1st March 2014 - Freenet accepted into Google Summer of Code!
Freenet has once again been accepted into Google Summer of Code. This pays students to work on projects to improve Freenet over the summer. See the wiki for project ideas. Please contact us and demonstrate coding ability by solving a small bug or implementing a small feature before submitting a project proposal. We will be very happy to help with this, so feel free to get in touch on the mailing list or IRC!
Students can sign up from March 10th to March 21st. For details see the Google Summer of Code site.
21st January 2014 - Freenet 0.7.5 build 1459 released
Freenet 0.7.5 build 1459 is now available. Freenet will require Java 7 or higher in a future update. Java 6 has been at End of Life since February 2013, which means it does not receive security updates. There will be an alert warning people to upgrade before this happens.
We now have a code signing certificate, so the Java-based installer for Mac OS X and Linux is signed, which will make it easier to run. In future releases more things will be signed.
In this release:
- Fix configuration page partially allowing unsupported large bandwidth limits. (1 GBps or higher)
- Translation updates from Transifex.
- Network-level changes.
- Links to release notes and developer details are now to a specific version instead of just the latest.
Thank you for using Freenet!
- Steve Dougherty
6th January 2014 - Freenet 0.7.5 build 1458 released
Freenet 0.7.5 build 1458 is now available. Google phased out Google Code downloads, so the main downloads on the website are now hosted on Google Drive.
In this release:
- The update notification and statistics pages link to the release announcement and developer details.
- More French and Italian translation thanks to volunteers on Transifex. The French translation has complete coverage!
- Network-level changes thanks to Quadrocube.
- New Freenet installations are portable: they can run without changes
after being moved between directories. To make an existing
installation portable shut down Freenet and edit freenet.ini to make
these paths relative:
- fproxy.CSSOverride (if one is specified)
- On January 14th Oracle will deploy a new version of Java which requires code signatures from a trusted certificate authority to use JNLP. Freenet uses JNLP to launch the Linux and Mac installers. We currently use self-signed certificates, which will stop working. We are in the process of getting a trusted certificate.
Thank you for using Freenet!
- Steve Dougherty
7th December 2013 - Results of Google Summer of Code 2013
Google Summer of Code 2013 resulted in many interesting projects. Before the next release we intend to review all project code for inclusion into the official version. Time permitting, we will also review previous years' projects, like the SVG and OGG filters.
- Android Node Reference Exchange:This Android application, changes to the MDNSDiscovery plugin, and changes to Freenet make it easier to connect directly to friends. The application can send references to the home node and exchange references with friends' phones in proximity. (more information)
- Content curation:This Freenet plugin and changes to the Library plugin allow publishing searchable lists of files. Currently these lists must be searched individually. (more information)
- Fred transport layer:These changes to Freenet improve direct file transfer performance and add more diagnostics. The network changes are already part of the upcoming build 1458, but diagnostics require deploying jFreeChart, and so will take more effort. (more information)
- Infocalypse Web of Trust support:These changes to the Infocalypse DVCS and Web of Trust plugin add support to Infocalypse for Web of Trust identities and pull requests. The Web of Trust changes are merged, but the Infocalypse maintainer has not been reachable so far. A web interface Freenet plugin was worked on but not completed. (more information)
5th August 2013 - Statement on the recent Freedom Hosting (Tor) bust
This has had no effect on Freenet and could not happen on Freenet. Tor hidden services are centralised: A hidden service on Tor is run by a single server somewhere, and if this server is found, the whole site can be shut down, or compromised. In this case half the hidden sites on Tor were run on the same group of servers! See the Tor blog and mailing list.
On Freenet, anything you upload is distributed across the network across thousands of separate nodes all over the world, and will remain available for as long as it remains sufficiently popular: Freenet is a distributed data storage network designed to prevent censorship, provide anonymity and be hard to block. To see more information on the difference between Freenet and Tor, see our explanation in the FAQ.
Furthermore, there was no attack against Tor itself: As far as we know, no users of the major "darknets" (Freenet, Tor and I2P) has been traced by attacking the networks, by law enforcement or anyone else. In this case, it appears to have been user error, not a problem with Tor itself. Similarly on Freenet, users need to be careful, and Freenet will often tell you when you are about to do something risky.
Having said that, Freenet's security is not perfect, and there are some known (but theoretical) weaknesses, so it might be possible for an attacker with relatively limited resources to trace individual Freenet contributors. Most of Freenet's weaknesses can be addressed by making long-lived connections with people that you trust, i.e. building a friend-to-friend "darknet". This functionality is already a part of the regular Freenet software, but we need more users who use Freenet in friend-to-friend mode to improve anonymity.
We have planned further improvements, which should greatly improve security (censorship resistance, anonymity and resistance to blocking), speed and usability. The expanding online surveillance from both governments (e.g. PRISM) and private corporations clearly show that tools such as Freenet, TOR and I2P are essential for a healthy democracy.
Please help us secure freedom of access to information by contributing to the Freenet-project with code, donations, translations, or just by running a node or creating content (anonymously)!
For press enquiries please contact Ian Clarke.
26th June 2013 - Freenet gets a second paid developer to fix the Web of Trust!
Long time coder xor (also known as p0s) has agreed to work, in a paid role, for us on fixing the Web of Trust plugin. This is a crucial component of many Freenet plugins:
- Sone, an anonymous social network / microblogging tool.
- Freemail, a private and untraceable email over Freenet system.
- A filesharing system as yet unnamed which a student is working on.
- Extensions to Infocalypse, being worked on by another student, a tool for managing source code which is vital to developing software over Freenet.
See the Freenet Social Networking Guide for how to load the first 2 plugins.
xor is well qualified for the role as he wrote most of the current code in the Web of Trust. The immediate priority will be to improve stability and performance by implementing a new more efficient FCP API. After that further optimisations are planned.
Freenet relies on unpaid volunteer developers as well as a few key paid developers. Toad (Matthew Toseland) is returning to full time work for Freenet after a study break, although he is off to university in October, and xor is just starting working for Freenet.
Improving the Web of Trust should substantially improve the performance of the key tools mentioned above and may be used by more in the future. Thanks to all our developers and donors!
8th April 2013 - Freenet accepted by Google Summer of Code!
Freenet has once again been accepted into Google Summer of Code 2013. This pays students to work for us, as paid developers, over the summer. See here for more details and ideas for projects. You should contact us and demonstrate your coding ability by solving a small bug or implementing a small feature before we will consider you; but we will be very happy to help you, so please contact us via the mailing list or IRC!
Students can sign up from April the 22nd to May 3rd. See the official google site.
Build 1439 and 1440
Update: Instructions for fixing nodes that fail to start after updating to 1439: here.
Please do not upgrade to build 1439. Wait for build 1440. If your node is unable to start up after upgrading automatically to 1439, you may need to use the last-resort update scripts ("update.cmd" or "update.sh"). Please come to the IRC channel if you have any difficulty with this. This will only happen on nodes that upgraded to 1439 over a short period before 1440 was deployed, and only if they have friends (darknet peers). For various reasons the build wasn't adequately tested. I (Toad) am very sorry about this and have put in place a permanent fix (this was ultimately due to a don't-call-methods-until-constructor-is-finished issue). Sorry folks...
Apart from this embarrassing mistake, 1439/1440 includes an important fix to the warnings shown when a file can't be parsed by the content filter (apparently this caught out at least one Freenet user), and a new type of probe request which will allow us to determine whether a theory about load management is correct (that almost all nodes are only using half their capacity). Thanks!
Sorry about this. And no, sadly, this is not an April Fool's joke.
Update: This seems to have not had much of an impact on the network. Looks like it didn't affect most people and the mess has been cleaned up. Thanks for your patience, it won't happen again!
11th September 2012 - Response to the University of Hawaii's "Experimental Study of Accountability in Existing Anonymous Networks"
Some academics have published a couple of attacks against Freenet, and they appear to be working on more as part of a project to unmask anonymous Freenet users. Build 1411, which was released on the 3rd of September, makes their main attack largely impractical. Nonetheless, we are working on improvements to both make this attack harder and to solve some of the other known attacks. You can learn more about the attacks and our solution to them on our chief developer's personal blog.
We welcome all work to understand Freenet's security and expose any problems with it, although we would suggest that next time they might let us know before they make the paper public, as is common practice in the security community.
Finally, the long term solution is to build a darknet, a Freenet network where people only connect directly to people they trust. That means, get your friends using Freenet, and then add them as Friends on your node. When enough people use Freenet and form darknet connections, we won't need opennet, and this makes all attacks dramatically harder. We will work on making this easier and faster in the near future, as well as fixing the Pitch Black attack.
13th April 2011 - Freenet top anti-censorship tool in survey of Chinese users!
A report by Freedom House surveyed users in Azerbaijan, Burma, China and Iran for their perceptions of and preferred tools for bypassing local government censorship. In China, Freenet was the only anti-censorship tool to achieve 5 stars, and the third most widely used overall.
24th September 2010 - Another large donation, and brief status update
Once again Google's Open Source team has donated US$18,000 to the Freenet Project to support the ongoing development of the Freenet software.
In particular, we will use these funds to complete Freenet 0.8, which will be released later this year, and will include additional performance improvements, usability work, and security improvements. It will also include new ways to communicate over Freenet, including "Freetalk", a forums discussion system employing a novel "web of trust" approach to prevent spam in an entirely decentralized way.
In other news, the Summer of Code was a qualified success, with two of our students performing very well. Support for ogg vorbis/theora will be merged soon, and the new more efficient transport layer will be merged a bit later.
Freenet's user base has been growing fairly steadily, and we have over 20,000 regular users. Our current work is focused largely on Freetalk and rewriting the load management code for higher and more consistent performance.
14th June, 2010 - Serious bug, please upgrade immediately
Freenet build 1253 fixes a very serious bug, and all users should upgrade immediately, especially those running 32-bit x86 systems. This build is "mandatory", meaning it will not connect to anything before 1252. The bug was in the native FEC acceleration - this is a native (C, not Java) library used to speed up splitfile decoding (a stage in downloads related to improving the chances that a big file will be retrievable by adding some "check blocks" or redundant data in case some of the original data blocks can't be found). It causes segfaults on 32-bit Windows systems and probably 32-bit Linux systems too. It has been exploited "in the wild" (on Frost) to segfault nodes when they access a specific Frost message. We do not know whether this could be turned into something more serious, so we have turned off all native FEC acceleration for now; Freenet will be slightly slower when decoding downloaded files, but will not segfault. We would welcome help with auditing the library code involved, if any C/JNI gurus can spare the time; it is most likely a problem with the JNI interface to the Onion FEC code.
Other changes in 1251/1252/1253 are somewhat more hopeful:
- Even splitfile splitting Large files on Freenet are divided into 32KB blocks, which are then grouped into "segments" of up to around 4MB. Until 1251, all but the last segment would be exactly 4MB, so the last segment could be much smaller than this - in some cases having just one block, or just a few blocks. This could cause some downloads to get stuck with just a few blocks remaining. Now all the segments are the same size, and there are other tweaks. Unfortunately this triggered the above bug.
- New content filter infrastructure Freenet filters various types of data, for example HTML, to ensure that they cannot give away your IP address. One of our Summer of Code students (Spencer) has been working on improving this, and the first part of his work has been merged. Filtering now happens at a lower level, and can therefore be used by FCP clients and for persistent downloads. This also paves the way for efficient handling of large files when Spencer implements filters for multimedia formats later this year.
Sorry about this folks. The network will be somewhat chaotic for a few days and may be slower than usual because of the mandatory build, but most of it seems to have upgraded now. Thanks for your patience. You can see a fuller account on Toad's Blog.
8th June, 2010 - Sorry, "freenet.ini is missing", and 1249
Many Windows Freenet installs were broken yesterday due to a bug, with an error message that the launcher was unable to find the file freenet.ini. This was actually due to a long-standing bug fixed in build 1249, but the update to 1248 seems to have triggered it. Sorry folks. All you have to do to fix it is rename freenet.ini.tmp to freenet.ini (in the directory you installed Freenet to, usually C:\Program Files\Freenet).
The main change recently, apart from many bug fixes:
There is a new way of indexing freesites (for the built-in search function), using the new Spider plugin and a new version of the existing Library plugin. This is based on infinity0's Summer of Code work last year. Hopefully some anonymous person will start running a freesite index using this new tool soon. This should be faster and easier both for the index owner (person who runs Spider) and the users searching for content.
26th April, 2010 - Summer of Code students announced!
The Freenet Project has 3 students accepted in Google's Summer of Code. Google will pay these students to work for us over the summer. They will be working on:
- Low level networking improvements - Martin Nyhus will be working on making Freenet's low level networking work more efficiently and flexibly. This will improve performance and pave the way for transport plugins in the long term.
- New content filters - Spencer Jackson will be working on filters for Ogg audio and video formats, amongst others, and improvements to the backend filtering code. Freenet has to filter content to ensure that it does not contain any code that might breach your anonymity, e.g. "web bugs". These can also exist in media files.
- Distributed searching - Tatyana Pyatigorskaya will be working on distributed searching and filesharing. This includes extending Ximin Luo's work on new index formats last year to support searching indexes published through your Web of Trust, and work on an easy to use interface for maintaining a file index.
Good luck to all our students! Much of last year's work has either been merged or will be merged soon, and one of last year's students is a mentor this year. Thanks also to Google.
18th March, 2010 - Freenet accepted into Google Summer of Code 2010!
The Freenet Project has been accepted by Google for a fifth year in Google Summer of Code! This offers students the opportunity to be paid to work for a lively and significant open source project over the summer, rather than chasing the increasingly scarce menial labour market! Flip bits not burgers!
We will help you to fill in technical details, understand exactly what we need. We also welcome new ideas and approaches, please contact us, on our devl mailing list, or IRC. You will need to demonstrate basic coding ability by fixing a minor bug or implementing a minor feature; you should have a look at the bug tracker, which may also be a source of project ideas. The new wiki, and the old wiki are also good sources of ideas and documentation. If you want to work for us over summer, please apply!
PS we have reinstated uservoice, after their support contacted us via our bug tracker and seem to have largely cleared up the spam problem. Click here to make suggestions for how to improve Freenet!
17th March, 2010 - Opennet performance improvements and build 1243
Build 1243 is now out. This contains many changes aimed at making new nodes get up to speed faster by getting connected to many other nodes as quickly as possible. This "announcement" or "bootstrapping" process, which only happens if you have opennet enabled (i.e. your network security level is LOW or NORMAL) also happens when your node has been offline for an extended period (hours). Let us know how it goes! We always welcome feedback, particularly bug reports.
9th March, 2010 - New paper added
A new paper has been added, Private Communication Through a Network of Trusted Connections: The Dark Freenet, written by Oskar and Vive (two of our theoreticians) with some help from Toad (chief coder). This focuses on the architecture of the network, rather than on the routing and swapping algorithms, which other papers have described in detail. It has a slight focus on darknet, but should be of interest to anyone interested in how the network works. It also has some new simulations...
4th February, 2010 - Freenet status update
Time for a status update...
Our last stable build, 1239, was in November. We have just released a new one, 1240. This has many changes (opennet stuff, optimisations, all sorts of stuff), which I list in the mail about it. One of the most important is that there are several new seednodes, and many dead ones have been removed. I have tested it 3 times today and it's bootstrapped fast each time, although yesterday it bootstrapped very slowly one time.
NETWORK STATUS AND NETWORK STATISTICS
Evan Daniel has been doing some useful work analysing the network. Amongst other things, he has discovered that:
- The Guardian article, in December, which was reprinted around the world, has more than doubled the size of our network, although there is a slight downward trend now. This may be due to seednodes issues and not having had a build since November.
- We have around 4500-7000 nodes online at any given time.
- Over 5 days, we have around 14000 non-transient nodes.
- For nodes online at any one time, roughly 37% are 24x7 nodes (96% uptime average), 33% are regular users (56% average uptime), and 30% are occasional or newbie nodes (16% average uptime).
EMU IS DEAD, LONG LIVE OSPREY
We have finally gotten rid of emu! Our faithful and powerful dedicated server supplied at a discount by Bytemark is no more. We now have a virtual machine called Osprey, which does most of the same job, for a much lower cost, and has a much simplified setup so should be easier to maintain. We have tried to outsource services, for example we use Google Code for our downloads, but some things will have to stay under our direct control for some time to come e.g. mailing lists and the bug tracker.
You may have some difficulty with the update scripts, if you use update.sh / update.cmd. If it doesn't work, try updating the script manually from https://downloads.freenetproject.org/latest/update.cmd (or update.sh)
WOT, FREETALK, RELATED THINGS AND OTHER PLUGINS
Xor (also known as p0s) continues to work on the Web of Trust and Freetalk plugins. These are approaching the point where we can make them loadable from the plugins page, and then bundle them, enabled by default.
WoT is the backend system which implements a pseudonymous web of trust, which functions in a similar way to that in FMS. You can create identities, assign trust to other identities, announce your identity via CAPTCHAs and so on. This is the Community menu, from which you can see your identities and other people's, and the trust relationships between them. WoT is used by Freetalk, FlogHelper, and probably soon by distributed searching, real time chat and other things.
Freetalk is a spam-resistant chat system based on WoT. This is similar to FMS, but it will eventually be bundled with Freenet, and will be a part of it by default. You will be able to embed a Freetalk board on your freesite. FlogHelper is a WoT-based plugin for writing a flog (freenet blog), which is very easy to use, but uses WoT to manage identities. I would have bundled FlogHelper months ago, but WoT isn't ready yet and FlogHelper needs it.
WoT should be ready soon. Recently a major issue has been discovered with the trust calculation algorithm, after that is fixed and some minor issues, WoT will become a semi-official plugin, which will sadly require flushing the existing "testing" web of trust, so sadly all old messages and identities will go away. Freetalk needs more work, about 50% of the bugs marked for 0.1 on the roadmap are fixed at the moment.
In build 1240, we pull in a new version of Library. This is a great improvement over the old version, it is faster, it supports embedding a search on a freesite, and has many bugs fixed. However searching for common terms can still cause out of memory crashes.
There is another issue with Library: infinity0 spent last summer creating a scalable index format for Library, which should make it a lot easier to insert and maintain big indexes. We will soon change the spider to use this new format, and in the process we expect to greatly improve performance for writing indexes, so it doesn't take a week any more and is done incrementally. I realise this has been promised before, but it is important, so it will happen sooner or later, hopefully sooner.
Full Web of Trust-based distributed searching, with a focus on filesharing, is on the distant horizon at the moment. infinity0 might be able to do some work on it as part of his studies, we'll see. It won't be in 0.8.0.
PRIORITIES AND RELEASES
We would like to get 0.8 out soon, or at least a beta of 0.8. Several major issues:
- The windows installer needs to be fixed on 64-bit. This is being worked on.
- Freetalk must be ready.
- Auto-configuration of memory limits in the installers, and asking the user about memory usage (at least in some cases) is relatively easy and important, but not vital.
- Substantial improvements to opennet, particularly making nodes announce onto the network and get where they should be as quickly as possible.
- Substantial improvements to data persistence. We have done much here already but there is more to do.
- Library must work well and fast out of the box. This means amongst other things the new spider mentioned above.
- MANY BUG FIXES! The first beta does not need to be perfect, but there are some critical issues that need dealing with, such as the fact that nodes often don't resume properly after being suspended for a while.
Please test Freenet, and report any bugs and usability issues you find on the bug tracker or via Freetalk board en.freenet (note that this will be wiped soon so if after a new Freetalk release it is wiped you may need to resend).
We have many ideas on how to improve opennet bootstrapping (make nodes assimilate into the network more quickly), and to improve opennet generally. Some of these are implemented in 1240, including many bugfixes. More will be put out over time so we can see their impact. Improving opennet should improve performance for the majority of users who don't run 24x7 and it should improve performance for everyone else too, as those nodes will get connected and start doing useful work more quickly.
We have many ideas on how to improve data persistence. There is a lot of capacity on the network, yet data seems to become inaccessible quite quickly (stats below). I am convinced that improving data persistence will improve Freenet's usability and perceived performance immensely. The continued popularity of insert on demand on uservoice demonstrates this as much as anything: People want a system that works! IMHO we can greatly improve things without resorting to insert on demand, although filesharing clients based on distributed searching may eventually offer it (but there are serious security issues with insert on demand).
Evan is convinced that mostly poor data persistence is not due to data falling out of stores, but due to the small number of nodes that stored the data (as opposed to caching it) going offline or becoming unreachable. We have increased the number of nodes that store data, we have made the node use the store for caching if there is free space, we have done various things aimed at improving data persistence, and there is much more we can do. An immediate question is whether the security improvements gained last year by not caching at high HTL have broken many inserts by making them not get cached on the right nodes; we will test this in 1241. A related question is why inserting the same key 3 times gives such a huge performance gain relative to inserting it once; we will investigate this soon after. We will probably triple-insert the top blocks of splitfiles soonish, but the bigger prize is to achieve the 90%+ success after a week that we see with triple-insertion of a single block, and this may well be possible with some changes to how inserts work...
Finally, the redundancy in the client layer could be a lot smarter: We divide files up into groups of 128 blocks, called segments, and then add another 128 "check blocks" for redundancy. Unfortunately this means that sometimes the last segment only has 1 block and 1 check block, and so is much less reliable than the rest of the splitfile. We will fix this.
We have been collecting statistics on data retrievability over time. The below are "worst case" in that they relate to single CHK blocks, with no retries. Real life, with many retries (at least 2 for a direct fetch and more if the file is queued), and with large, redundant splitfiles, should be substantially better than these numbers. Every day we insert 32 blocks and fetch a bunch of 32 blocks from 1 day ago, 3 days ago, 7 days ago, etc. There are two of these running to get more data, so I am just showing both results here. The percentages are the proportion of the original insert that is still retrievable:
|1 day||76% / 77%|
|3 days||66% / 70%|
|7 days||60% / 61%|
|15 days||48% / 48%|
|31 days||36% / 33%|
|63 days||21% / 19%|
Now, here's an interesting one. In each case we insert a 64KB CHK splitfile - that is, one block at the top and four underneath it. We insert one three times, and we insert three different ones once each. We then pull them after a week. We can therefore compare success rates for a single block inserted once, a single block inserted 3 times, and a simulated MHK, that is, a block which has been re-encoded into 3 blocks so that we fetch all of them and if any of them succeeds we can regenerate the others.
Total attempts where insert succeeded and fetch executed: 63
Single keys succeeded: 61
MHKs succeeded: 58
Single key individual fetches: 189
Single key individual fetches succeeded: 141
Success rate for individual keys (from MHK inserts): 0.746031746031746
Success rate for the single key triple inserted: 0.9682539682539683
Success rate for the MHK (success = any of the 3 different keys worked): 0.9206349206349206
USER INTERFACE AND USABILITY
Ian's friend pupok is working on a new AJAXy user interface mockup for Freenet. sashee's web-pushing branch, which makes the user interface a lot more dynamic without making it look much difference, should be merged soon, but turned off by default, since it has some nasty bugs. When it is turned on, it solves the age-old parallel connections bug, showing individual progress for each image without hogging your browser's limited number of connections (6 or 8 on modern browsers). Both of these may miss 0.8.
More broadly on usability, usability testing is always welcome: Persuade a friend to install Freenet, watch them do it, don't help them unless they get really stuck, report any problems they have or any comments they make about how it could be better.
21st August, 2009 - Freenet increases peers limit (#1 on uservoice)
Freenet 0.7 build 1231 solves what was the number one uservoice request. Until now, most Freenet nodes have had exactly 20 connections. Now, the number of connections (opennet peers, or "Connections to Strangers") will vary according to how much upstream bandwidth you have, between 10 and 40. So slow nodes will have fewer peers (trading slightly less effective routing for more efficiency) and fast nodes will have more peers. Overall we expect this will improve speed, but it is difficult to simulate these things, so lets find out!
8th August, 2009 - Upgrade your Java Virtual Machine now: severe XML vulnerability affecting Freenet
If you are running Freenet on Java prior to 1.6 build 15 or 1.5 build 20, please upgrade as soon as possible. Until you update Java, Freenet will disable the search function and various other plugins to minimise risk. However, if you have untrusted people on your LAN (local network), we recommend you shut down Freenet immediately until you are able to upgrade your Java. Also, do not run Thaw, which is known to be vulnerable, until you have upgraded, and do not accept jSite config files from anyone. Build 1228 of Freenet will tell you if your Java is vulnerable. Windows users generally will be notified by Java when updates are available; the situation may be more tricky for Linux and Mac OS/X users as they will have to wait for an update from their linux distributions or from Apple respectively.
For more details, see here. The problem is a remote code execution vulnerability affecting Java and also some other programs using certain XML parsing libraries. It was initially thought to be purely a denial of service attack, but there is exploit code circulating.
30th July, 2009 - Various security improvements and preparation for Bloom filter sharing in new stable build
Build 1226 is now available, including many changes. Existing Freenet nodes will update automatically. Some of the more interesting new features include:
- Finally fixing The Register's attack!
In 2005, The Register discovered what many of us had known for some time - that Freenet caches everything you visit in your datastore, and therefore that if your computer is seized or stolen, the bad guys may be able to determine what you have been browsing. Or they could even do it remotely by probing your datastore. This is now fixed. Freenet does not store anything that you download, visit, or upload, in your datastore. However, to maximise performance, we do have a private cache of freesites you have visited, called the "client cache", and we have a "slashdot cache" which caches everything else but only for 30 minutes, to help with propagating Frost/FMS posts and flash floods. We had planned to fix this with encrypted tunnels (formerly known as premix routing), but that is a difficult project which may cost a lot of performance. The changes in this build may reduce performance slightly, but they will enable new things which should greatly improve performance, as well as improving Freenet's usefulness in hostile regimes. No security system is perfect, but nonetheless Freenet may be better for a specific application than the alternatives, especially if you can use darknet, and darknet Freenet can function where very little else will.
- Encryption for sensitive local data
Both the new client cache and the downloads/uploads database can now be encrypted. This is controlled by the "physical security level" setting. If you set this to LOW, nothing is encrypted, not even temporary files, and Freenet will use less CPU and work slightly faster. If you set it to NORMAL or higher, Freenet now encrypts your client cache and downloads database. At NORMAL, the keys are kept in a file master.keys, so if you securely delete this file (or click the panic button on the downloads page), both are gone. At HIGH, the keys are still in master.keys, but it is password-protected. At MAXIMUM, the keys are not stored at all, they are different every time you start Freenet; this means that your download queue will only last until the next restart, but at least you can be sure that if you restart the node, nobody can tell what you were doing with it. So you have detailed control over the tradeoff between security, convenience and performance. This allows those with slow computers to use LOW, and those who live in hostile regimes where their computer is likely to be seized to use HIGH or MAXIMUM.
- Preparation for Bloom filter sharing
There were two reasons for all this. The first is to improve security for those living in hostile regimes where their computer may be seized and they may get into trouble for what they have been doing on Freenet. The second is to prepare for the big performance feature for 0.8, Bloom filter sharing. Essentially, the idea is that we tell our peers what keys we have in our datastore using a highly compressed data structure called a Bloom filter. We can then tell immediately when one of our peers has the block we are looking for, potentially avoiding searching and transferring the data through many other nodes. This should improve performance considerably, reducing latency, increasing download speeds, and making it easier to find rare content. Watch this space!
8th July, 2009 - Big donation from German finance site
The German financial services comparison site, Finanz Vergleich has given us $1,500 to fund ongoing development. This will go mainly towards ongoing work on Freenet's stability and usability. Thanks!
12th June, 2009 - Freenet 0.7.5 released!
The Freenet Project is very pleased to announce the release of Freenet 0.7.5.
Freenet is free software designed to allow the free exchange of information over the Internet without fear of censorship, or reprisal. To achieve this Freenet makes it very difficult for adversaries to reveal the identity, either of the person publishing, or downloading content. The Freenet project started in 1999, released Freenet 0.1 in March 2000, and has been under active development ever since.
Freenet is somewhat unusual in that you can publish content to Freenet, and then disconnect from the network. This content will remain available to other Freenet users, although it may eventually be deleted if nobody is interested in it. Freenet will copy and move the content around the network according to demand, making it very difficult for an adversary to remove content. Freenet will automatically create more copies of popular content to ensure that it will always be available.
Freenet 0.7 introduced the "darknet" concept, allowing users to only connect to their trusted friends (and through them to their friends' friends, and the entire network), greatly reducing their vulnerability to attack. You can use Freenet even if you don't know any other Freenet users, it just won't be as secure.
Freenet 0.7.5 features major improvements to performance and usability, as well as improvements to security and robustness. In particular:
- Freenet now uses a database to store longer-term data that must survive a restart. This increases Freenet's speed and reduces its memory usage. In particular, you can now have almost any number of downloads and uploads in progress without worrying about memory usage.
- Improvements to the web interface make it clearer what you can do with Freenet, show progress when loading a page or file will take more than a few seconds, integrate search into the browse page, and generally improve usability in many areas.
- Significantly improved performance for inserting and retrieving files and especially pages, and also for Freenet's initial connection to the network.
- A new installer for Windows which works with Vista as well as Windows XP/2000 (Freenet also works on Mac and Linux systems).
- Many other optimizations.
- Lots and lots of bug fixes!
There are versions of Freenet 0.7.5 for Windows, Mac, and Linux. They can be downloaded from:
If you have any difficulty getting Freenet to work, or any questions not answered in the faq, please join us on IRC in the #freenet channel at irc.freenode.net, or email the support mailing list. If you have any suggestions for how to improve Freenet, please visit our uservoice page.
There is a lot of work still to do on Freenet, particularly when it comes to ease of use. If you have Java programming or web design skills, or would like to help translate Freenet into your own language, and would like to help us improve Freenet, please join our development mailing list and introduce yourself.