Ian Clarke | 31 Jul 10:05 2015

Thoughts on FProxy

In the years since we designed FProxy, UI design has come a long way.  In a
sense we were ahead of our time, since many desktop GUIs are now
implemented as web apps (eg. Slack), although embedded in native containers.

In more recent years a stack of tools have emerged for designing webapps.
JavaScript is growing up, ES6
supports some nice language features like a compact lambda syntax, and
pre-processors like TypeScript <http://www.typescriptlang.org/> introduce
static typing, while allowing use of ES6 features on browsers that don't
yet support it.

Bootstrap <http://getbootstrap.com/> allows non-designers (ie. us) to build
pretty UIs, and React <http://facebook.github.io/react/> allows concurrent
updates of the UI in a convenient form.  GraphQL
is an emerging replacement for REST for client-server communication (and a
library <https://github.com/andimarek/graphql-java> exists for server-side
Java support), although it's still quite early.

Reading this article
<http://draketo.de/english/freenet/forgotten-cryptopunk-paradise> in
particular, it hits home the potential Freenet could have with a modern UI,
and the tools now exist for us to build a solid UI even if UI design isn't
the core competency of the typical Freenet volunteer.


(Continue reading)

Ian Clarke | 31 Jul 09:34 2015

Great series of Freenet articles

I'm surprised I didn't see these earlier: http://draketo.de/english/freenet

This one is quite recent:

Devl mailing list
Devl <at> freenetproject.org
Steve Dougherty | 25 Jul 02:19 2015

Probe overload responses

1468's release coincides with increased overload probe response - see
attached. Any ideas on why this might be? Failed upgrades maybe? Network
size estimates are dropping as well but that's a longer-term trend.
Devl mailing list
Devl <at> freenetproject.org
Prometheas | 23 Jul 14:20 2015

CENO project update

Hi all,

For those wondering how CENO [0] is progressing, please find bellow the
updates sent to the project's mailing list [1].

While the list of outstanding deliverables for v0.3.0 is narrowing down,
you may take a look at the latest commits in the repository [2].
Nevertheless, you might be interested in the vacancy [3] for a software
developer in the team. In the next months we are focusing on preemptive
mirroring of websites and on having a transport plugin for Freenet.
Deadline for applications is August 1st.


[0] https://censorship.no/
[1] https://lists.equalit.ie/mailman/listinfo/ceno
[2] https://github.com/equalitie/ceno
[3] https://equalit.ie/software-developer-on-censorship-circumvention/

On Wed, 2015-07-15 at 15:03 -0400, Dmitri Vitaliev wrote:
Happy summer (for those in the northern hemisphere)!

Herein a small update with project progress and a new recruitment
drive - hopefully a reflection of growing interest in this endeavor.

CENO is now at 0.3.0 with a stable client
https://github.com/equalitie/ceno and a completely reworked model to
distribute bridge info whilst maintaining the requesters anonymity
(using freemail). The bridge and client stack are now fully deployable
and we've implemented Chrome and Firefox plugins to facilitate TLS
(Continue reading)

Steve Dougherty | 20 Jul 02:05 2015

Freenet 0.7.5 build 1469 released

This release fixes two bugs introduced in build 1468. One caused very
slow operation and high CPU usage with large files and physical
security levels above None (i.e. Freenet-level disk encryption). The
other prevented interactive usage (e.g. freesite browsing) while
finishing large downloads or starting large uploads.

Fred now requires Bouncy Castle 1.52, which fixes the slow performance
of SkippingCiphers. Bouncy Castle 1.51 implemented it by incrementing
repeatedly. MemoryLimitedJobRunner now requires a maximum priority when
instantiated and runs jobs in priority order. getPriority() returns the
priority of the job (changed from 1468 where it was the priority of the
thread running the job). There are also minor changes to the splitfile
internal APIs. These do not appear to affect KeyUtils or Shoeshop, but
might affect other very low-level plugins.

- Steve Dougherty

Java installer changes:
Florent Daigniere (1):
      Update to BC1.52

Karl Semich (3):
      Inform user re: https://bugs.freenetproject.org/view.php?id=6544
      Give some working java versions.
      Check DH prime size issue by trial rather than error text

Steve Dougherty (5):
      Fix whitespace
      Correct key size limit message
(Continue reading)

Matthew Toseland | 19 Jul 23:24 2015

Anyone with cmd-fu?


Devl mailing list
Devl <at> freenetproject.org
Matthew Toseland | 19 Jul 16:38 2015

MAST appears to be a myth...

Having played with a ridiculously simplistic simulator, I conclude that
Freenet's security sucks rather less than I had thought. That is, the
"moving around the circular keyspace in an arc" metaphor is completely
wrong, and it looks like there is very little information *easily*
available about the request originator's location. Checking the obvious:
- Count of requests that reach each randomly placed eavesdropper. This
does not seem to reliably indicate how far away the target is. It might
be possible to use the actual topology, but I suspect it would need more
requests, and we don't have the topology on opennet; we do have it on
darknet, but it's harder to get connections...
- Direction from which a request comes to an eavesdropper node: This
does not appear to correlate at all with the direction between the
eavesdropper and the originator.
- Extremes, i.e. the range of request target locations that an
eavesdropper node receives: This depends on the topology etc but doesn't
seem to tell us very much.

The attack we have been concerned about for some years is MAST, Mobile
Attacker Source Tracing. The idea is if you can get some hint of where
the originator is, you can move towards that guess (e.g. by using
announcement), and hopefully get more traffic, thus getting an
exponential speedup. It appears that the fundamental building block for
this doesn't exist - or at least, it needs a lot more work, and very
possibly a large number of requests and access to the topology.

I conclude that there is no immediate need for tunnels on darknet. On
opennet, there are bigger problems, e.g. connecting to all nodes, or a
large subset at a time. Tunnels would help on opennet, provided the
level of Sybil can be bounded (e.g. ShadowWalker works up to 20% Sybil,
but IMHO assigning shadow nodes securely would be a serious problem for
(Continue reading)

Florent Daigniere | 18 Jul 19:47 2015


testing-build-1469-pre2 has been tagged and should be available using
the manual update scripts.

It should deploy the new bouncycastle (1.52) and fix the crypto
performance issues of 1468.

Please give it some good testing.

I'm not publishing the corresponding
  freenet keys as I'd like some testing to be done on the manual update
scripts too.

Devl mailing list
Devl <at> freenetproject.org
Steve Dougherty | 11 Jul 20:07 2015

Freenet 0.7.5 build 1468 released

The Freenet team is very happy to announce the stable release of
Freenet 0.7.5 build 1468.

*Important notes*: downgrading from build 1468 is not supported; if you
want to go back to build 1467 without losing the upload and download
queues, *before* upgrading, back-up the following files and
directories: master.keys, persistent-temp-*/, and node.db4o (see
https://wiki.freenetproject.org/Program_files ). Please note that
running transfers will be restarted from scratch too. A reminder to
those testing auto-update to 1468-pre4: please restore your auto-update
key to the default. One way to do this is to stop Freenet, remove the
"node.updater.URI" line from freenet.ini, and start Freenet again.

db4o is gone from Fred. It is replaced with the product of toad's
summer of work - a custom on-disk format that is much more robust
against corruption and is more efficient in both CPU and I/O. [0] A new
crypto API (unixninja92’s Google Summer of Code) is available for
plugins to easily perform cryptographic operations within Freenet. This
new API has been designed to make it as simple as possible to do the
“right” thing cryptographically and to follow current best security
practices. See freenet.crypt.EncryptedRandomAccessBuffer and
freenet.crypt.MessageAuthCode for details.

* Existing unfinished downloads and uploads will be imported to a new
  format, which requires restarting them from the beginning.

* Space for downloads is now all allocated at the start, so machines
  very low on disk space may run out, which causes downloads to
  temporarily fail until more space is available.

(Continue reading)

Debora Wöpcke | 10 Jul 13:08 2015

Standard for repositories on github


The Getting Involved / Source Code page (
https://freenetproject.org/developer.html) says that each repository exists
in an "-official" and a "-staging" version (end of first section). This
doesn't seem to be the case any more so that part of the text needs

I have created a pull request with a suggested update at

Devl mailing list
Devl <at> freenetproject.org
xor | 8 Jul 00:58 2015

WOT build0016-rc01 available, please test

Hey folks,

while the previous WOT release build0015 has not been deployed yet since fred 
release build01468 had been delayed for quite some time, another new WOT 
release has been finished.

The release candidate 1 of build0016 can be downloaded by Freenet via:

http://localhost:8888/CHK <at> 2oYjqKfwAqmdk-iogm1p~rXngAeCGVL6JW2wRvZjqKE,fj~bOGvl-l30KZoueErBo5uqDQ6ZaqIOu5yknbc3pTo,AAMC--8/WebOfTrust-build0016-rc01.zip

Testing instructions and a changelog are included in the zip as text files.
Please do read the testing instructions before using it.

Thanks for testing :)

Devl mailing list
Devl <at> freenetproject.org