And arguably it's worked pretty well for that, given that there's been consistently lots of horrible content for 18 years. Content providers (and users) have been busted, but that hasn't eliminated much of their content.
However, being a pure P2P system, you only have "anonymity" through plausible deniability. And that's a dangerous game to play. Criminal investigators have used modified Freenet nodes to track chunks of illegal content, and have prosecuted users whose nodes processed those chunks.
The Freenet Project argues that it's impossible to reliably determine whether nodes are requesting those chunks, or merely relaying requests from other nodes. But if you end up in court, you'll need an expert witness to convince the jury of that. So you'll likely end up with a plea bargain.
So anyway, it's safest to run Freenet on anonymously leased VPS, and access its webGUI as a Tor .onion service. Just as you'd prudently run a BitTorrent seedbox.
There’s no way to make the change you’re proposing without seriously compromising the set up of such digital, secure communications, though. You’re asking to MITM the secure net, as a feature.
You and the feds, both.
I guess you would need to use cash, at a minimum.
Then lease your VPS. And if it really matters, you can daisy chain VPS via Tor .onion SSH.
Simply exchange them to Monero. If you want, mix them, but only a single pass is needed. A mixer is a trusted 3rd-party, which introduces serious counterparty risk, and vulnerable to multiple forms to input-output correlation attacks, in the worst case, provides no security.
If you are paranoid, create multiple Monero wallets, and send the funds back and forth, each time with a randint(1, 100) hours delay to frustrate timing analysis. Please note that you should only run full node Monero, and must run it inside Whonix, otherwise, the unencrypted Monero traffic is exposed. The situation of P2P-level encryption of the entire cryptocurrency world is a disaster, almost all traffic is clear.
Ring-CT is possibly not the best cryptographic implementation of transaction anonymity, but currently the best practical implementation available. CoinJoin is a P2P version of mixer, but has no wide deployment, zn-SNARKs involves cutting-edge cryptography and provides 80-bit security (read, not confident), but 90% of Zcash transactions are clear transactions, makes private transactions vulnerable.
Or, once GNU/Taler is available, making an anonymous payment would be as easy as using PayPal.
... With a credit card (which of course has your name on it), since AFAIK the providers tend to only accept bitcoin for established accounts.
Cockbox (Bitcoin and Monero) at https://cockbox.org/
HostSailor (cards, transfers, Bitcoin, etc) at https://hostsailor.com/
Trilight Zone (cards, transfers, Bitcoin, etc) at https://www.trilightzone.org/
VPS.BG (PayPal, Bitcoin, etc) at https://www.vps.bg/en
Tor did a good job with marketing and optics early on, to make its intended use cases highly visible.
> Tor did a good job with marketing and optics early on, to make its intended use cases highly visible.
I used to work on Freenet. The mechanic you're pointing out doesn't have to be the dominant effect if the system performs as well as the alternatives. If everything else is equal (speed and convenience), users would of course prefer to have more security than less. If the performance and usability is only slightly worse, users may still be willing to choose security over that (e.g. Tor) - people today are becoming more aware of just how much their data can get abused.
Unfortunately for Freenet the technology wasn't capable enough - the security wasn't worth the usability and performance tradeoffs for most users. That doesn't mean strong security inherently attracts unpleasant types.
If the hosting is anonymous and censorship-resistant then you'll get every type of content, but for anybody to use it they would first have to find it.
Then you have a slew of independent discoverability portals. Some are created for child pornography, so the FBI hacks into them and then uses them to arrest everybody there. Others are created to replace Tumblr and YouTube and refuse to link to child pornography, so child pornographers have no reason to go there and the people disgusted by child pornography can safely use them.
But setting up a discoverability portal is a lot less expensive than setting up a hosting service (because a link uses much less bandwidth than high quality video), so there should be more competition, and in particular it should still be difficult to censor anything that has more than a modest amount of popular support.
For convenience, we need m3u lists of video-chunks and a simple player shipped, since browsers cannot play m3u out of the box.
Even with their site saying one thing, the result in the media is clearly different. It's got a public reputation for only two things to those who've heard of it: darknet markets and ransomware payments.
The system did not and could not store information permanently, if it did it would fill up, which is a non-starter when it depends on people volunteering their hard disk space.
I don't know about going ballistic, but since this issue is addressed directly in their papers (section 3.4 of the linked paper) I can see us getting irritated by people re-asking questions that have already been answered.
Hell, most people don't read FAQs either.
As for "can't" that's not accurate. You can certainly prevent old data from being pushed out, by returning an error on insertion of new data if there's no free space. That's how many other storage systems (e.g. every filesystem ever) work. While it's true that you can't fully protect against a reduction of capacity when nodes go offline, that's a very different issue. Freenet being cache-like rather than storage-like was a decision of convenience, not a technical necessity.
Freenet is designed for sharing information, not archiving it. You can't have both.
When it was still relevant, i.e. a long time ago.
Hackers marvel at the idea of complete anonymity and untraceability because it's technically exciting and fits so well with the hacker thinking. I mean, why should you have to reveal who you are because of mere accountability? Everyone knows hackers don't cause harm and when they do it's only a good deed because the system they "broke" was obviously broken already. But the same technology is a much more prominent tool for criminals, molesters, and such. So that's what you will get on the anonymous networks and not so much hackers with good intentions.
Personally, I think anonymity sucks. I'm all for pseudonyms, which have some continuity and reputation and thus some accountability. Modern cryptography provides ways to prevent impersonation, and even to claim a pseudonym if the owner desires, but when you consider methods such as traffic analysis it's not trivial. These are problems Freenet tried to address, but then they took a bit of a wrong turn toward complete anonymity. That, and the bad taste left in people's mouths by positioning a message system with some accidental persistence as a true data store, is why other systems eclipsed it.
There’s a lot of original non-scum user content on Freenet nowadays.
If bots can be designed to be moderators, I'm thinking if you were to fuse that functionality to an anonymous data storage, you would be able to ensure only productive content enters storage, and content that is irrelevant can be excluded. Of course that bot would need to know precisely what it should exclude from storage which seems hard to define.
In the older days, you can hide from the state. These day you can’t. Your day to day activities are recorded.
China is just one example. And they are not the only one.
I haven't looked into the architecture of Freenet, but would someone be able to give a quick rundown of how this is possible? I was always surprised there weren't more well established, long-form, human rights blogs on Freenet but maybe there are security concerns I'm not aware of.
Freenet is a pure P2P system. Your peers know your IP address, and vice versa. So your only defense is that your node was just relaying those illegal chunks to some other node. But that requires expert testimony, and a jury that's capable of understanding that expert testimony.
> They log connections with peers
Of course (I'm assuming via just IPs)
> and track chunks of illegal files
meaning what exactly? How could they track a 5KB chunk being sharded across say 10 different nodes? (further, flexible nets like freenet adjust the location of data over time based on the use of said data)
> they can see if it requests any of those illegal chunks
My understanding is that yea you can see who's talking to who (via IPs), but I guess traffic analysis is the way to see the chunks (i.e., Peer A sent Peer B 100 bytes at 5:65 PM PST)? Even then, the payloads are encrypted, so I'm not seeing how you could infer that the content is "illegal"
Again. I enjoyed that little nugget of insight you shared. Hoping you can share more :)
Levine et al. (2017) Statistical Detection of Downloaders in Freenet.
But the problem now is that there's technical backup for both sides. So defense counsel will likely need a credentialed expert to submit a report, be deposed, and testify. Although I haven't followed any of these cases, I'm guessing that many defendants have accepted plea bargains. Because battles of experts can get expensive fast.
And then you've got the challenge of explaining this stuff to a jury. And countering the emotional "evil child molester" rhetoric. I wonder if the Freenet Project would provide such an expert?
Anonymity clearly changes how individuals communicate, but the research I know of tends to focus more on how people like to behave badly and mischievously when there is no known reputation or name associated with the consequences of a action.
Anyone who has spent any time on the internet knows the ability to obscure identity, however thin or unsophisticated, elicits changes in behavior. I highly doubt the producers of these tools construct them with the goal of inviting mayhem in mind. Regardless, the more anonymous a data transfer is, the less social pressure there is to communicate within certain permitted boundaries.
Outside of a authority point of view, there's also the potential for creativity and free association related to anonymity. If one feels you won't be judged because of saying something, you might open up.
" In the past decade there hasn’t been a year without a politician calling for real names on the internet. Some even want to force people to use real photos as profile pictures. All in the name of stopping online hate, though enforcing real names has long been shown to actually make the problem worse.
This article presents another solution, one that has actually proven that it keeps communication friendly, even in the most anonymous environment of the fully decentralized Freenet project.
And that solution does works without enabling censorship."
Considering the content accessible through such services, their best use by far is as honeypots to catch dangerous criminals.
Uploaded: 2018-11-28 (UTC)
Generated August 25, 2017.
IPFS is closer really, but doesn't move in an anonymity friendly direction at all.
Not really "no server". I mean, Freenet users collectively are the servers. As in BitTorrent, I2P and IPFS.
What Freenet does better than Tor is keep content available, even if the provider goes away. As long as it's popular content, that is. Although Tor .onion services are perhaps harder to find, once they're gone, they're usually just gone. There are exceptions, of course, such as the The Hidden Wiki. But any mirroring that happens is entirely ad hoc. In Freenet, it's automatic.
That difference in model is what provides a potential anonymity benefit as there's no longer a path to the origin of the content
For many IPFS is enough for what it does. But in a world where WikiLeaks and Edward Snowden are facts of life, it falls vastly behind on what's needed out there.
I don't think it's possible to do a dynamic site, eg something that needs to read from/modify a database, using IPFS.
Not sure what project is better however. Dat looks pretty cool but also doesn't have anonymity.