Answer To A Freenet Question

January 25th, 2008 | Posted in Encryption, Freenet, Internet, Open source, Opinion, Programming, Software, Technology | 1 Comment

I recently received an email asking about something I said on my unofficial freenet 0.5 download page.  After answering, I decided that it’d be worthwhile to share that answer for anyone else who might have any passing interest in my opinions.  (with the addition of fixing a few typos and a broken sentence or two that were in the original.)

Note that I’m not against 0.7 so much as I prefer 0.5 for the reasons stated below.  I’m also aware that freenet in whatever flavor is still a work in progress and that in time things such as my opinion may change.  At the very least I think this is food for thought.

on the freenet 0.5 part of your website ( you state:

“I personally believe that this is not a good idea because 0.7 still lacks features that many feel it should have.”

Could you please point out some of these features for me, that 0.7 seems to be missing? Does the 0.5 version provide these features instead of 0.7?

You also state “[…]the stable version (0.5) that a lot of freenet users consider to still be better and more anonymous than 0.7”, without giving any reasons. Why do people think that 0.7 is less anonymous?

One of the reasons I had for that was the lack of a functioning opennet capability.  Of course when I wrote that, opennet was still a far off concept that many on 0.7 were arguing strongly against.  Now that opennet is available on new installs 0.7 is scoring better in that regard.

Darknet is still something of a crap shoot in my opinion.  Making trustworthy darknet connections requires that you actually know the person whose node you’re exchanged darknet refs with and have reason to trust them.  For most people, that’s just not going to happen.

I’ve made the mistake of casually mentioning freenet to people in the past, only to watch their eyes glaze over as I then have to explain what it is and why it’s important enough to get involved with. Now I’m a lot slower to even mention freenet to anyone, let alone trust them enough to exchange darkenet refs with.

Even though there are somewhat secure means (encrypted frost msgs, etc.), there still remains the fact that most of the time, people are forced to exchange refs with people they don’t know and have no reason to trust in order to make darknet connections. There’s GOT to be a better way to deal with this. No, I don’t presently have any ideas, if I do come up with any I’ll be sure to publish them.

Another reason is embodied in this warning generated when the node starts up:

Note that this version of Freenet is still a very early alpha, and may well have numerous bugs and design flaws. In particular: YOU ARE WIDE OPEN TO YOUR IMMEDIATE PEERS! They can eavesdrop on your requests with relatively little difficulty at present (correlation attacks etc).

I realize that this vulnerability exists for 0.5 as well, however in 0.5 there is a much greater “plausible denyability” because 0.5’s opennet has a much larger number of open connections creates a greater level of transient requests than 0.7

0.7 however, doesn’t have nearly the number of open connections since it’s hard-coded to limit the total number of opennet connections to 20 and the maximum recommended number of darknet connections is 15 or so.  This, combined with the potential eavesdropping means that 0.7 nodes have less “plausible denyability”. Darknet only nodes having even less than opennet or hybrid nodes

As I understand what Toad has said about it, the only real cure for this is premix routing which would make it impossible (or as nearly so as is practical) for immediate peers to eavesdrop on requests or to attempt to snoop the contents of any given node’s datastore.  He has said that implementation of premix routing isn’t planned until 0.8

Yes, 0.5 would benefit just as much as 0.7 from the inclusion of premix routing, but because of the differences in how the two opennets work I think that 0.5 comes out with a greater anonymity and security, not only of the contents of a node’s datastore, but also in the anonymity of who is inserting or requesting what.

There’s also the matter of the node now handling inserts and requests to the degree that once the individual app initially hands it to the node, the app no longer has much say in how the transfers are handled because the node is processing everything.  I think that while there are benefits in being able to have the node handle everything like that, there’s times when it’d be better to do it the old way with the app handling things.

The final thing that a lot of 0.5 users don’t like one bit about 0.7 is the fact that while 0.7 is just great at moving small files or frost messages, it has turned out to be a lumbering dinosaur when it comes to inserting or requesting large splitfiles.

To illustrate the point about the number of connections, my 0.5 node currently has 172 connections to other nodes, some initiated by my node, others initiated by other nodes.  These connections persist for varying amounts of time and then new connections are made automatically.  No one node can really make even a good guess whether a request or insert that it receives from my node is coming from my node or is actually just being forwarded from another node or where it is in a chain that could be as long as twenty hops.

I also have an 0.7 node that I run periodically for a few days a week.  It has four darknet connections and sixteen opennet connections.  That’s not much of a crowd to hide in.

Technorati Tags: Anonymity, anonymous+network, anonymous+p2p, connections, darknet, file+sharing, freenet, freenet+0.5, freenet+0.7, freenet+project, hide+in+the+crowd, network, opennet, opinion, p2p, plausible+denyability, premix+routing, Security, toad

If you enjoyed this post, make sure you subscribe to my RSS feed!
Link to this post:
Just copy this code and paste it on your site where you want the link to appear:

One Response to “Answer To A Freenet Question”

  1. Hi,

    I see now why do you prefer 0.5,

    I have a question for you: do you know anything about something called (tray) or (TB tray)?
    I am a translator and there is this site that I work with, they have a software that I downloaded on my PC and it tells me everytime there is a job availabe, and it also have the option that can make do the job through this software too, anyway they call it (TB tray),

    Thank you,