition within the
National Assembly itself from MPs from all sides of the political
spectrum, who courageously faced the slanderous insinuations of
anti-patriotism or incompetency hurled at them by Minister of the
Interior Bernard Cazeneuve or rapporteur Jean-Jacques Urvoas. The
evolution of political positions, increasingly hostile to the text as it
was studied and analysed in-depth, shows that the government's choice
to fast-track a bill concerning such a complex and fundamental issue was
a political strategy, one of a denial of democracy and an insult to
Parliamentarians' work.

Despite this strong opposition, the amendments tabled in April weren't
enough to significantly modify the Bill and the most harmful measures
were kept:

• Extension of the scope of intelligence missions, allowing for

potential surveillance of whole parts of the political, union, activist
world, but also economic, scientific ones, etc.

• Massive legalization of intelligence services' illegal methods and

introduction of new technologies of mass surveillance of electronic
communications

• No real and independent control by the future commission in charge

of interceptions control (CNCTR); illusory citizens' recourse against
surveillance

Today, those who objected to the Intelligence Bill will remember the
list of MPs who refused to safeguard the fundamental liberties of French
citizens. They call on senators, now in charge of examining on the
text, to modify it in-depth in order to turn it into a real framework
for the protection of citizens and the monitoring of intelligence
services.

"The French Intelligence Bill brought forward questions that are the
basis of our democracy: fundamental liberties, the separation of powers,
control of the public power. The French government's attitude and the
MPs' decision – unworthy of them – shows to what extent a citizen
upheaval is now necessary to save the democratic principles of our
country. We call on the senators to take the lead on this bill and ask
the many citizens who took action against the bill to not let the
pressure off their representatives." declared an outraged Philippe
Aigrain, co-founder of La Quadrature du Net.

1. Lower chamber of the bicameral French legislative system

## testing-build-1468-pre2

Steve aka operhiem1 released the second pre-release for 1468 (also known
as purge-db4o).

Get it via ./update.sh testing. If it breaks, run it twice.¹

The intention of this pre-release is to get all developers and testers
to a common, coherent state. Before this, people had several different
snapshots of the source running with different sets of patches on top.

This version should be able to run the release candidate of the Web of
Trust, so it should also run the purge-db4o enabled Sone
from TheSeeker.

¹: I had to run the update.sh script twice, because at the first run I
got a syntax error. I think that has something to do with bash stumbling
when the file changes while it is being executed.

./update.sh: Zeile 217: Syntaxfehler beim unerwarteten Wort then'
./update.sh: Zeile 217: ev/null; then'

## Sharewiki b21

I reviewed sharewiki and replaced the non-GPL compatible parts with GPL
compatible ones, and I'd be glad if you could try whether it works for
you.

To test it, go to the plugins page
scroll to the text field under "load unofficial plugin from Freenet" and
enter the sharewiki key:
sharewiki-b21.jar

## PHP

You bought a new car. You took it out for a ride. a tree falls
before you. You brake, but the car proceeded to hit the tree anyway.

You call the car company and talk to their engineers. One of them
ask. 'Did this happen on a Friday evening, when it was raining?' You say
'Yes, how do you know?'

The engineer replies.

"Our brakes does not work on rainy Friday evenings. If you REALLY
want to brake on a rainy Friday evening, you should also pull the lever
under the dash board that is normally used to open the hood. It is very
clearly printed on our manual. Didn't you read it? Our car is not the
problem. You are the problem"

You were enlightened. You came back home. You never took the car out
on rainy Friday evenings. When Somebody asks about the car, You said.
"Yea, it is a great car. But you got to know how to use it".

You took great pride in knowing how to drive this car, which can
easily kill someone who hasn't read the manual. When you hear that
someone got killed while driving this car, you simply said. 'That car is
Ok. but you should really know how to drive it, sadly this guy didn't.
He was the problem, the car ain't…

→ imakesnowflakes on Hacker News:
https://news.ycombinator.com/item?id=9485741

## God wrote in Lisp

Also known as "I'm sorry to inform you that Earth is about to be been eaten
by a fire demon." :)

CC by-sa by Ben Brockert:
https://www.flickr.com/photos/wikkit/10212337584

Ich mag das Bild auf vielen Ebenen :)

## ShareWiki code review

(review notes from
https://github.com/ArneBab/plugin-sharewiki/blob/master/doc/review-notes.txt
)

I reviewed all files except for mylyn (Textile). The code looks safe and
./src/plugins/ShareWiki/common/FileStorage.java
./src/plugins/ShareWiki/common/Logger.java
./src/plugins/ShareWiki/common/MapToData.java
./src/plugins/ShareWiki/common/SmartMap.java
./src/plugins/ShareWiki/Database.java
./src/plugins/ShareWiki/Freesite.java
./src/plugins/ShareWiki/Inserter.java
./src/plugins/ShareWiki/Plugin.java
./src/plugins/ShareWiki/webui/WebInterface.java
Sadly the Eclipse Public License of Textile is incompatible to the GPL,
we cannot publish
Sharewiki with Textile. We will have to replace textile with a GPL
compatible replacement.
We might be able to use the older Textile-J which is the base for mylyn
under LGPL-3.0: https://www.openhub.net/p/textile-j
http://grepcode.com/snapshot/repo1.maven.org/maven2/net.java.dev.textile-j/textile-j/2.2.864/

## Testing WoT and purge-db4o

Just in case it got lost: purge-db4o and a WoT which works on it are
both available. Here's the announcement from xor:

Date: Thu Mar 12 11:06:58 GMT 2015
Subject: WOT build0014 release candidate, please test
emu.freenetproject.org/pipermail/devl/2015-March/037999.html

We're finally nearing a WOT release.

Testing instructions and a changelog are included in the zip as text files.
Also before testing check this thread for new replies because I might
post a
new release candidate if the current one has any bugs.

Thanks for your patience with the release and thanks for testing :)

## Democracy works - and the US does not have a democracy

The DickPic campaign showed that the
majority of people know that surveillance is bad.

People take dumb decisions when spoonfed misinformation by a small group
of people who control the mass-media.

People elect puppets if someone who wants to be elected must first beg
the 132 largest sponsors in the country for money. Yes, 132. For
explanations I defer to Lawrence Lessig: We the People, and the Republic we must reclaim

Calling
the above democracy is an insult to the concept of democracy. This is
not a democracy, but a plutocracy with an ever weakening veil in which
it claims to be democratic to keep people silent. Consequently giving up
on democracy does not solve the problem. It makes it worse. To solve
the problem, we need to revive democracy - and for that we need
independent media.

Freenet is an essential part of independent media: If people can censor
information, those in power will do so.

Since we cannot solve the problem by simply moving elsewhere, we need a
way to protect Freenet where we are. And for that we need anonymous
developers like SomeDude, Eleriseth and NowWhat. They and the other
anonymous contributors are the guardians of Freenet. Thanks to them,
pressurizing the non-anonymous developers cannot take down Freenet.

That keeps us alive and kicking.

## "make cache quasi-LRU via pseudo-random key pruning"

The joy of applying Freenet features to my tools. Saves 60% mem with

Sounds complicated? Let me show you the code. When adding a key to the
cache:

        # maybe delete an existing key (=> max 16**3 entries)
try:
# pseudorandomly choose a key to kill (last letters of the
md5 hexdigest)
del _cache[_cache_hash[key[-3:]]]
except KeyError: pass
_cache_hash[key[-3:]] = key


That's it: just kill the cache value for a key with the same last three
letters in its hash-part. This is almost random. Then store our new key
in the same place.

Note: Do not use this for anything security critical: It definitely has
significant slow paths where functions repeatedly overwrite each others
cached values. If I detect this in my own script, I can simply change
the letters to be used in the _cache_hash, but when it is used in the
wild (wild net), someone will exploit it and DoS you with ease (in the
best case).

PS: Aside from being very useful, the title of this message also sounds
like complete gibberish ☺

## Absence from Freemail and Sone

Someone noticed that I've been absent from Sone and Freemail for a few
months and wrote to me. Thank you for your concern!

I am absent, because I'm testing the new purge-db4o code (what should
become build 1468), and Sone and Freemail for that aren't yet released.
Freemail builds but does not run.

TheSeeker fixed the plugins for himself. I did not get to that, so I can
only come back once Sone and Freemail are fixed. I hope it's soon.

I miss Sone.

• FAQ

Anonymous@lFG3mGbGf0b8nE6j8RC0i5ZgWEhsQXDG3ghkYIa-1wQ wrote :
> I thought Freenet wasn't able to protect against the NSA?

The link "connect to your friends" (on the clearnet site) shows how to
connect via darknet and communicate via darknet N2N messages. From my
understanding, these are currently one of the most secure communication
methods we can get, because they hide our personal communication beneath
Freenet traffic.

They aren't suited to communicating anonymously, but they are well
suited to communicating confidentially.

## The foundation of real Democracy

After the election last year, my wife and I took our children to the
counting of votes. We were the only visitors there, but the team of
volunteers who did the counting was well coordinated and highly
motivated by their feeling of doing something essential for our society.

At that point I realized that these loose groups of volunteers are the
real foundation of a working democracy: They ensure that due process is
followed. It's essential that it's possible for every citizen to watch
them, because that removes the incentive to try to cheat: We could count
the votes ourselves and later compare whether that fits with the
county-wide averages: If that would have been off, we could have
requested a recounting of the still existing physical paper-votes. And
if that incentive isn't there (nothing to be gained by cheating), the
groups who form to do the voting are most likely motivated by doing the
right thing: ensuring a fair vote.

I nearly wept when after I thanked one for her volunteer work she said
"I do it for democracy", because that's real democracy she was talking
about: Not the sham we see on TV, but voting together on decisions which
affect the group which does the voting. That societal structure works
for small-scale voting (to take decisions within a town or village) just
as well as for large-scale voting (for the whole country) and I
consider it a foundation of a society without hierarchy - even though
that society isn't real yet (because it's not what people vote for).

It means that getting a better society just means getting information to
people: The structures to realizing the expressed will of people are

## First paper published (in public discussion)

My first paper has finally entered public discussion!

surface flux inversions]]

Freenet-Uploads (it's open access, so I'm allowed to share it!)

(if you access this site over a gateway, you cannot open these, since PDFs
can contain malicious content. Run Freenet yourself or get them from the
journal linked at the beginning of this note)

## Improved CSS

I adopted the CSS improvements Findings did for ShareWiki. I'll try to
get them into a ShareWiki release, but that might take some time (the
usual limited free time).

Feedback is one of the main drivers of motivation, especially if you
write under Pseudonym in Freenet: You cannot use what you write to earn
money or build your future, so you have to create for the act of
creation and communication itself.

## Giving and Getting Feedback

In the past two weeks my anger over our conflict mellowed to grumpiness
and I started thinking about what went wrong.

This is the first result of that: How to react to feedback. Or rather
how I want to give and react to feedback.

1. When I give feedback and I see something where I am not sure whether I know better, I try to say so. Instead of saying "do this", I try to ask a question like "why do you do this? It looks strange, because…".
2. When I give feedback and I see something and am sure that I do know better, then I give reasons for that. The worst case is that I say "I cannot describe why, but this should change. I'll try to find out what irks me". I've been wrong with this before, though, so I've been doing this less and less.
3. When I get feedback and I am not sure whether the feedback is valid, I ask for reasons. "Can you explain why?". If the explanations is sound, I accept it. If it feels fishy, I might ask for more explanation. This often yields much better understanding for both participants, so I think it is worthwhile. In case of doubt, I follow the advice I got: People often have a hard time giving convincing arguments, even when they are right.
4. When I get feedback and I think I know better, I listen to authority (as I perceive it). I know that nextgens is my better at security and at structure of the Freenet codebase. So if he comments on security or the structure of the Freenet codebase and I disagree, I might ask for clarification, but there is only one reason for not following his advice: When I feel that he and I have different goals. Until now these have always been short-term goals: He tries to go for higher security first, even if it costs users now, while I want more users, even if that means improving security a year later. I know that I know my way around version tracking systems and Python, so for these I would not yield to nextgens if I do not agree with the explanation - except if he says
something like "please trust me on this. I cannot explain it clearly, but I expect horrible fallout when we go down this route".

I know that nextgens is my better at these, because security is what
he's doing professionally and I don't really go deep on it, while for
structures within Freenet he has been proven to be right many times
over.

enough to go head on head. Back when I started programming that was
different. After a few years I thought I knew how to best start
programming and actually tried to talk my professor into teaching Python
instead of Scheme, because that would allow students a much easier
start. Nowadays I'm learning Scheme, because after 8 years programming
in Python I hit its limitations. That taught me some humility, and I try
to take that lesson to heart.

## Graffiti

(the following is from FMS)

> Art is meant to offend and disrupt society, while some graffiti is
just 15 year old kids scribbling names and pretending to claim turf for
their gang, the rest is rather deep and a decentralized way of showing
appreciation for the new urban spaces it creates.

It's great to see that we're asking deeper questions here.

One of the effect sof graffiti is that it gives a public voice to the
99% of the population who cannot afford to pay for advertisements. It
offsets part of the cultural hegemony in which the ones with money
define what all the others see in their daily life.

That graffiti seems disruptive to many shows how used we got to letting a
few rich people define our daily experiences in public spaces.

Some of you might have wondered about the conflict in the dev team.
Quite a few things surfaced, but there's one thing which has me
confounded: This conflict has exceptionally bad timing.

Why does this happen now that there is finally a new release for WoT?
Why does it happen when I want to hack on freesitemgr to make it a
better fit for mempo? Why does it happen when we are close to a huge release
with only have a few plugins to fix and debugging to be done before it can ship?

It's crazy that instead of celebrating we are fighting.

The following cronscript selects a freesite at random and checks whether
it needs an update.

Just save it into a file, replace "arne" with your username, make it
executable and copy it to etc/cron.daily or etc/cron.weekly

Then you can update your freesites on your own schedule and freesitemgr
will take care of separating the sites from each other.

#!/bin/sh

# sleep for a random fraction of the day to avoid timezone detection
attacks
HOURS_DELAY=$(($RANDOM % 24))
echo freesite upload delayed by $HOURS_DELAY hours >> /tmp/freesiteupload.log date >> /tmp/freesiteupload.log sleep$((3600 * $HOURS_DELAY)) echo starting freesite upload >> /tmp/freesiteupload.log date >> /tmp/freesiteupload.log # update a random freesite su arne -c 'source /home/arne/.babrc && echo sourced >> /tmp/freesiteupload.log && for i in$(for i in $(freesitemgr list | sed "s/*//g"); do echo${i}; done | shuf | head -n 1); do echo
yes | /home/arne/.local/bin/freesitemgr cancel ${i} && /home/arne/.local/bin/freesitemgr cleanup${i} && echo
/home/arne/.local/bin/freesitemgr update
--chk-calculation-node=127.0.0.1:9482 ${i} && echo updated${i}


## Use the categories in the menu

It would be nice if we could reorder the menu of Freenet to have more
categories and plugins in them. An idea for that would be:

• Browse (no change)
• Community
• Identities (current Web of Trust)
• Sone
• Chat (Flircp)
• (install more)
• Publish
• Blog (Flog Helper)
• Simple Site (ShareWiki)
• (install more)
• Filesharing
• Thaw browser
• Keep Alive
• KeyUtils
• (install more)
• Friends
• Connections to friends
• Messages
• Status (no change)
• Configuration (no change)

## Conflict in the team

We had a very tiresome discussion on IRC, and there are already
distortions of what happened floating around.

I neither intend to start discussing the following, nor to ever work
with xor on something similar again.

The discussion started when xor posted a draft of his release notes.
operhiem1 commented on them:

> "this build includes more new commits than WOT ever consisted of
as of the previous build" doesn't sound like good news to me. When I
read that I think "and just IMAGINE all the bugs they introduce!" ---
operhiem1

and I said:

> to add to that: I think the humor in "good news and bad news" will
not fall on fertile ground. — ArneBab

(see
irclogs-1323/
%20)

of acknowledging that both phrases weren't received well and simply

> the opposite of what you criticise here would me billing freenet
months of work for an infinitesimal, ridiculously small amount of
commits. would you prefer that to me being productive? what are you
trying to achieve here?

and the rest was a horribly tiring 3 day discussion trying to get xor to
understand why he should rephrase that. During that discussion xor
accused me of asking him to lie and repeatedly distorted what I said.

The one point which made me almost laugh with disbelief was when he said

> my social skills DO suck. — xor

And then, instead of rethinking what he said and saying "hm, if I know
that my social skills suck, then maybe I should accept the opinion of
others in the team and just do the change, even if I don't understand
why", he kept arguing.

When I was really weary of explaining it and getting my words twisted
again and again, I gave him two warning shots. The first was:

> xor-freenet: I have no more interest in this discussion. You should
take this as a warning that you are alienating people. — ArneBab

when he kept arguing, I wrote what should have finished the discussion:

> operhiem1 got tripped up. nextgens got tripped up. I got tripped
up. Do I really have to say any more? There is a point at which when you
don't understand something, you should just accept the input from
others. — ArneBab

This was a warning shot of a magnitude I never used before. It did not
reach him.

Instead he kept claiming that I had requested of him to take out the
commit count, when all I asked him was to remove the comparison ("more
than ever before") which rightfully tripped operhiem1 (because more new
code than old code existed means that it contains lots of new places for
bugs and that reviewing this will be hell).

I lost my temper in the time after that, along with any interest in
working with xor again.

xor ended with

> WOT release done, everybody angry. just as i expected :D

And that isn't even a self-fulfilling prophecy, because he worked hard
at making it real. I had held out for him and asked people to be patient
for years. He managed to find a way to make me angry and to make me
lose any patience I had for him.

If you want to seriously ruin your day, you can read the discussion in
the IRC logs:

• first day:

-
second day:
irclogs-1324/

-
third day:
irclogs-1325/

To
sum it up:

• If you failed to deliver for years, starting the first release with

"good news/bad news" will not help appease people who are already angry.

• The commit count is no metric for improvement. Commits are a pure

activity measure which does not relate to features.

• In a community project with asymetric time (xor has 20 hours of paid

time per week, his work has to be reviewed by contributors in their
limited free time), a big pile of commits means a huge load on reviewers
which keeps them from working on other features. In his previous
pull-request for synchronous FCP API xor was even unwilling to split the
commits into functional and documentation changes; I did that in the
end to trim down his 13k LOC monsterdiff into almost manageable 1.3k
lines which operhiem1 reviewed on two weekends. From that experience I
do not expect xor to help much in making the review easy.

• Comparing the commit count to the count which was there before has

even less meaning than the raw commit count. Reviewing a change which
doubles the amount of code is roughly as hard as reviewing the full
application - if not harder, because context is missing. This is not
something to brag about. Rather something to excuse "I'm sorry that this
feature required so much code. I'll help as best as I can to make it
easy to review".

• If you put a draft up for review and people who worked on the topic

for a long time ask you to change something, then just change it. This
goes even more when you are paid for your work and you know that the
area you worked on isn't one you know by heart.

• xor already threw these tantrums on various occasions, targeted as

various people. Currently it feels as if xor uses up more time (of
others) than he contributes. I know that this sounds damning. This is
how it feels.

## Faster KDE startup

Old try at faster KDE startup: sessionk:
https://dantti.wordpress.com/2013/02/27/1-2-3-plasma/

(this is a comment I wrote in
http://blog.davidedmundson.co.uk/blog/systemd-and-plasma#comment-1862738836
)

Also I now looked into runit for simple daemon tools, and it looks
pretty easy (after stopping to read the documentation and asking a user
for a minimal working example):

echo '#!/usr/bin/env python\nfor i in range(100): a = i*i'
>/tmp/foo.py &&
chmod +x tmp/foo.py &&
mkdir -p ~
.local/run/runit_services/python &&
ln -sf tmp/foo.py ~.local/run/runit_services/python/run &&
runsvdir ~/.local/run/runit_services

now you can manage the daemon with

sv status|start|stop|restart|… ~/.local/run/runit_services/python/

and declare dependencies in the simplest way I saw: Just use a script as
…/run which uses "sv start ../service || exit 1" before exec of the
daemon: http://smarden.org/runit/faq.html#depends

To only treat a service as started once it provides a given service,
just create a check script next to the run script:

»If the script ./check exists in the service directory, sv runs this
script to check whether the service is up and available; it's considered
to be available if ./check exits with 0.«

^ only the service needs to know how to check whether it is ready.

## Wir haben verloren

Netzgemeinde, wir haben verloren
(Kopie einer Pastebin)

»Die EU-Parlaments-Vertretung, Pilar del Castillo Vera, ist spanische,
konservative Politikerin,
die für den Industrie-Ausschuss das
Netzneutralitäts-Gesetzgebungsverfahren führend begleitet
hat, und im laufenden Prozess dadurch auffiel, dass sie am Anfang dieses
Prozesses lauter
Anti-Netzneutralität-Änderungs-Anträge einbrachte…
Die EU-Kommissions-Vertretung, Günther Oettinger…: ~"Es braucht
Überholspuren im Internet, um
Telemedizin und Steuerung selbstfahrender Autos zu ermöglichen"…
Und der dritte im Bunde, die Person, die die lettische
EU-Ratspräsidentschaft als Vertretung des EU-Rats
vertreten wird, wird in den Trilog-Verhandlungen zähneknirschend die
Position vertreten, die der EU-Rat
beschlossen hat; zähneknirschend deshalb, weil die lettische
EU-Ratspräsidentschaft im EU-Rat sich
grundsätzlich für Netzneutralität stark gemacht hat, und sich in ihrer
Position halt dem Mehrheits-Votum
im EU-Rat zugunsten eines 2-Klassen-Internets beugen muss.«

Die einzige Person, die für Netzneutralität ist, wurde in die Rolle des
Netzneutralitätsgegners geschoben. Ein großer Teil davon ist Fallout der
großen Koalition in Deutschland.

Was jetzt?

## Kat's Flog

„Revolutions are organized by members of the middle and upper classes,
with the footsoldiers coming from the lower class.“ → Kat's Flog

And most times, only the upper and middle class switch roles and the
lower class is left out.

The above is a really nice article, by the way: Defining classes by
their power, not only by income or such.

## TODO list for pyFreenet

>> If you could help with pyFreenet, that would be great! (I'm
usually short of free time, so there are many things I cannot tackle).
>>
>
> Is there any To-Do list?

There is a bugtracker, but that is mostly resolved:
https://bugs.freenetproject.org/view_all_bug_page.php

Additionally I'm tracking some things with the distributed b-bugtracker:

6 - use logging from standardlib for logging
a - cleanup the setup.py: Get rid of the always executed man-file
install.
c4 - lots of unicode stuff with non-ascii filenames.
e - add my site to the bookmarks
c7c - switch to argparse

(stored in the file .bugs/bugs )

From these 6 and a are suitable for starting. c4 needs experimenting and
going through many places in freesitemgr / fcp/sitemgr.py where my¹
code isn't optimal…

¹: The unicode stuff is from me, and I'm not really proud of how it
looks… and it's still partially broken, for example for autogenerated
indexes (unicode handling in Python2 sucks… compared to Python3).

Finally you could try whether 2to3 works and add that to the setup.py:
Making pyFreenet compatible with Python3 - maybe by utilizing the six
project where automatic conversion fails (just copy their file into the
project to avoid external dependencies).

2020-03-03 Di 00:00 - Impressum - GPLv3 or later (code), cc by-sa (rest)