Note (2017): Due to changes in cross-origin requests, babcom is currently broken. I want to fix it, but can’t do it right now. Sorry for that.
In the last years, spam became worse and worse. The more my site grew, the more time I had to spend deleting blatant advertisements. Even captchas did not help anymore: Either they were so hard that I myself needed 3 tries on average to get through, or I got hundreds of spam messages per day. A few years ago, I caved in and disabled comments. The alternative would have been to turn my Website into a mere PR-outlet of Facebook, twitter or one of the commenting platforms out there.
» babcom: decentralized, spam-resistant comments! «
A few days ago, xor, the developer of the Web of Trust in Freenet got in contact with the brain behind the planned Web of Trust for Openbazaar, and toad, the former maintainer of Freenet questioned whether we would actually want a marketplace using Freenet.
I took a a few days to ponder the question, and I think a marketplace using Freenet would be a good idea - for Freenet as well as for society.
Freenet is likely the most secure way for implementing a digital market, which means it can work safely for small sums, but not for large ones - except if you can launder huge amounts of digital money. As such it is liberating for small people, but not for syndicates. For example a drug cartel needs to be able to turn lots of money into clean cash to pay henchmen abroads. Since you can watch bitcoin more easily than cash and an anonymous network makes it much harder to use scare-tactics against competing sellers, moving the marketplace from the street to the internet weakens syndicates and other organized crime by removing part of their options for creating a monopoly by force.
If a bitcoin marketplace with some privacy for small-scale users should become a bigger problem than the benefit it brings by weakening organized crime, any state or other big player can easily force the majority of users to reveal their identities by using the inherent tracability of bitcoin transactions.
I just finished lots of new uploads of sites into freenet - with the new freesitemgr (which actually uploads quickly when WoT is disabled, check todays IRC-logs tomorrow to get background on that). You can get the new freesitemgr from github.com/ArneBab/lib-pyfreenet-staging or via infocalypse:
hg clone freenet://USK@kDVhRYKItV8UBLEiiEC8R9O8LdXYNOkPYmLct9oT9dM%2CdcEYugEmpW6lb9fe4UzrJ1PgyWfe0Qto2GCdEgg-OgE%2CAQACAAE/pyfreenet.R1/14
The sites are also available via my freenet inproxy:
freenet-team - an introduction of most of the freenet hackers I know.
mathmltest - example of mathml in freenet.
winterface-deadlines - deadlines for the Winterface GSoC project
freenet-funding - the freenet fundraising plan, still lacking good design and crisp presentation slides or a video
freenet-meltdown - on the recent massive performance degradation which lasted a few month and ended with the link length fix.
fix-link-length - background on the link-length fix which made freenet actually do small world routing again instead of random routing (into which it had degraded, partially due to local requests, partially due to having so many peers per node that random routing actually worked for the current network size, so the pressure by routing-success to go back to small world routing was too weak compared to the pressure from local requests to randomize the connections)
download-web-site - how to download a single page from a website - for example to mirror it into freenet. Hint: For all the sites on draketo.de or 1w6.org you are allowed to do so freely (licensed under GPL).
guiledocs - the online documentation for GNU Guile with a focus on Scheme (using Guile): A powerful lisp-like language with multiple implementations.
decorrespondent-metadata - experiment how much information one can glean about your life from just one week of metadata, in dutch.
netzpolitiz-metadaten - same article translated to german. License: cc by-nc-sa
Adventures of a Pythonista in Schemeland - the adventures of a Pythonista in Schemeland: A deep understanding of Scheme for Python users. I learned to love Scheme with this. BSD license.
programming-languages - The Programming languages lecture. License: cc by-nc-sa
tao of programming - "When you have learned to snatch the error code from the trap frame, it will be time for you to leave."
I needed to calculate the probability that for every freenet user there are at least 70 others in a distance of at most 0.01. That needs binomial coefficients with n and k on the order of 4000. My old Python script failed me with an
OverflowError: integer division result too large for a float. So I turned to Guile Scheme and exact math.
Freenet provides a global, anonymous datastore where you can upload sites which then work like normal websites. But different from websites, they have a version-number.
The reason for this is, that you can only upload to a given key once1. This data then gets stored in the network and is effectively immutable (much like immutable data structures in functional programming).
If you try to upload to a given key twice, you can get collisions. In that case, it isn’t clear which data a client will retrieve - similar to race conditions in threaded programs. That’s why we do not write to the same key twice in practice (though there is a key-type which can be used for passwords or simple file-names. It is called KSK and was the first key-type freenet provided. That led to wars on overwriting files like gpl.txt - similar to the edit-wars we nowadays get on Wikipedia, but with real anonymity thrown in ☺). ↩
→ Kommentar zum BeHaind Video Soziale Massenmanipulation - Politiker flippt aus - Sailor Moon
Ganz klar, es gibt Manipulation. Und die wird es immer geben, wenn die Kommunikation von anderen kontrolliert wird.
Ich verwende deswegen zusätzlich zu Twitter und G+ auch GNU social und Sone.
So Poul-Henning Kamp thought this just a thought experiment …
In Fosdem2014 Poul-Henning Kamp talked about a hypothetical “Project ORCHESTRA” by the NSA with the goal of disrupting internet security: Information, Slides, Video (with some gems not in the slides).
One of the ideas he mentioned was the QUEEN program: Psy-Ops for Nerds.
I’ve been a contributor to the Freenet Project for several years. And in that time, I experienced quite a few of these hypothetical tactics first-hand.
When you enter the freenet Web of Trust, you first need to get some trust from people by solving captchas. And even when people trust you somehow, you have no way to prove your identity in an automatic way, so you can’t create identities which freenet can label as trusted without manual intervention from your side.
To change this, we can use the Web of Trust used in GnuPG to infer trust relationships between freenet WoT IDs.
Practically that means:
An answer to a reddit-comment by tedemang to the article 1540 Anonymous vs. TrapWire: "We must, at all costs, shut this system down and render it useless".
From the #freenet IRC channel at freenode.net:
toad_1: what can freenet do well already?
toad alias Matthew Toseland is the main developer of freenet. He tends to see more of the remaining challenges and fewer of the achievements than me - which is a pretty good trait for someone who builds a system to which we might have to entrust our basic right of free speech if the world goes on like this. From a PR perspective it is a pretty horrible trait, though, because he tends to forget to tell people what freenet can already do well :) ↩
The probes project is a google summer of code project of Steve Dougherty intended to optimize the network structure of freenet. Here I will give the background of his project very briefly:
Update (2015-11-27): The script works again with newer Freenet versions.
Install and setup infocalypse on GNU/Linux:
Just download and run1 it via
wget http://draketo.de/files/setup_infocalypse_on_linux.sh_.txt bash setup_infocalypse*
« Real Life Infocalypse »
DVCS in the Darknet. The decentralized p2p code repository (using Infocalypse)
On systems based on Debian or Gentoo - including Ubuntu and many others - this script will install all needed software except for freenet itself. You will have to give your sudo password in the process. Since the script is just a text file with a set of commands, you can simply read it to make sure that it won’t do anything evil with those sudo rights. ↩
In this text I want to explore the behaviour of the degrading yet redundant anonymous file storage in Freenet. It only applies to files which were not subsequently retrieved.
Every time you retrieve a file, it gets healed which effectively resets its timer as far as these calculations here are concerned. Due to this, popular files can and do live for years in freenet.
TL;DR: Inserting a file into Freenet using the key KSK@<password> creates an invisible, password protected file which is available over Freenet.
Often you want to exchange some content only with people who know a given password and make it accessible to everyone in your little group but invisible to the outside world.
Until yesterday I thought that problem slightly complex, because everyone in your group needs a given encryption program, and you need a way to share the file without exposing the fact that you are sharing it.
Then I learned two handy facts about Freenet:
Content is invisible to all but those with the key
<ArneBab> evanbd: If I insert a tiny file without telling anyone the key, can they get the content in some way?
<evanbd> ArneBab: No.
You generate a key from a password by using a KSK-key
<toad_> dogon: KSK@<any string of text> -> generate an SSK private key from the hash of the text
<toad_> dogon: if you know the string, you can both insert and retrieve it
In other words:
Just inserting a file into Freenet using the key KSK@<password> creates an invisible, password protected file which is shared over Freenet.
“Some years ago, I had a look at freenet and wasn't really convinced, now I'm back - a lot has changed, it grew bigger and insanely fast (in freenet terms), like it a lot, maybe this time I'll keep it. Especially regarding B.S. like SOPA, PIPA and other internet-crippling movements, freenet seems like a good idea after all!”
— sparky in Sone
So, if you know freenet and it did not work out for you in the past, it might be time to give it another try: freenetproject.org
As the i2p people say, anynomity is no boolean. Freenet allows you to take it a good deal further than i2p or tor, though. If you do it right.
Worst case: If all of Apple would want to find you, because you declared that you would post the videos of the new iDing - and already sent them your videos as teaser before starting to upload them from an Apple computer (and that just after they lost their beloved dictator), you might be in problems if you use Opennet. You are about as safe as with tor or i2p.
Best case: If a local politician would want to find you, after you uploaded proof that he takes bribes, and you uploaded the files to a new safe key (SSK) and used Freenet in Darknet-mode with connections only to friends who would rather die than let someone take over their computer, there’s no way in hell, you’d get found due to Freenet (the file data could betray you, or they could find you by other means, but Freenet won’t be your weak spot).
As I pledged1, I just donated to freenet 50€ of the money I got back because I cannot go to FilkCONtinental. Thanks go to Nemesis, a proud member of the “FiB: Filkers in Black” who will take my place at the Freusburg and fill these old walls with songs of stars and dreams - and happy laughter.
It’s a hard battle against censorship, and as I now had some money at hand, I decided to do my part (freenetproject.org/donate.html).
Is close to realtime.
Downloads all IDs and all their posts and replies → polling which won’t scale; short term local breakage.
Uploads all posts on every update → Can displace lots of content. Effective Size: X*M, X = revisions which did not drop out, M = total number of your messages. Long term self-DDoS of freenet.
“Daddy, where were you, when they took the freedom of the press away from the internet?” — Mike Godwin, Electronic Frontier Foundation
Reposted from Freetalk, the distributed pseudonymous forum in Freenet.
For all those among you, who use twitter1, identi.ca[^identica], and/or other social networks this is a call to action.
Go to your social networking accounts and post about freenet. Tell us in 140 letters why freenet is your tool of choice, and remember to use the #freenet hashtag (twitter), so we can resend your posts!
I use freenet because we might soon need it as safe harbour to coordinate the fight against censorship → freenetproject.org
The broader story is the emerging concept of a right to freely exchange arbitrary data — Toad (former lead developer of freenet)
Twitter is a service for sending small text messages to people who “follow” you (up to 140 letters), so it works like a newsticker of journalists. Sadly it is no free software, so you can’t trust them to keep your data or even just the service available. It’s distinctive features are hashtags (#blafoo) for marking and searching messages and retweeting for passing a message on towards people who read your messages. ↩
Anonymous DVCS in the Darknet.
This is a mirror of the documentation of the infocalypse extension for Mercurial written by djk - published here with his permission. It is licensed solely under the GPLv2 or later. The text is long. For concise information, use the second Link above (Freenet Development over Freenet).
Your code is then hosted decentrally and anonymously, making it just as censorship-resistant as all other content in Freenet.
It works better than the other DVCS currently available for Freenet.
Most of the information you will find in this document can also be found in the extension's online help. i.e.:
hg help infocalypse
I let my thought wander a bit around the question how a social Freenet (2.0 ;) ) could look from the view of a newcomer.
I imagine myself installing freenet. The first thing to come up after starting it is the node page. (italic Text in brackets is a comment. The links need a Freenet running on 127.0.0.1 to work)
“Welcome to Freenet, where no one can tell you’re reading”
“Freenet tries hard to project your privacy. Therefore we created a pseudonymous ID for you. Its name is Gandi Schmidt.
I just had a database error in WoT (the Freenet generic Web of Trust plugin) and couldn’t access one of my identities anymore (plus I didn’t have a backup of its private keys though it told me to keep backups – talk about carelessness :) ).
I asked p0s on IRC and he helped me patch together a WoT which doesn’t access the context for editing the ID (and in turn misses some functionality). This allowed me to regain my IDs private key and with that redownload my ID from freenet.
Sone ermöglicht twitter-ähnliche Kurznachrichten über Freenet. Damit bietet es vollständig anonymes und skalierendes Microbloggen. Es ist noch im Beta-Stadium, funktioniert für mich aber bereits sehr gut.
Das hier ist keine Geschichtstheoretische Abhandlung, sondern ein unvollständiger Erfahrungsbericht1, wie sich Tauschbörsen entwickelt haben, und was die Versuche, sie zu zerstören, bewirkt haben.
Sie ist Teil meiner Antwort auf die Begründung von Herrn Bütikofer zu seiner Abstimmung bei Gallo.
Um es sehr kurz zu machen: Tauschbörsen könnten nur um den Preis einer schlimmeren Zensur als der chinesischen gestoppt werden, denn jeder Datenaustausch müsste vollständig kontrolliert werden. Das ist möglich, aber nur auf Kosten der Privatsphäre und der Rede- und Pressefreiheit.
Meine Erfahrung kommt von Jahren der Nutzung. Ich habe mit Napster angefangen, bin dann zu Gnutella gewechselt und habe nebenbei von Zeit zu Zeit edonkey verwendet und ein paar andere getestet. Seit einigen Jahren bin ich Moderator im GDF, der Mailingliste der Gnutella Entwickler, über die bis Mitte 2008 die Entwicklung koordiniert wurde und irgendwann 2004 habe ich Gnutella für Benutzer geschrieben, das die Funktionsweise von Gnutella in allgemeinverständlichen Worten erklärt (Deutsch und Englisch). Zwischendrin habe ich verschiedene anonyme Netze getestet, z.B. ants und i2p, und BitTorrent als normaler Nutzer verwendet. Heute verwende ich das Freenet Projekt, weil ich darin die beste Versicherung dafür sehe, dass wir einen Ort haben werden, an dem wir den Kampf für die Rede- Meinungs- und Pressefreiheit koordinieren können, wenn die sich aktuell abzeichnenden Zensurgesetze beschlossen werden sollten (und ihre Anwendung sich ausweitet – wie leider zu erwarten ist). Kurz: Ich habe mehr oder weniger direkt all das erlebt, von dem ich hier schreibe. ↩
→ Comment to France Starts Reporting ‘Millions’ of File-Sharers by Torrent Freak.
I hope they all turn to freenet. There’s scance chance of getting many user-addresses there, and it can provide a service similar to torrents and decentral tracker in one, but anonymously and safe from censorship.
I’ve been running it for years now, and it got better and more secure every year.
When free speech dies, we need a place to organize.
Freenet is a censorship resistant, distributed p2p-publishing platform.
*Too technical? Let’s improve that: Freenet is the internet's last, best hope for Freedom.
Update: I nowadays think that voting down is useful, but only for protection against spam and intentional disruption of communication. Essentially a distributed function to report spam.
I don’t see a reason for negative reputation schemes — voting down is in my view a flawed concept.
The rest of this article is written for freetalk inside freenet, and also posted there with my nonanonymous ID.
That just allows for community censorship, which I see as incompatible with the goals of freenet.
Um die eigenen Informanten online wirklich zu schützen, können Journalisten mit ihnen über das Freenet-Project kommunizieren.
Dort kann niemand wissen, wer etwas bestimmtes geschrieben oder gelesen hat, aber es ist gesichert, dass die Veröffentlichende immer die gleiche ist.
Und entsprechend können Journalisten die Identität einer Informantin einmal offline prüfen und dann über Freenet in Kontakt bleiben.
Nachdem die Politik immer mehr auf Zensur von allem möglichen drängt, gibt es die Gefahr, dass das internet zu einem vollständig kontrollierten Raum wird und Redefreiheit völlig verschwindet, weil Alle ihre Aussagen vor dem Onlinestellen selber auf mögliche Zensurgefahr prüfen - und damit zensieren.
Das hat mit der Impressumspflicht angefangen, die sagt, dass jede Seite ein Impressum tragen muss, obwohl der Betreiber für die Polizei sowieso leicht zu ermitteln ist.
Dann ging es weiter mit Abmahnwellen.
Und jetzt kommt die direkte und nicht prüfbare Zensur.
The European Copyright directive threatens online communication in Europe.
But thanks to massive shared action earlier this year, the European parliament can still prevent the problems. For each of the articles there are proposals which fix them. The parliamentarians (MEPs) just have to vote for them. And since they are under massive pressure from large media companies, that went as far as defaming those who took action as fake people, the MEPs need to hear your voice to know that your are real.
If you care about the future of the Internet in the EU, please Call your MEPs.