Over the last few years I have seen a number of answers to that question that go in to considerable technical detail but I think that the main reason to use Freenet Classic Opennet (FCON) [which I will refer to as “freenet” or “freenet 0.5”] is a simple trust issue.

You see the current 0.7.5 version is built around the concept of a “darknet”.  In such a darknet your node connects to other nodes that you trust. The problem with this “trust based” connection system is that when it comes right down to brass tacks you have absolutely no reason to trust most if not all operators of other nodes.

It is unlikely in the extreme that you have met any of them or that you ever will.  Even if you do manage to meet even one, it is extremely unlikely that you will spend enough time with them and get to know them well enough to decide they are trustworthy enough to connect to them in 0.7.5’s darknet.

Basing security on trust is all fine and dandy if you have some basis on which to determine an acceptable reason to trust any particular operator but with an anonymous system like freenet there is zero basis on which to determine trust to a degree that is acceptable for such a system.

Freenet 0.5 however doesn’t work that way.  The system does NOT ask you to assume that you can trust any node operator.

It is better to assume that there are “bad guys” using the network that would, given the opportunity, compromise anyone’s anonymity and determine what files a given person is inserting into or requesting from the network.

By not basing any of it’s security on the concept of trusting other node operators Freenet 0.5 has a clear advantage over 0.7.5.

To install Freenet 0.5 simply follow these five easy steps

Once you have it installed it is a very good idea to install Frost which is a text messaging system similar to Usenet that operates within freenet.  Freenet help can be had on the “newbie-help”, “public” and “freenet” boards on Frost.

You can also publish an anonymous website using the Freesite Insertion Wizard that, as long as you are careful not to include identifying information, will be 100% anonymous.  Also, another advantage of publishing on freesites (websites that exist entirely within freenet 0.5) is that you don’t have to pay for hosting or a domain name and you can for the most part make this site as large as you want.  (there’s *some* limitations but you could easily have a freesite that is made up of dozens, even hundreds of pages of text and images.)

Technorati Tags: cannot trust darknet, no reason to trust, anonymous blogging, anonymous publishing, trust, darknet, install freenet, frost, freenet classic opennet, download freent, freenet, fiw, freesite insertion wizard, freenet 0.5, freenet faq, anonymous forum, fcon

so I’ve been trying to get some much needed re-writing and updating done on my Freenet page (http://peculiarplace.com/freenet).  Things like bring instructions up to date, replace old screenshots on the Frost page with new ones taken from the current version of Frost…finish the new page for the Freesite Insertion Wizard and more.

The problem is that this imaginary thing called “real life” (imagine that) keeps interfering with my efforts to get things done.  As a result progress is slower than I would like.  However there has been some progress so keep an eye on those pages over this next week.  I am hoping to have most of those three pages done by then and get some work done on some more freenet stuff as well.

Technorati Tags: anti-censorship, argh, anonymity, delays, anonymous publishing, freedom of speech, freenet

As most of you are probably aware the ultimate whistleblower site, wikileaks, has once again been in the news quite a bit because it has published thousands of documents, messages and so on that have proven to be a major source of embarrassment to not only the US government but to several other governments around the world.

As a result, not only is it’s top guy up to his eyeballs in legal trouble of all kinds, the site itself has been under attack in a big way.  There’s several governments and mega-corporations pushing hard, doing their best to get the site taken down, even going so far as to remove DNS entries that make it work.

In response there’s a whole bunch of people working to mirror the site in several different places to keep it online.  This is all fine and dandy and will no doubt work to varying degrees depending on jurisdiction but there’s one option that they have apparently decided not to consider.

One of the first places to mirror the data that they have been releasing ought to have been Freenet Classic Opennet (FCon).

Why?

Because the primary reason for the existence of FCon in the first place is to provide a means to publish and obtain information on the Internet without fear of censorship.

You see, FCon isn’t just another run of the mill P2P file sharing system like Kazaa, Limewire, or Bittorrent.  Data inserted into FCon becomes part of an encrypted, distributed data store.  Additionally, because the data store is encrypted, node operators cannot be expected to know the contents of their node’s data store.  Nor do they have any ability to edit or censor that content.

Once something is inserted into the network it continues to be available even after the node that inserted it goes off-line.  For example, there are websites that were inserted into the network as long ago as 2001 that can still be retrieved today even though the original authors have long since left the network.

The reason that I think Wikileaks should make use of FCon is because once the information they wish to publish is inserted, they can ask other FCon users to republish that information on the conventional internet.  Thus the information still comes out while at the same time it’s in a position where it literally cannot be taken down or deleted.

In fact, once something is inserted into the FCon network, even the act of requesting it to see if it’s there will actually cause the network to propagate that data to more nodes, thus increasing the chances that it will still be available years later.

I’m not saying that wikileaks should use FCon exclusively but it IS something that they should add to their toolbox.  I should also say that the title of this post isn’t necessarily the end of he situation.  Wikileaks still has the option to download freenet (FCon), set up a node (or six, or a few dozen) and start inserting stuff that they don’t want taken down.

Technorati Tags: whistleblower, wikileaks, takedown, safe anonymous publishing, encryption, encrypted data store, censor proof publishing, censorship, anonymous publishing, freenet, censor proof, prevent takedown, cannot takedown, freenet 0.5, anonymous publishing, cannot censor, distributed data store

In another assault on people’s right to anonymity, a judge has ordered Google to reveal the identity of an anonymous blogger who apparently had some “less than complimentary” things to say about the Vogue cover model Liskula Cohen.

I think that there’s a couple of lessons here.  First, even when writing in a so-called “anonymous” blog on blogger, the things you write can easily come back to haunt you, especially if they fit the legal definition of libel.  Second, If you want to blog anonymously it *IS* possible to do so but it takes somewhat more than just signing up for a blogger account, even if you do so with phony information

It seems to me that it almost doesn’t matter what the topic is.  Somebody could write that they think rice-burners are more prone to accidents and before you know it they’re hit with a lawsuit by a Japanese motorcycle maker and they’re hoping that their San Jose motorcycle accident attorney can help them come up with numbers to back up their statement in order to quash a libel suit.

Part of the whole issue with anonymous (both those using casual or strong anonymity) is the same issue faced by everybody else that takes time to so much as tweet something and that is the ever growing tendency for people to slap somebody with a lawsuit at the slightest hint of anything that even might be considered legally actionable.

Anyone planning to write an anonymous blog (or do anything anonymously) needs to remember that “In Most Cases, You Only THINK You’re Anonymous“.  Just simply creating a Blogger account, even with false information, does NOT make you anonymous by any stretch of the imagination.

To be truly anonymous takes some effort.  One very good place to start would be to use the Tor Browser Bundle to browse anonymously.  It’s a combination of the TOR network and a portable version of Firefox that’s had it’s settings tweaked to maximize privacy.

Don’t get me wrong, I do not in any way support using tools like this for criminal or libelous purposes.  However I *DO* support and strongly believe in the right of people to be anonymous.  Anonymity is an important part of any free society, something that was expressed very nicely by Justice Stevens in the McIntyre v. Ohio Elections Commission case in 1996:

“Anonymity is a shield from the tyranny of the majority… It thus exemplifies the purpose behind the Bill of Rights, and of the First Amendment in particular: to protect unpopular individuals from retaliation – and their ideas from suppression – at the hand of an intolerant society.”

The problem is that while the majority of people who use anonymity software are never heard from, there are always a vocal minority who will abuse it and make life difficult for those who truly need to be anonymous.

Technorati Tags: anonymity software, anonymous blogger identity, abuse of anonymity, anonymous web browser, anonymous blogging, anonymous blogger, tor browser bundle, google ordered reveal, tor, anonymity

By now I think that probably most people online these days knows about cookies.  That they’re little text files that allows a website to store up to 4k of information on your computer.  They allow websites to recognize you when you come back, remember your login information and preferences settings and so on.

Cookies are also infamous in allowing websites, advertising sites in particular, to set a cookie with a unique identifier and then use that to track your activities across the web.  This is where various cookie management programs and techniques were developed over the years to give web surfers a measure of privacy and control over which cookies they allow to be set and also giving them the ability to delete any and all cookies any time.

Modern browsers like Firefox or Opera even have the ability to delete all cookies either on demand or every time you close the browser.

This practice was starting to hurt the datamining crowd as suddenly more and more people were deleting cookies and they didn’t have nearly as much data to mine.

Then they discovered the flash cookie.  This is a “feature” of Adobe Flash that allows it to set LSOs (Local Shared Objects).  These LSO’s aren’t traditional cookies at all since there handled and created with flash.  This means that when you delete all of your cookies, absolutely nothing is done to the LSO files.  Another thing advertisers love about LSO’s is that they can store up to 100K of information instead of the 4K that traditional cookies can hold.

Finally, some genius worked out a way to use these flash cookies to restore the traditional cookies that you deleted!  Now Adobe does provide a way to control these flash cookies but it’s so obscure, hard to find and even harder to understand that most people don’t bother with it.

You CAN however, delete those LSO’s manually.  To find them, click Start and then Run.  Enter %SystemRoot%\explorer.exe /n,/e,C:\ in the box and click OK

Then navigate to C:\Documents and Settings\{UserName}\Application Data\Macromedia\Flash Player\#SharedObjects

In the #SharedObjects folder will be another folder with a random looking name.  Open that folder.  Inside it you will find a folder for each site that has set flash cookies (LSO’s) on your machine.

I personally prefer to take a hard line approach and delete every folder I find here along with all of their contents.  You may decide that it’s ok for some of these sites to keep flash cookies and not delete them.

But wait, There’s more!

That’s right.  There’s another folder with information about these flash cookies.  You’ll find it here. C:\Documents and Settings\{YourUserName}\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\

Once again in that folder you’ll find a directory bearing the name of every site you visit that uses flash cookies.  First I think this list is very educational because you’ll find that most sites don’t say a word about flash, flash cookies, or Local Shared Objects in their privacy policy at all.

My personal preference here is the same as the previous folder.  I delete everything, no exceptions.

Once these flash cookies are deleted, the next step is to start your browser, cookie manager if you use one, and nuke all of the cookies that you don’t want, secure in the knowledge that THIS time they won’t magically rise from the dead.  This is another place where I take the easy way out and nuke everything.

This is the procedure that I’ve been using for some time now to keep flash cookies under control.  Yes, It seems involved, but honestly, once you do it a few times it’s a less than one minute job, especially if you follow my example and nuke everything.

Up until recently I was not aware of any software tool outside of Adobe that even attempted to manage LSO’s at all.  Today I’ve found a tool called BetterPrivacy 1.29, which is a Firefox plugin that promises to make it easier to have LSO’s automatically deleted.  It can even keep track of which ones you don’t want deleted.

Technorati Tags: flash cookies, firefox plugin, lso, delete lso, restore cookies, privacy, cookies, undelete cookies, local shared object