Arne Babenhauserheide | 17 Dec 21:02 2014
Picon

Autostart on Startup

Hi,

I just had one of my new darknet contacts call me, saying “my Freenet site does not work anymore. It says the
host localhost does not exist.”

I was stupefied for a moment, until I realized that my darknet contact had just restarted the computer for
the first time since installing Freenet. Then I was completely helpless: How do you start Freenet on
Windows? It’s hard enough to explain on GNU/Linux (“go into a shell and ...”), but on Windows it’s
a mystery to me.

And for me that settles the debate about autostarting Freenet by default or not: Yes, the installation
should by default make Freenet start automatically on startup. Anything else is a support nightmare.

Best wishes,
Arne
--
Celebrate with ye beauty and gather yer friends for a Pirate Party!
    → http://1w6.org/english/flyerbook-rules#pirate-party
_______________________________________________
Devl mailing list
Devl <at> freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
Ian Clarke | 16 Dec 15:25 2014

Someone available to speak in Germany (in German) on Feb 11th?

These guys would like give us an award, and have asked whether we have a
German representative that could go to their congress in Hamburg on 11th
Feb to give a German language introduction to Freenet?

Could anyone do this?

Ian.

--

-- 
Ian Clarke
Founder, The Freenet Project
Email: ian <at> freenetproject.org
_______________________________________________
Devl mailing list
Devl <at> freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
xor | 14 Dec 00:45 2014

Re: [Darknet-tools] invitation

On Thursday, December 11, 2014 01:35:26 PM demos wrote:
> Hello folk,
> I am searching for a freenet developer who can imagine to hold a short
> lecture towards freenet in Dresden for a meeting of the project EDN,
> that has the goal of developing/implementing a
> surveillance resistant Freifunk that will include Smartphones.
> 
> It will take place in the middle of January in the hackerspace of CCC
> Dresden.
> If I know it early enough i can organise a sleeping place.
> and the meeting could be streched from friday evening to saturday
> 
> https://wiki.c3d2.de/Echt_Dezentrales_Netz
> https://wiki.c3d2.de/Echt_Dezentrales_Netz#Veranstaltungen
> 
> Greets
> Demos

From what I've observed when discussing this on IRC, we *have* people capable 
of holding the talk, including German speaking ones - the only problem is 
traveling to Dresden.

As a consequence, I'm wondering: Would you be OK with a remote talk via Skype 
or some other video conference system?

ArneBab, CC to you because you recently told me about some open source Skype 
alternative; and because you're a candidate for doing the talk I suppose :)
_______________________________________________
Devl mailing list
(Continue reading)

Michael Grube | 12 Dec 23:05 2014
Picon

TAILS inclusion by creating .deb package

https://tails.boum.org/contribute/meetings/201409/

"Someone proposed on Redmine to include more darknets, for example freenet
and Namecoin.

We don't know Namecoin, and adding freenet seems a bad idea to someone.
Also they are not in Debian. We will close the ticket and open another one
in case some darknet packaged for Debian appears (freenet, namecoin or
others)"

Getting us on TAILS would be a win. I can't commit to doing this now, but
better to make others aware in case they are able.
_______________________________________________
Devl mailing list
Devl <at> freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
Matthew Toseland | 11 Dec 13:51 2014
Picon

Fwd: [Darknet-tools] invitation

Most people don't subscribe to darknet-tools. Forwarding...
_______________________________________________
Devl mailing list
Devl <at> freenetproject.org
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
Ian Clarke | 5 Dec 00:05 2014

Anyone interested in a part-time gig to build on Freenet?

This was referred to me by a friend:
https://equalit.ie/code-around-censorship/

Looks interesting.

Ian.

--

-- 
Ian Clarke
Founder, The Freenet Project
Email: ian@...
_______________________________________________
Devl mailing list
Devl@...
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
xor | 25 Nov 20:08 2014

RFC: Security of WOT XML parser

Hi,

nextgens has stated his concerns whether the WOT XML parser is vulnerable to
the "XXE" attack:
https://www.owasp.org/index.php/XML_External_Entity_%28XXE%29_Processing

I produced a unit test to check the XML snippet which is provided at the above
wiki:
https://github.com/freenet/plugin-WebOfTrust/commit/21c90c2b3c94ac90aec6a31c63c81fa66d191ad6

It succeeds (= the attack fails) because the DOCTYPE declaration is disallowed
by the existing settings of the XML parser.
I am not sure whether this fixes all possible version of the attack. 
Can someone tell me whether the attack would be possible with something else
than DOCTYPE? If yes, can you provide a XML snippet so I can add it to the unit
tests to check whether we're vulnerable?

Also, while you're at it, please review the XML parser settings of WOT for other
possible security issues:
https://github.com/freenet/plugin-WebOfTrust/blob/21c90c2b3c94ac90aec6a31c63c81fa66d191ad6/src/plugins/WebOfTrust/XMLTransformer.java#L127

Possible things to review:
- Maybe check the whole list of functions of DocumentBuilderFactory.

- Notably, there are some constants ACCESS_EXTERNAL... which we don't use:
https://docs.oracle.com/javase/7/docs/api/javax/xml/XMLConstants.html
Should we use them all? Or are they as well covered by DOCTYPE?
And if yes to use them, use them with which setAttribute() values?

Thanks for your help!
(Continue reading)

Steve Dougherty | 23 Nov 21:13 2014

Freenet 0.7.5 build 1466 released

This release fixes a bug introduced in build 1466 which can erase the
list of plugins to load when Freenet starts if it crashes. [0] Thanks to
anonymous for the report and Eleriseth for diagnosing the problem!

purge-db4o was going to be in this release if there weren't surprises,
but this was a surprise. Barring even more surprises, purge-db4o will be
released in build 1468.

- Steve Dougherty

[0] https://bugs.freenetproject.org/view.php?id=6411

Windows installer:
---
Arthur Blot (2):
      Prevent Java from installing the Ask! toolbar
      Fix README.md AutoHotKey build instructions

Steve Dougherty (5):
      README: use more concise wording
      README: fix typo
      READMEs: remove trailing whitespace
      Document ending newline policy
      Add Finnish language entry and convert to ANSI

oselotti (1):
      Add Finnish translation

romnGit (2):
      README: remove obsolete build history
(Continue reading)

Steve Dougherty | 23 Nov 01:14 2014

Freenet 0.7.5 build 1467-pre2

This prerelease fixes a bug introduced in build 1466 that can erase the
list of plugins to load when Freenet starts if it crashes. [0] Thanks to
anonymous for the report and Eleriseth for diagnosing the problem!

purge-db4o was going to be in this release if there weren't surprises,
but this was a surprise. Barring even more surprises, it's now pushed
back to 1468. Because this prerelease does not contain purge-db4o, those
running 1467-pre1 should not upgrade to it. 1468-pre1 will include
purge-db4o, follow shortly after 1467's release, and contain its
bugfixes.

It's available on update.sh|cmd testing and is currently inserting.

- Steve Dougherty

[0] https://bugs.freenetproject.org/view.php?id=6411

---

Eleriseth (1):
      Remove unnecessary logging

Steve Dougherty (4):
      Default bookmarks: fix operhiem1's blog not appearing
      PluginManager: fix plugin configuration corruption
      PluginManager: use idomatic collection addition
      Add updated translations

(Continue reading)

Steve Dougherty | 21 Nov 10:52 2014

Incoming bugfix release 2014-11-22 or 2014-11-23

Bug #6411 [0] got into build 1466.

When Fred writes the configuration file on startup
`pluginmanager.loadplugins` is blank due to a race condition introduced
by 869f62559a06b2f72c9224a2179001dd551ea442. If, after all plugins have
started or failed to start, a configuration change or clean shutdown
causes the configuration to be written again it will be written
correctly. This means a crash will likely clear the node's list of
plugins to load.

The proposed fix is in pull request 311. [1]

I've started the stable-1467 branch and added a fix for the new default
bookmark not appearing to it. [2] Are there any other bugs introduced in
1466 that should be fixed in this (please very very small) upcoming release?

- Steve

[0] https://bugs.freenetproject.org/view.php?id=6411
[1] https://github.com/freenet/fred/pull/311
[2]
https://github.com/freenet/fred/commit/12b2664c139dba78eb476373349f5adfae98e003

_______________________________________________
Devl mailing list
Devl@...
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
Michael Grube | 19 Nov 19:30 2014
Picon

31c3 - We Fix the Net Assembly

I have neither the time nor the authority to speak about the current state
of Freenet development. However if somebody is feeling brave, I wonder if
it might benefit us to be there. I first found out about Freenet years ago
by watching the talking at ccc, so if we are suffering from bad marketing
this may be a good opportunity for us.

There are two options. Our friends over at GNUNet are hosting a track
called "We Fix the Net" where speakers can talk about their projects.

https://gnunet.org/wefixthenet

The other option is to submit a paper:
https://frab.cccv.de/cfp/31C3

If anybody can make it out to Hamburg, it may be good for us.

Gmane