Arne Babenhauserheide | 17 Dec 21:02 2014

Autostart on Startup


I just had one of my new darknet contacts call me, saying “my Freenet site does not work anymore. It says the
host localhost does not exist.”

I was stupefied for a moment, until I realized that my darknet contact had just restarted the computer for
the first time since installing Freenet. Then I was completely helpless: How do you start Freenet on
Windows? It’s hard enough to explain on GNU/Linux (“go into a shell and ...”), but on Windows it’s
a mystery to me.

And for me that settles the debate about autostarting Freenet by default or not: Yes, the installation
should by default make Freenet start automatically on startup. Anything else is a support nightmare.

Best wishes,
Celebrate with ye beauty and gather yer friends for a Pirate Party!
Devl mailing list
Devl <at>
Ian Clarke | 16 Dec 15:25 2014

Someone available to speak in Germany (in German) on Feb 11th?

These guys would like give us an award, and have asked whether we have a
German representative that could go to their congress in Hamburg on 11th
Feb to give a German language introduction to Freenet?

Could anyone do this?



Ian Clarke
Founder, The Freenet Project
Email: ian <at>
Devl mailing list
Devl <at>
xor | 14 Dec 00:45 2014

Re: [Darknet-tools] invitation

On Thursday, December 11, 2014 01:35:26 PM demos wrote:
> Hello folk,
> I am searching for a freenet developer who can imagine to hold a short
> lecture towards freenet in Dresden for a meeting of the project EDN,
> that has the goal of developing/implementing a
> surveillance resistant Freifunk that will include Smartphones.
> It will take place in the middle of January in the hackerspace of CCC
> Dresden.
> If I know it early enough i can organise a sleeping place.
> and the meeting could be streched from friday evening to saturday
> Greets
> Demos

From what I've observed when discussing this on IRC, we *have* people capable 
of holding the talk, including German speaking ones - the only problem is 
traveling to Dresden.

As a consequence, I'm wondering: Would you be OK with a remote talk via Skype 
or some other video conference system?

ArneBab, CC to you because you recently told me about some open source Skype 
alternative; and because you're a candidate for doing the talk I suppose :)
Devl mailing list
(Continue reading)

Michael Grube | 12 Dec 23:05 2014

TAILS inclusion by creating .deb package

"Someone proposed on Redmine to include more darknets, for example freenet
and Namecoin.

We don't know Namecoin, and adding freenet seems a bad idea to someone.
Also they are not in Debian. We will close the ticket and open another one
in case some darknet packaged for Debian appears (freenet, namecoin or

Getting us on TAILS would be a win. I can't commit to doing this now, but
better to make others aware in case they are able.
Devl mailing list
Devl <at>
Matthew Toseland | 11 Dec 13:51 2014

Fwd: [Darknet-tools] invitation

Most people don't subscribe to darknet-tools. Forwarding...
Devl mailing list
Devl <at>
Ian Clarke | 5 Dec 00:05 2014

Anyone interested in a part-time gig to build on Freenet?

This was referred to me by a friend:

Looks interesting.



Ian Clarke
Founder, The Freenet Project
Email: ian@...
Devl mailing list
xor | 25 Nov 20:08 2014

RFC: Security of WOT XML parser


nextgens has stated his concerns whether the WOT XML parser is vulnerable to
the "XXE" attack:

I produced a unit test to check the XML snippet which is provided at the above

It succeeds (= the attack fails) because the DOCTYPE declaration is disallowed
by the existing settings of the XML parser.
I am not sure whether this fixes all possible version of the attack. 
Can someone tell me whether the attack would be possible with something else
than DOCTYPE? If yes, can you provide a XML snippet so I can add it to the unit
tests to check whether we're vulnerable?

Also, while you're at it, please review the XML parser settings of WOT for other
possible security issues:

Possible things to review:
- Maybe check the whole list of functions of DocumentBuilderFactory.

- Notably, there are some constants ACCESS_EXTERNAL... which we don't use:
Should we use them all? Or are they as well covered by DOCTYPE?
And if yes to use them, use them with which setAttribute() values?

Thanks for your help!
(Continue reading)

Steve Dougherty | 23 Nov 21:13 2014

Freenet 0.7.5 build 1466 released

This release fixes a bug introduced in build 1466 which can erase the
list of plugins to load when Freenet starts if it crashes. [0] Thanks to
anonymous for the report and Eleriseth for diagnosing the problem!

purge-db4o was going to be in this release if there weren't surprises,
but this was a surprise. Barring even more surprises, purge-db4o will be
released in build 1468.

- Steve Dougherty


Windows installer:
Arthur Blot (2):
      Prevent Java from installing the Ask! toolbar
      Fix AutoHotKey build instructions

Steve Dougherty (5):
      README: use more concise wording
      README: fix typo
      READMEs: remove trailing whitespace
      Document ending newline policy
      Add Finnish language entry and convert to ANSI

oselotti (1):
      Add Finnish translation

romnGit (2):
      README: remove obsolete build history
(Continue reading)

Steve Dougherty | 23 Nov 01:14 2014

Freenet 0.7.5 build 1467-pre2

This prerelease fixes a bug introduced in build 1466 that can erase the
list of plugins to load when Freenet starts if it crashes. [0] Thanks to
anonymous for the report and Eleriseth for diagnosing the problem!

purge-db4o was going to be in this release if there weren't surprises,
but this was a surprise. Barring even more surprises, it's now pushed
back to 1468. Because this prerelease does not contain purge-db4o, those
running 1467-pre1 should not upgrade to it. 1468-pre1 will include
purge-db4o, follow shortly after 1467's release, and contain its

It's available on|cmd testing and is currently inserting.

- Steve Dougherty



Eleriseth (1):
      Remove unnecessary logging

Steve Dougherty (4):
      Default bookmarks: fix operhiem1's blog not appearing
      PluginManager: fix plugin configuration corruption
      PluginManager: use idomatic collection addition
      Add updated translations

(Continue reading)

Steve Dougherty | 21 Nov 10:52 2014

Incoming bugfix release 2014-11-22 or 2014-11-23

Bug #6411 [0] got into build 1466.

When Fred writes the configuration file on startup
`pluginmanager.loadplugins` is blank due to a race condition introduced
by 869f62559a06b2f72c9224a2179001dd551ea442. If, after all plugins have
started or failed to start, a configuration change or clean shutdown
causes the configuration to be written again it will be written
correctly. This means a crash will likely clear the node's list of
plugins to load.

The proposed fix is in pull request 311. [1]

I've started the stable-1467 branch and added a fix for the new default
bookmark not appearing to it. [2] Are there any other bugs introduced in
1466 that should be fixed in this (please very very small) upcoming release?

- Steve


Devl mailing list
Michael Grube | 19 Nov 19:30 2014

31c3 - We Fix the Net Assembly

I have neither the time nor the authority to speak about the current state
of Freenet development. However if somebody is feeling brave, I wonder if
it might benefit us to be there. I first found out about Freenet years ago
by watching the talking at ccc, so if we are suffering from bad marketing
this may be a good opportunity for us.

There are two options. Our friends over at GNUNet are hosting a track
called "We Fix the Net" where speakers can talk about their projects.

The other option is to submit a paper:

If anybody can make it out to Hamburg, it may be good for us.