Freenet 0.3 Released

A few folks noted that Freenet 0.3 has been released. You can read more at the project homepage. The software's description: " Freenet is a peer-to-peer network designed to allow the distribution of information over the Internet in an efficient manner, without fear of censorship. It is completely decentralized (there is no person or computer essential to its operation), meaning that Freenet cannot be attacked like centralized peer-to-peer systems such as Napster. Freenet also employs intelligent routing and caching to learn to route requests more efficiently, automatically mirror popular data, make network flooding almost impossible, and move data to where it is in greatest demand. Changes: This release includes dramatic architectural improvements, addition of internode and data encrpytion, subspaces, along with improved performance in a variety of other areas."

I would be working on this...

...if it wasn't written in Java.

FreeNet has two basic needs:

1) Programmers: Everyone knows C, many people know C++. Nobody I know personally knows Java. Clearly there ARE people who know Java--but how do the numbers compare? Why not write the core in C (which is, face it, just as portable as Java if done correctly) and then a UI in Java?

2) Testers: I run a home network. In order for people on the Internet to see my FreeNet node, I'd have to run it on the public side of my firewall. But there is no way in hell I'm taking the time and security risks to install Java on my server.
--
Linux MAPI Server!
http://www.openone.com/software/MailOne/

Re:I have a dream...

You have misunderstood what Freenet keys are. Internally they are cryptologically derived arrays of bytes - nothing that can be described via URNs, URIs or whatever.

We have sketched up a standard for describing keys of the different types as URIs. If somebody wants to make one for describing them as URNs, go ahead - it does not effect the network, only the clients that need to turn them into keys.

I have not spent much time in corporate environments, but enough that the concept for a "working group" sends chills down my spine. No beuracracy here please....

We will of course write an RFC, but we need to to know how we want the protocol to work ourselves before that - and we are still far from that.

Re:How can I assert my own ethics on FreeNet?

The simple answer is that we have written Freenet for people whose ethics include the freedom of speech - even that speech which they do not like.

Since yours obviously do not, the way you can assert your ethics is simply not to run a Freenet node, and maybe by sending some money to one of the organisations who are on your side (MPAA, AFA, the Chinese communist government, etc).

Ways to Squash Decentralized Networks

Given that the resources of the US Government (and other world equivalents) are much greater than those of the average programming project team, it seems inevitable that there will be ways to disable even peer-to-peer networks such as this. Any idea how they could work? If Microsoft gets the court's permission to have freenet://microsoft.foo or whatever removed from the network, how could the authorities go about doing it? Are there possible hacks the software that would allow them to control it with force?

Also, it seems to me that any network in which a specific document can eventually be tracked to a single IP address is insecure. While it can never be shut down, per se, anyone who is doing anything that make *make* someone want to shut it down can still be found (at least until the mibs knock at their door).

Check the Specs!

Freenet isn't just "working on" avoiding the problems of Gnutella, it's entire architecture is based on intelligent routing, including:

never broadcasting search queries (thank god).

Intelligently mirroring any and all data to a subset of the nodes that route the file to you

finding a file in the network is done in a chain, with the first node that knows where the data is directing the file request straight to that node

What this means is that, sure, in theory you could have to go through a hundred hops before you find your file. But next time you want that file, it'll be right next door (e.g. one hop away).

That, in my opinion, is leaps and bounds and orgasmically better than what Gnutella can do. Don't you think?

-=20

Re:What about user identification?

Things like instructions for making drugs, race hate literature and pornography are not "speech", and should not benefit from the protections built into Freenet.

Oh, yes, it is. All speech is speech. Even if you don't like it. I don't like the stuff you mentioned either, but I acknowledge its fundamental right to exist. Freenet is not a tool for bookburners.

So what I want to know is - is it possible to track this kind of rubbish and remove it, along with users who upload/download it?

No. You cannot track the users; that's a very large part of the whole point of Freenet. However, remember the old "ignore it and it'll go away" bit? Because of Freenet's architecture, this is actually true. If no one downloads it, it will eventually be deleted to make room for things people do want to see.

Keeping it free of this crap will mean that Freenet will be a much cleaner place than the web, and it will also attract less attention from governments looking for their next target.

Define "clean." Free of things you don't want to see? Who gave you, or anyone else, the authority to determine what a person may see (parents excepted solely in the case of their own children), except for that person him/herself? No one did, because you have no right to do that. Freenet, it seems to me, is not about giving people the right to see what they wish; it's about taking away the ability to censor.

----------

You haven't defended Free Speech until...

you've defended someone's right to say something you morally oppose.

Until then, it's just posturing.

I think he's entirely in line. It is you who isn't.

If you don't want people to be able to say what they want to, then don't run a Freenet node. It's that simple.

(oh, and also, please don't run for public office. We've got enough of your sort already)

-

Re:I have a dream...

I think you have a false idea of what a "working group" is. It is nothing like bureaucracy. The IETF has always been very open and very efficient in its structure. It's more about radically dissociating the implementation from the protocol, which is an essential step in producing a "standard" that is not a mere description of what a program does (in the same idea, for an RFC to become a Draft Standard it must have two independently developped implementations). It's about thinking before you act, and letting some well-known Internet experts give you advice.

You (and others) react as though I had attacked the idea of Freenet. I haven't. I think it's great. But I fear there's too much emphasis on the "let's implement it" rather than on the careful definition of a well-thought protocol. The implementation is nothing: the only important thing is the protocol. Of course we must fear the reverse pitfall, where the standard (like many W3 standards) never gets implemented because it was devised without any thought as to implementation. But the Internet is also too full of protocols that were engineered toward one single implementation.

And an IETF working group is the natural framework for developing a protocol. Remember: you don't need to be member of anything to do this (the IETF has no permanent members). It will bring the attention of experts who are able to address the problem of integrating the protocol defined in the mass of other existing standards. And it will bring recognition, quite simply.

Could be dangerous

I don't like the idea of totally untrackable access. Freenet gives the perfect tool for spreading copyrighted software and music. While many think that it serves them right, it is illegal no matter how much that software or music costs.

But I'm even more concerned about child pornography and other dark sides of man. If those sickos can't be tracked, we've just created the perfect tool for child abusers. And frankly, I can't believe that this kind of freedom or anonymity is more important than human rights of the victims of these criminals.

Personal feelings aside, Freenet is also dangerous to the internet. As much as some people would love it, the society can never be free. If you want a safe society, you have to compromise a bit with your own privacy. The politicians and authorities know this and want to keep it this way. So if Internet suddenly becomes totally anonymous, there will be legislation and international agreements to bad all anonymous internet traffic. It will be severly restricted and all rogue countries will be banned. Just look at the land mines to get an idea.

Re:Check the Specs!

Yes. There is no cure for corrupt node syndrome. This is similar to NNTP. Your NNTP server could replace every one of the articles you read with goatsex advertising. The same is true for your HTTP proxy, etc.

Of course Freenet is different in that it's more chain-y than other protocols, so there's a larger chance of getting a corrupt node. Hopefully, whatever node you use (and whatever node they use, etc.) will be actively maintaining, and will always be adding new nodes and removing old nodes so as to keep the network mostly pure.

The claim that Freenet is completely anonymous is not entirely true. Obviously, if I upload something to a node, I'm giving it my IP. However, it doesn't know if I'm uploading it myself or if I'm uploading it on behalf of someone else. If, however, I'm constantly giving it advertisiments, etc., banning my IP would be a quasi-effective solution (especially if there were something analogous to, say, the RBL).

Re:Centralized is not totally bad...

Actually, one of the main selling points of Freenet is that, in fact, you can't beat it with a handful of warrents. Getting a warrant would give you access to the computer running a node, but you'd never learn anything because all of the file data is encrypted. Even if you could somehow decrypt the files, the owner of the node has complete deniability because of Freenet's dynamic mirroring. (i.e. "I never downloaded that file. Someone must have requested it through my node.") You would be able to learn the IPs of other nodes that this node has been connecting to, but that sort of information is only relavant if the FBI has some legitimate reason to shut down all of Freenet that it can get it's hands on. Which is unlikely, at least for now.

The Freenet guys are ultimately hoping to have a "subversion-mode" dist of Freenet which will be completely hardened to identification as Freenet traffic, and that sounds fuckin cool :-)

-=20

Not really

Freenet, if it even works, is designed in such a way that'll never be able to fulfill the current purpose of either Napster or GNutella. To boil the concept down to its essentials, Freenet works on a philosophy of PUSHING highly requested data around to its servers and can only be requested by a unique identifier; whereas GNUtella essentially works on a query and pull concept. It may work well for relatively small, yet infamous, text files and the like (i.e., DeCSS). But it'll simply never be able to rise the occassion of distributing gigabytes upon gigabytes of data. For one, even without redundancy, all the the popular music is still at least 800 gigabytes. Secondly, since there is no standard naming or provider of these files, there is a high degree of redundancy. i.e., hundreds of people will encode differently and give it a different file name. So we're really talking about terabytes of data to get it all. The problem is that, given the ad hoc strucure of mp3 suppliers/servers and listeners, all of this data must be pushed around (i.e., transfered) and stored. It simply can't work.

I have a dream...

Freenet is good, it came up with some pretty neat ideas, but it would be better if it had been developped and thought out in advance in the context of an IETF [ietf.org] working group, if the specifications had been released as a Request For Comments [rfc-editor.org], and, in other words, if it had paid a little more attention to existing Internet standards instead of being Yet Another anti-censorship system.

For example, why did Freenet have to come up with their own key scheme instead of using the official standard of Uniform Resource Names [isi.edu] (URNs) defined by RFC2141 [urn] (the previous link was an example of a URN)?

I have this dream of a true world-wide distributed database founded on recognized Internet standards. It would use URNs as keys. (In particular, it would allow arbitrary Unicode character data.) It would use the ubiquitous RDF [w3.org] format as "semantic sugar" (pardon the expression) of its communications. It would borrow ideas from HTTP (the best Internet communications protocol we have so far) for the protocol, and Usenet and Freenet for the distribution mechanisms, as well as the public key distribution system and trust web, and the everything [everything.org] system. It would use public-key cryptography as the basis for its trust graph, so as to make data authentification possible and tampering impossible. Certificates and signatures would be distributed along the network itself. It would employ secret sharing mechanisms to split the risks of carrying certain data. It would be impossible to tamper with, impossible to censor, and extremely difficult to break. It would replace the lousy and obsolete DNS system (and also alleviate somewhat the power of "root registrars" in the DNS), and possibly The Web itself. And, to make my dream even more of a dream, it would be simple to implement.

Hmmm.... Nice project, for the year 2100 or so. Anyone care to start an IETF working group?

Centralized is not totally bad...

meaning that Freenet cannot be attacked like centralized peer-to-peer systems such as Napster

This is all very good in theory - but I've found that Gnutella (another non-centralized peer-to-peer system, albeit without the encryption layers) suffers as a result of this - with no central servers your packets may be routed through potentially hundreds of systems.

FreeNet must overcome this (although I am glad to see that intelligent routing is being worked on and improved!) if it is going to be viable.

Amazing tech..

The sheer amount of effort going into this project just leaves me thinking "wow"...
After all, this goes back to the original ethic of the Internet, the ability to share things freely, post things around, and generally be pretty laid back about things.

The sad thing about it is that it's become as necessary as it has.. What with the legal vultures leaping onto everything in an attempt to make it theirs, and stopping people doing anything they either don't understand, or don't agree with.

Malk.

Re:Ways to Squash Decentralized Networks

Also, it seems to me that any network in which a specific document can eventually be tracked to a single IP address is insecure. While it can never be shut down, per se, anyone who is doing anything that make *make* someone want to shut it down can still be found (at least until the mibs knock at their door).

Freenet takes this vulnerability into account in two ways:

First, you don't send out a query to a central server and get back an IP address, like you do with DNS or Napster. You send out a query to a neighbouring Freenet node and get back a document (or a failure notice). You can't tell whether the document came from the node to which you sent the request, or from one of your other neighbours, or from another node whose IP address you've never heard of. All you know is that it passed through the node to which you sent the request. But since it may be stored somewhere else, that knowledge doesn't help you to censor the document.

However, if every request was routed through dozens of nodes before the requested document was found, and if the document had to be passed back through as many nodes, Freenet would be extremely slow. Freenet has two clever properties to avoid this: "route compression" and "document clustering".

• Route compression

  When a node responds to a request by returning a document (call it document X), it can set the DataSource field of X's metadata to indicate the node from which X was obtained. (This may not be the actual source, but it cuts out some of the middlemen.) The requester uses this address when looking for documents with keys lexographically close to the key of X, so the intermediate nodes are skipped in any future requests. Effectively, a new edge in the Freenet graph is created, linking the requester to the node listed in the DataSource field.

  Document clustering

  This works almost like a neural network "learning" the fastest route to a document. If a node successfully obtains document X from node Y, it will forward subsequent requests with keys similar to the key of X to node Y. Over time, Y's cache will fill up with documents having similar keys, clustered around the key of X. This will increase the likelihood of success of requests for keys inside the cluster, and increase the likelihood of failure of requests for keys outside the cluster (as unrequested documents are squeezed out of the cache). The sets of documents cached by Y while serving requests for each of its neigbours will start to overlap, and the sets will eventually become identical - Y will become an "authority" on a particular part of the keyspace. Over the network as a whole, documents with lexicographically close keys (note that this has nothing to do with the contents of the documents) will tend to cluster together on the same node. Thus over time, requests will be routed more and more efficiently as the "guesses" made by nodes about which neighbour to forward a request to become more and more accurate.

The second way that Freenet avoids censorship is through replication. Every node involved in tunnelling a request caches the requested document as it passes through. This not only allows documents to cluster, it also ensures that popular documents are replicated across the network while unpopular documents eventually disappear. Any attempt to censor a document by taking advantage of route compression to discover the IP address of the node storing the document is bound to fail, because you have to request the document dozens of times to be sure you have found the true source of the document, and by that time you have succeeded in spreading the document all over Freenet. It's a very elegant self-balancing mechanism.

Re:Check the Specs!

• There is no cure for corrupt node syndrome. This is similar to NNTP. Your NNTP server could replace every one of the articles you read with goatsex advertising.

Buzzz! Incorrect answer. The bulk of data in Freenet will be inserted under CHKs - content hash keys. Tampering with the contents is impossible, because the key used to request it is unique to the data.

But how can I get these hashes to request? Meet SVKs. These keys are cryptographically signed, and their data is intended to redirect the user to CHKs containing the real data. Also check out SSKs - these permit a publisher to insert plaintext keys under his own "subspace", all signed by his private key. For example, you might request "freenet:SSK@down_with_the_state,ut8hLKSEDHt9ut3OT GDIty40", where the string after the comma is the publisher's public key. Cool, huh?

So it's really simple. Content is guaranteed to be what you expect through secure hashing. Built-in cryptographic signing provides an elegant way to find out exactly what data to request.

• The claim that Freenet is completely anonymous is not entirely true.

Right. Only the first node in the chain knows who you are. That's why you MUST run your own node.

When you request data from Freenet, you send a request from your Freenet client to your local Freenet node, saying "I am looking for X". Your node relays this to the node most likely to have this data. It probably won't, but it'll forward the request again to the node it thinks is most likely to have the data. After ten hops or so the data will almost certainly be found, and it'll travel back down the chain.

Now what does this mean for anonymity? Well, if you're running a local node, and you request data through it, for all the other nodes know your node is just relaying a request from someone else. So there's no way to prove you've actually requested anything!

Freenet really needs the support of the community.

For freenet to really take off, it's going to need the support of the community. We need to all install freenet nodes where we can to ensure the growth and acceptance. The more people that get on the freenet, the more the network itself can be tested and stressed.

If we all talk about it, it will never happen. But we have the power to make it as important and standard as anyone. Look at our plans of world domination with Linux! :)

If we can kindle the same passion for a secure and safe internet, I am sure that the freenet idea can be driven to a high standard of acceptance. I am sure the last thing any control-seeking organization wants to have happen is the mass acceptance of a decentralized encrypted network.

it's very easy to download and install.

It doesn't chew up much bandwidth to run a node.

I doubt it will be long before someone hacks in a Freenet client into Mozilla, or another open source browser such as Conqu or Galeon.

I really believe that it's quite important for the community to rally behind this effort... if we don't accept it, nobody will.




--------------------

Re:Solution?

But really, what is this technology going to be used for primarily? Probably something illegal.

Since when is it wrong to do things that are illegal?

people are going to view this as is a system that will be able to thwart Big Brother, aka the government and big business.

Well, that is one of the things that it can do. "It's a feature, not a bug!"

Ofcourse we need to protect the freedom of speech, especially in a medium like the Internet. I just hope it's done legally.

This is an oxymoron. When laws are created that constrain individual freedom, and when court decisions prohibit people even from talking about these issues, it's not possible for individuals to "protect freedom of speech... legally". We must break the law, or live as sheep.

Re:Could be dangerous

Child pornographers aren't usually caught in Internet-tracking stings. They are usually caught because they turn in their computer for repair and someone sees something, or from other tip-offs.

What's really dangerous is your quote:

"If you want a safe society, you have to compromise a bit with your own privacy."

It reminds me of this Benjamin Franklin quote:

"They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety."

To many, the ability to truly anonymously share information is an essential liberty. Ask any whistleblower, pro-democracy activist in China, or anyone afraid of repercussions should they be caught sharing information.

"But what about illegal uses, such as copyright violation?" you may say. Define illegal. In what country? What about countries where copyright violation isn't illegal? Ever been in a Saudi Arabian music store? A Falun Gong booklet is illegal in China, should we not be able to share one? Many in Kentucky would consider what I see on European billboards to be obscene, a punishable offense to distribute. Should they have the right to say what is legal to distribute?

Whenever there is the slightest doubt, always err on the side of freedom.

Re:Could be dangerous

Og say fire dangerous; no use fire.

Seriously, everything can be misused--and I don't want a totally safe society.

How can I assert my own ethics on FreeNet?

The question that pops into my head when I consider the ramifications of FreeNet:

How can I ensure that my machine is not involved in the trafficking of content that I don't support?

I think a lot of people who find FreeNet interesting immediately imagine all the victimless pilfering that can go on. "RIAA can't shut us down!" I'm not talking about free movies. I'm not talking about cracked Win2K warez. I'm not talking about the source code and inflammatory emails that were leaked from MegaCorp's development department the day before the stock price plunged.

Once you are a node, it seems you give up your right to have any control of what's hosted on your own computer. You become a member of the collective. You are a cog in a machine, without any ability to have any context.

John Doe may like kiddie porn, GHB date rape drug recipes, tips on how to spot vulnerable SUVs for car-jacking, Aryan Nation websites, and abortion clinic hit-lists. I don't. Look for it elsewhere.

If you want that sort of information, I don't want to be a party to it. I'm not talking about legalities. I'm not talking about censoring all of FreeNet from that information. I'm talking about my own ethic.

I don't want to have the feeling, that information resides somewhere on the server I've installed with my own time, money and energy, that could kill someone, or exploit someone against their will.

This isn't "cover my ass", this is "sleep well at night."