>Upsides: Much more secure than Tor, (since it doesn't try to be a low-latency mixing router) not funded by USG.
Most academic computer science is funded by the American government. Does that mean that all academic computer science is backdoored by the military?
To put it more specifically, most compilers researchers I know have at some point been on a DARPA grant, because DARPA has money and academics want money. I'm sure plenty of LLVM contributors have been paid from DARPA grants. Is LLVM backdoored?
===========================
On an entirely different point, how is Freenet even comparable to Tor? They address totally different use cases (Tor is an anonymizing TCP overlay; Freenet is a distributed censorship-resistant store), and have very different threat models.
Further, it seems very unlikely that Tor (which is a piece of very well-maintained software with some of the foremost privacy researchers working on it) would have fewer bugs than Freenet, which is a sprawling Java program maintained by one man. Further, the security of Freenet in abstract hugely depends on having a functional small-world network, which requires Freenet to have been widely adopted to start with.
The comment parent's request was vague, but you simply cannot replace Tor with Freenet because they do totally different things. It is nonsensical to compare them because they address different threat models and accomplish different goals.
I'm glad we're discussing this because there is a point I'd like to raise...
I always like to remind people that Tor is funded by the USG (currently, actively). I think it's very important that people understand that and adjust their threat models based on that.
However, it's not all bad news ... in fact, I think there's a very significant upside to the USG funding of Tor:
It provides a very compelling defense in the event that simply participating in Tor begins to be prosecuted.
There is very often a worry put forth that simply participating in Tor (as a client or by running a relay, etc.) can in itself be considered an illegal act. I think that as long as the USG is funding the development, people in the US can rest easy that they can't be prosecuted in any way for simply participating on the Tor network.
"If the USG is funding it and the state department is encouraging people to use it (think arab spring) then how could my use of it be illegal ?"
It's even better than that; tor was built to be used by spooks to cover their open-source intelligence gathering efforts. [0] Tor continues to be used by those same parties for those purposes.
Also, the Tor Project periodically sends out folks to remind the FBI and friends that tor has many legitimate uses, and is routinely used by law enforcement agencies as part of their day-to-day business. [1]
People don't strictly want what either Tor or Freenet gets them, they want other things and mangle both technologies into serving those purposes. In these shared use-cases, their usefulness can be compared.
For example, people use both Tor and Freenet to enable anonymized private messaging. On Tor, this is achieved by connecting to a hidden-service forum and posting. On Freenet, this is achieved through an app that uses Shared Subspace Keying to basically have two people watch one-another's RSS feeds for updates. Either way, people get to send anonymous messages and have other anonymous people see them.
"Most academic computer science is funded by the American government. Does that mean that all academic computer science is backdoored by the military?"
If you were some one who believed that your liberty or even life depended on it, then yes, you would have to assume that. Obviously day to day, it really doesn't matter. When it actually does matter, you have to assume the worst.
I haven't found Freenet latency to be bad for most keys these days. For example, I mirror my blog in Freenet and it's on the order of seconds rather than minutes. Even an image gallery I tried has reasonable response. Uploading data on the other hand is very slow.
I haven't looked at Freenet in years, but won't objects for keys that you've requested (/uploaded?) exist in your local cache (until they get pushed out by other traffic on the network)?
No, content you upload is not kept in your local cache at all. That would open you to the threat of being singled out as the uploader.
Instead your node is no more statistically likely to have any portion of the objects you've uploaded than any other objects throughout Freenet. When an upload is complete your node doesn't have a full copy, all the chunks are spread out amongst the nodes within a few hops of you instead.
When it's developed entirely in the open I'm not sure I see the concern here. If you have reason to believe they are somehow compromised or backdooring Tor please do share it, otherwise this is just FUD.
Freenet is faster than that in aggregate, total node throughput can be in the 150-250KB/s range even if single requests are, as you say, potentially in the tens of KB/s. File transfers can be fast, static webpages can be loaded reasonably quickly if they are popular (in the sense of being frequently accessed by users).
Big security downside is that in the purely opennet configuration, your peer nodes are both untrusted strangers AND your own traffic is visible to them. There is NO "onion" effect going on, just reliance on the possibility that any traffic a peer node observes from your node is not necessarily YOUR traffic as all nodes are also routing requests for other nodes.
What about i2p? I hear it has quite a few bugs, but so did Tor in the beginning I'm sure. Maybe it just needs better funding. Isn't it a better design at least?
Phantom also seems to have great design, but it was discontinued quite early in its implementation. No idea if it's because it was unworkable or for other reasons. Maybe someone with experience in such networks can take a look at it:
I2P's garlic routing design is superior to onion routing regarding this particular attack due to the ability to shuffle packets, and being variable-latency (flows which don't need low latency can benefit from increased traffic-analysis resistance).
However Tor has a big advantage in practice right now: lots of users, of every kind, to hide among.
When GCHQ talked about "staining" in this context (as in the REMATION conference docs), by the way, they generally mean either a timing-based fingerprint (as here) or cookie-based fingerprint (unfortunately it seems to be used in at least two entirely different contexts, oh well).
http://en.wikipedia.org/wiki/Freenet
Upsides: Much more secure than Tor, (since it doesn't try to be a low-latency mixing router) not funded by USG.
Downsides: Real slow. Real slow. SLOW. Think effective throughput in the tens of kilobytes/s, latency measured in minutes.