Timestamps are in GMT/BST.
[0:10] <toad_> Cooo: any progress?
[0:11] <Cooo> toad_: up and running with r16249, nothing strange to report yet.
[0:21] <Cooo> toad_: when you commited the swedish translation in r13606 a long time ago something strange happened and some translation keys were lost, nothing needs to be done with the translation keys as I already have most of them translated again. I had a chat with nextgens about it yeasterday and he wanted me to inform you about it in case you were using a broken script to merge l10n files.
[0:22] <toad_> Cooo: you're sure it was me?
[0:22] <toad_> Cooo: were they new keys, or updates to old keys?
[0:23] <Cooo> toad_: SVN says that you commited
[0:23] <toad_> i use freenet.tools.MergeSFS
[0:23] <toad_> Cooo: new keys?
[0:23] <Cooo> Not really shure, probably mostly new keys. itś over 5 months ago.
[0:24] <toad_> hmmm it really shouldn't have lost new keys
[0:24] <toad_> well I suggest you verify future commits... :|
[0:24] <toad_> maybe a bug which has been fixed since
[0:24] <toad_> if MergeSFS is broken then SFS is broken, which seems unlikely
[0:24] <Cooo> Yep. Commited one yesterday and that one seems to be ok.
[0:25] <toad_> k...
[0:25] <toad_> well i think i'm gonna let this run overnight to see if there are any major problems
[0:26] <Cooo> I see now that MergeSFS was fixed in r13659 , thats not long after the problem, might have been a bug.
[0:27] * Shadow_Vixen (n=panther@) Quit (Remote closed the connection)
[0:29] <Cooo> Yep. I am gonna get me some food before I get to sleep. Reporting in tomorrow if something strange happens with the node.
[0:33] <mYone> Total Output: 361 MiB (34.5 KiB/sec)... thats the only thing upsetting me a bit with freenet currently. Such low throughput... :/
[0:34] <toad_> 34.5K is low throughput? what have you previously got?
[0:34] <mYone> nope nothing about the current version... its beein like that all the time
[0:34] <toad_> how many peers?
[0:34] <mYone> it just seems odd, because there HAS to be more demand for bandwith..
[0:35] <mYone> opennet... 19-20 most o the time
[0:35] <toad_> you're limited by your peers
[0:35] <toad_> 19-20 actual connections? hmmm that's a bit low
[0:35] <toad_> well we need a better load management system
[0:35] <toad_> this is being discussed on devl
[0:35] <mYone> i have "pInstantReject: 0.0%" currently, so that seems to be great
[0:35] * Sky242 (n=opera@) has joined #freenet
[0:36] <mYone> but there dont seem to be enough requests or something like that from my 2G store (maybe thats too small to provide enough)
[0:38] <toad_> it probably is ... but you're not likely to get more than a few times the average bandwidth limit in transfer
[0:38] <toad_> seeing as everyone else also has 20 peers
[0:38] <toad_> and requests will originate a long way away
[0:38] * Sky242 (n=opera@) has left #freenet
[0:39] * toad_ (n=toad@) Quit (Remote closed the connection)
[0:42] * Sky242 (n=opera@) has joined #freenet
[0:43] <Sky242> hi there
[0:43] <mYone> hi
[0:44] <Sky242> just new here
[0:44] <mYone> yep ^^
[0:45] * jlulian38 (n=jlulian3@) has joined #freenet
[0:45] <Sky242> and it says it wont find any peers :-|
[0:46] <mYone> Sky242: have you sent any more messages? i only got "and it says it wont find any peers :-|"
[0:47] <mYone> but anyway: to add new peers to freenet you have to exchange refs with someone... you can then activate 'opennet' mode, freenet will then find new peers automatically
[0:48] <Sky242> ahh fu** think the bat of my keybord gos worse. tryed to ask what i can do. just installed the freenet thing and it say that it wouldnt find any peers
[0:49] <Sky242> hmm open net iss true
[0:49] <mYone> Sky242: okay, thats good
[0:50] <mYone> Sky242: now you just need to make a few initial connections manually and after that freenet will do the rest
[0:50] <mYone> Sky242: (its currently being worked on that this initialization will go automatically too, but thats not yet finished)
[0:50] <Sky242> how?
[0:50] <mYone> Sky242: join the channel #freenet-refs
[0:51] <mYone> Sky242: there you find other people or their bots with whom you can trade so called node references (you have to add their ref, they have to add yours and then you should be connected)
[0:52] <mYone> Sky242: some of them trade only opennet references and some only darknet references (your opennet and darknet references are different, you can find them on the bottom of the 'strangers' and 'friends' pages)
[0:53] <Sky242> ay thank ya :->>
[0:54] <mYone> Sky242: no problem ;) any questions? [like in school :P]
[0:54] <Sky242> so i ask there 4 trade
[0:55] <mYone> Sky242: yep, best thing to do is to paste your reference on http://dark-code.bulix.org/ and share the link it spits out with others in #freenet-refs
[0:58] <Sky242> hehe got an error on this link ;->
[0:59] <mYone> Sky242: error?
[1:04] <Sky242> jap, that site wont work
[1:04] <mYone> Sky242: it surely does, just tried it !
[1:05] <Sky242> stange, now it works
[1:06] <mYone> Sky242: internet explorer? :P
[1:08] <Sky242> nope opera
[1:21] * Sky242 (n=opera@) Quit (Excess Flood)
[1:23] <mYone> ^^
[1:24] * Sky242 (n=opera@) has joined #freenet
[1:31] * Sky242 (n=opera@) has left #freenet
[2:07] * Sky242 (n=SkyDark@) has joined #freenet
[2:26] * sleon (n=sleon@) Quit (Read error: 104 (Connection reset by peer))
[2:26] * sleon (n=sleon@) has joined #freenet
[2:26] * ChanServ sets mode +o sleon
[2:30] * sanity_ (n=ian@) has joined #freenet
[2:35] * sanity (n=ian@) Quit (Read error: 110 (Connection timed out))
[2:40] * Sky242 (n=SkyDark@) Quit ("Verlassend")
[2:43] * sanity (n=ian@) has joined #freenet
[2:43] * ChanServ sets mode +o sanity
[2:59] * sanity_ (n=ian@) Quit (Read error: 110 (Connection timed out))
[3:24] * gasi__ (n=chatzill@) has joined #freenet
[3:42] * gasi (n=chatzill@) Quit (Read error: 110 (Connection timed out))
[4:11] * saces (n=saces@) Quit (Read error: 110 (Connection timed out))
[8:02] * TheBishop_ (n=bishop@) Quit (Remote closed the connection)
[8:19] * Ratchet (n=xxxx@) has joined #freenet
[8:26] * jlulian38 (n=jlulian3@) Quit ("Leaving")
[8:42] * sback (n=sback@) has joined #freenet
[9:01] * TheBishop_ (n=bishop@) has joined #freenet
[9:34] * toad_ (n=toad@) has joined #freenet
[9:34] * ChanServ sets mode +o toad_
[9:39] * NEOatNHNG (n=NEOatNHN@) has joined #freenet
[9:42] * toad_ (n=toad@) Quit ("Konversation terminated!")
[9:48] * toad_ (n=toad@) has joined #freenet
[9:48] * ChanServ sets mode +o toad_
[10:05] <Cooo> Morning. r16249 has been up and running whole night, nothing to report.
[11:04] * grawity (n=grawity@) has joined #freenet
[11:09] * sback (n=sback@) Quit ("Ex-Chat")
[11:35] * grawity (n=grawity@) Quit (Read error: 104 (Connection reset by peer))
[11:35] * grawity (n=grawity@) has joined #freenet
[11:40] * geeo (n=geeop@) Quit (Remote closed the connection)
[11:40] * geeo (n=geeop@) has joined #freenet
[12:00] * Jase_ (i=jase@) Quit (calvino.freenode.net irc.freenode.net)
[12:00] * Jase_ (i=jase@) has joined #freenet
[12:14] * Shadow_Vixen (n=panther@) has joined #freenet
[12:38] * Insurgent (n=kkllkj@) has joined #freenet
[12:39] * Insurgent (n=kkllkj@) Quit (Client Quit)
[12:43] * saces (n=saces@) has joined #freenet
[12:48] <toad_> Cooo: cool
[12:48] <toad_> okay maybe we can go for a release soon then
[12:57] * grawity (n=grawity@) Quit ("Leaving.")
[13:16] <FuriousRage> toad_: again? and this makes it what.. 20th release this week?
[13:18] <NEOatNHNG> FuriousRage, at least it's been tested so hopefully there will be not so much bugfixes the next days
[13:18] * greycat (i=rfc1413@) has joined #freenet
[13:19] <FuriousRage> NEOatNHNG: tbh, i dont have much faith in their testing lately.. i'll probably wait another week and see what problems comes from 1086
[13:33] * FrinkC|off is now known as FrinkC
[13:34] <toad_> :)
[13:34] <toad_> 1087 is mandatory 0:00 on the 6th
[13:35] <toad_> but it's not a panic-bugfix release, there's been more testing, and it's mostly new stuff over 1086
[13:36] <toad_> i just sent the announcement, i suggest you read it
[14:26] * ddoc (n=ddoc@) Quit ("null")
[14:43] * phrosty (i=phrosty@) has joined #freenet
[14:53] <toad_> anything happening?
[14:59] * Shadow_Vixen (n=panther@) Quit ("Уз послала так послала... Иди, говорит, и без ёлоськи не возврасяйся!")
[15:18] * sback (n=sback@) has joined #freenet
[15:50] * phrosty (i=phrosty@) Quit (Connection timed out)
[15:50] * sanity (n=ian@) Quit ()
[16:05] * Flipper (n=martin@) has joined #freenet
[16:06] * Flipper (n=martin@) has left #freenet
[16:08] * sich (n=sich@) has joined #freenet
[16:12] * sanity (n=ian@) has joined #freenet
[16:12] * ChanServ sets mode +o sanity
[16:18] * dra9on (n=dra9on@) has joined #freenet
[16:31] <pheenode> I have a bit of an issue, I'm making a small friend-to-friend network with freenet but I need a way to let new users get the same version as I'm using
[16:31] <toad_> pheenode: what's the problem?
[16:31] <pheenode> is there any magic in the installer that'll freak out if there is a newer version?
[16:31] <toad_> pheenode: how are you installing?
[16:32] <pheenode> using the windows .exe installer
[16:32] <toad_> no problem then
[16:32] <toad_> if you want auto-update, you'll want to connect to the real network at some point, even if only one slow darknet connection
[16:33] <toad_> e.g. you could connect to me :)
[16:33] <pheenode> right, but new users that are downloading freenet from the web site can't connect to the other nodes because their build is newer than mine
[16:33] <toad_> hmmm you need to update your build then
[16:34] <toad_> two ways to do this - 1) use the update script(s) to do it over the web, 2) do it over freenet
[16:34] <pheenode> I only installed last week and I'm already too old for the builds of this week
[16:34] <toad_> yeah, sorry, we had some problems
[16:34] <toad_> hopefully that's sorted now
[16:35] <pheenode> hmm update.cmd is hanging on "Shutting down freenet"
[16:35] <toad_> :|
[16:35] * toad_ notes that update over freenet is also more secure
[16:35] <pheenode> lets try killing it
[16:35] <pheenode> are the updates not signed?
[16:35] <toad_> however it does make it no longer an isolated darknet
[16:36] <toad_> they are over freenet
[16:36] <toad_> but it's impossible to secure the installer :(
[16:36] <toad_> well short of buying a proper HTTPS certificate, and even then...
[16:37] <toad_> i dunno if the update scripts check a sig actually
[16:37] <pheenode> how frequently do you obsolete builds anyway?
[16:37] <toad_> iirc they download an sha1sum from emu, then download from a mirror and check against it
[16:37] <pheenode> because 1085 is the minimum required right now
[16:37] <toad_> pheenode: it depends
[16:38] <toad_> often we go for months without a mandatory
[16:38] <pheenode> maybe you should update topic :)
[16:38] <toad_> but sometimes we have 6 in a week :|
[16:38] * toad_ changes topic to 'http://freenetproject.org/download.html (1087 mandatory soon), please read that page before asking for help here. To exchange references, join #freenet-refs | http://wiki.freenetproject.org/FrequentlyAskedQuestions | logs: http://emu.freenetproject.org/irc/ | Tor blocked due to spam (get an op to voice you) | #freenet-fr #freenet-se #freenet-es #freenet-it #freenet-de | paste at http://code.bulix.org'
[16:40] <nextgens> toad_> maybe we should allow the auto-updater to set a build up from a binary blob
[16:40] <pheenode> the reason for the leaf network is that I'm in a country that has almost no bandwidth to the outside world
[16:40] <toad_> nextgens: downloaded externally?
[16:40] <pheenode> like, a couple gigs in total
[16:41] <nextgens> toad_> we could put the blobs on our mirrors
[16:41] <nextgens> and make the updating script use it
[16:41] <toad_> pheenode: hmmm
[16:41] <pheenode> and many of the ISPs will penalise you for using a lot of transit traffic
[16:41] <nextgens> download the blob, put it where the node will be looking for it, start the node up
[16:41] <nextgens> and let it auto-update
[16:41] <toad_> pheenode: ok, that's a problem
[16:42] <toad_> pheenode: so you can't afford any regular external transit?
[16:42] <pheenode> sure, but only a few gigs/month
[16:43] <toad_> well, say you connect to a single external node, which doesn't have an especially good connection, and has a reasonable number of peers
[16:43] <nextgens> if we were publishing the blobs, he would get it once, insert it into his darknet and everyone would be happy :)
[16:44] <toad_> yeah that's the other option - we post the blobs on our website or something, and you download them in a script or manually, and then insert them as binary blobs
[16:44] <toad_> that's a bit convoluted of course
[16:44] <nextgens> that would be a nice way to secure the updating scripts ;)
[16:45] <toad_> lets see ... my uptime is 16h34m, traffic with each peer ranges from 10M to 40M (middle range, extremes at 90M and 5M)
[16:46] <toad_> so over a month it'd be say 40M * 30 * 24/16 = 1200 * 1.5 = 1800M
[16:46] <toad_> so around a couple of gigs
[16:46] <toad_> it would be fine for just downloading updates :)
[16:46] <toad_> that's the simplest option
[16:46] <pheenode> ok
[16:46] <toad_> nextgens: imho that's a good idea
[16:47] <toad_> pheenode: also note that i'm a core dev ...
[16:47] <toad_> pheenode: and therefore probably under surveillance by everyone
[16:47] <toad_> pheenode: your main problem i suppose is if you're a "fork network", your inserts will often go to me and the outside world instead of inside the icelandic network...
[16:47] <toad_> which obviously will suck
[16:48] <pheenode> indeed
[16:48] <toad_> although you'll have a copy on your node, if the fork network gets big, it won't be findable
[16:48] <pheenode> but that's not really a problem
[16:48] <nextgens> as toad's node is always overloaded that's not a problem :D
[16:48] <toad_> this is a problem we've talked about in relation to semi-disconnected darknets, but no solution is likely in the near future (i.e. before 0.7)
[16:48] <toad_> well yeah there is that :)
[16:49] <pheenode> the leaf network will probably have datastores of 10gigs in most places
[16:49] <toad_> a quick-fix would be to add a way to add a node as a last-resort route - but again this won't work well if the forknet is small
[16:49] <toad_> errr big
[16:49] <toad_> if it is big
[16:49] <nextgens> pheenode> how big is your 'leaf network' ?
[16:49] <nextgens> how many nodes are we talking about I mean ?
[16:50] <pheenode> I don't know, of course I can't control that
[16:50] <pheenode> but it could grow to hundreds of nodes
[16:50] <toad_> pheenode: i'd appreciate it if you kept us up to date on progress ... you can guesstimate its size cos you'll be using local frost boards, local indexes etc
[16:50] <pheenode> yes
[16:51] <toad_> pheenode: if there's actual use of forknets, we can up the priority of making them work well
[16:51] <nextgens> still, to sum up
[16:51] <toad_> pheenode: but at least in the short term, just get a few connections to the outside world (maybe 1 good connection), and traffic shape them if you need to
[16:51] <pheenode> ok
[16:51] <nextgens> your best way of distributing upgrades is to set up one, separated node, connected to the real darknet
[16:51] <toad_> traffic shaping sucks but in this case it's probably the right tool
[16:51] <nextgens> and to keep it up to date with the real network
[16:52] <nextgens> then when it updates, get the binary blob of the update (it's in freenet's folder)
[16:52] <pheenode> yeah, I have about 6 nodes running right now
[16:52] <toad_> yeah. updates will automatically fan out within the icelandic net as soon as they propagate from me to your node
[16:52] <nextgens> and insert it onto your leaf network
[16:52] <toad_> nextgens: how about a disabled-routing-but-keep-a-connection status for peers?
[16:53] <nextgens> if you disable routing, how will updates spread ?
[16:53] * toad_ supposes most people interpret "disabled" as "no communication at all"
[16:53] <nextgens> using uom ?
[16:53] <toad_> yeah
[16:53] <nextgens> that's exactly what he is looking for in fact
[16:53] <pheenode> 16:44:15 <@nextgens> and insert it onto your leaf network
[16:53] <nextgens> and yeah that's a simple solution to his problem
[16:53] <toad_> but it's a bit of a hack - what would we call it?
[16:54] <toad_> and it would be in peernode :|
[16:54] <nextgens> the only thing is that it has to be a status exchanged both ways
[16:54] <pheenode> but the key where freenet checks for updates is probably private isn't it
[16:54] <toad_> "Disable routing on selected peers" ?
[16:54] <nextgens> ie: we need to prevent routing *both* ways
[16:54] <toad_> pheenode: UOM spreads it automatically even if your nodes are out of date
[16:54] <nextgens> toad_> we need to tell the other side that we won't route to it
[16:54] <toad_> nextgens: so both sides set that option
[16:55] <toad_> nextgens: that's the obvious hack
[16:55] <nextgens> I would enforce that setting
[16:55] <toad_> pheenode: your preference is for it to be totally disconnected content-wise?
[16:55] <nextgens> so that we don't end up pushing data where we are sure we won't be able to retrieve it
[16:55] <nextgens> [16:54] < pheenode> | but the key where freenet checks for updates is probably private isn't it
[16:55] <toad_> pheenode: because you want to prevent people expecting to be able to access lots of rest-of-freenet content, and then it taking 10 years to download an ISO?
[16:56] <nextgens> pheenode> it is, but what we are talking about here, namely "binary blobs" are a bundle of the content + pubkey
[16:56] <nextgens> so that any node can verify the authenticity of the update
[16:56] <toad_> the public key is public :)
[16:57] <nextgens> I meant "enough data to verify the authenticity of the content"
[16:57] <toad_> signature, yeah
[16:57] <toad_> pheenode: i suggest you register with nickserv so we can privmsg exchange noderefs
[16:57] <pheenode> well, about the totally disconnected part, I'm mainly looking to get icelandic content from a relatively short path
[16:58] <toad_> ideally we'd have some sort of layered routing mechanism
[16:58] <pheenode> so I don't end up getting icelandic content through some really long paths
[16:58] <toad_> but there isn't enough demand for that at the moment
[16:58] <toad_> pheenode: you have lots of anonymity with only 6 nodes ;)
[16:58] <toad_> you know it's one of those six! :)
[16:59] <pheenode> yeah but it's not live yet
[16:59] <pheenode> the six nodes are just 4 of my test nodes and a couple of my friend's nodes
[17:00] <pheenode> haven't started getting people to connect
[17:00] <toad_> simplest layered routing option would be to have a depth flag: first time, we do the request but only on tier 1 nodes, then we RNF or DNF, set the tier 2 flag, and backtrack, retrace our steps, until we find a tier 2 node to route to, and we route to that...
[17:00] <toad_> we might have 3 tiers or more
[17:01] <toad_> but it's not a priority atm
[17:01] <toad_> opennet is the priority atm
[17:02] <nextgens> well, I might do it
[17:02] <nextgens> it makes sense to have such a feature imho
[17:02] <toad_> nextgens: sure
[17:02] <toad_> nextgens: we could have each node have a hierarchy of group identities
[17:02] <nextgens> I'm not 100% sure whether I should enforce that on both sides
[17:02] <toad_> and then use them for the tiers above
[17:02] <toad_> nextgens: ah you mean the trivial version - stay connected but don't route
[17:03] <nextgens> ie: ensure there isn't a "one way" routing
[17:03] <nextgens> yeah
[17:03] <toad_> yeah, please do that if you have time
[17:03] <nextgens> but again, shall I prevent "one way routing" ?
[17:03] <toad_> nextgens: if it's cheap, do it
[17:04] <toad_> nextgens: one message exchanged on connect or on setting the option
[17:04] <toad_> so it should be cheap
[17:04] <nextgens> but does it make sense ?
[17:04] <toad_> maybe
[17:04] <nextgens> or are they any usecase where we want one way routing ?
[17:04] <toad_> for mostly-disconnected darknets it makes sense
[17:04] <toad_> one-way routing? eeeeewwwwww
[17:04] <toad_> sounds very icky
[17:05] <nextgens> hence I want to prevent it
[17:05] <toad_> maybe as a testing option but even then it seems unlikely it would be useful
[17:05] <nextgens> ok
[17:05] <nextgens> will have a look to what can be done
[17:05] <nextgens> pheenode> will you hang around here a bit ?
[17:05] <pheenode> yes
[17:07] <toad_> pheenode: there are bugs related to this on the bug tracker
[17:08] <toad_> pheenode: DO NOT turn opennet on :)
[17:08] <pheenode> oh
[17:08] <pheenode> where do I find the bug tracker?
[17:08] <pheenode> here it is
[17:09] <pheenode> what sort of bugs?
[17:09] <toad_> https://bugs.freenetproject.org/view.php?id=1415
[17:09] <toad_> that one, for example
[17:09] <toad_> you should subscribe to that one
[17:11] <toad_> pheenode: you'll ideally want a custom installer with your own bookmarks, your own frost boards preloaded too
[17:13] <pheenode> is opennet severely broken right now? or should I just not turn it on to preserve the routing paths?
[17:13] <toad_> pheenode: opennet is working, but if you turn it on you'll get tons of international traffic
[17:14] <pheenode> do opennet references flow all over the network?
[17:14] <pheenode> as in, do darknet connections pass opennet references?
[17:14] <toad_> pheenode: okay, subscribe to this one too: https://bugs.freenetproject.org/view.php?id=1923
[17:14] <toad_> pheenode: yes
[17:14] <pheenode> ok
[17:15] <pheenode> so opennet references are jus like any other data
[17:15] <pheenode> on the network
[17:15] <toad_> if you can't afford the bandwidth then don't turn opennet on - you're bound to get other users connecting to the wider network, and opennet, so it's not likely to be completely disconnected
[17:15] <toad_> pheenode: they're exchanged both ways after a successful request
[17:15] <toad_> or during announcement, which i'll be working on soon
[17:16] <mYone> toad_: but there's a configuration option to deactivate sending opennet refs over darknet, right?
[17:16] <mYone> toad_: so he could do that
[17:17] <toad_> mYone: indeed
[17:19] <pheenode> is there any practical limit to number of nodes I should connect directly do?
[17:19] <pheenode> performance wise
[17:36] <toad_> pheenode: yeah
[17:37] * nextgens has implemented most of pheenode's wanted feature
[17:37] <toad_> pheenode: you shouldn't connect to more than 1 node per kB/sec upstream, as a good rule of thumb; and connecting to hundreds of nodes is probably a bad idea even if you do have a good uplink
[17:37] <nextgens> I'm stuck to a question though
[17:37] <toad_> nextgens: hmmm?
[17:37] <nextgens> what if the two ends disagree on routing or not ?
[17:37] <nextgens> shall I ensure that both ends agree ?
[17:38] <toad_> well, what we must NOT do is set ours to no-route because they said no-route, and then tell them no-route when they've lifted it :)
[17:38] <nextgens> I mean, if routing has been disabled on one hand, do we want the other end to be able to reset it ?
[17:38] <toad_> but yes, the *actual* no-route should be have-i-set-no-route OR have-they-set-no-route
[17:39] <toad_> so it only comes back up if both sides unset no-route
[17:39] <nextgens> ok
[17:44] * oogrr (n=aa@) has joined #freenet
[17:50] * sanity (n=ian@) Quit ()
[17:53] * TheBishop_ (n=bishop@) Quit (Remote closed the connection)
[18:01] * oogrr (n=aa@) Quit ()
[18:08] * mario-germany (n=name@) has joined #freenet
[18:09] <mario-germany> hallo
[18:10] <mario-germany> hallo?
[18:13] <mYone> hallo!
[18:13] <mario-germany> na was los
[18:13] <mario-germany> HAllo wat do U do
[18:13] <mYone> bitte in dem channel hier nur auf englisch unterhalten :) / please only english in this channel :)
[18:23] <mario-germany> hallo
[18:23] <mario-germany> asd
[18:23] <mario-germany> hallo
[18:27] <toad_> hi
[18:36] * mario-germany (n=name@) has left #freenet
[18:44] * ddoc (n=ddoc@) has joined #freenet
[19:02] <NEOatNHNG> nextgens, is the new method to exchange refs already up and running?
[19:05] <nextgens> NEOatNHNG> what do you mean ?
[19:07] <NEOatNHNG> nextgens, the alternative to #freenet-refs
[19:08] <toad_> NEOatNHNG: not yet
[19:08] <toad_> NEOatNHNG: still working on it
[19:08] <NEOatNHNG> NEOatNHNG, you had some french name for it i can't remember
[19:08] <toad_> announcement
[19:08] <toad_> well announcement + seednodes ... true opennet
[19:08] <NEOatNHNG> toad_, no nextgens had something similar to the pastebin
[19:10] <NEOatNHNG> had some guy who wasn't familiar with irc and it would have been very helpfull
[19:21] <nextgens> http://ref.freenetproject.org/*
[19:21] <nextgens> well, I didn't work any futher on that
[19:24] <NEOatNHNG> nextgens, yes that's what's I meant
[19:24] <toad_> full opennet will be working in the not too distant future
[19:24] <toad_> weeks
[19:24] <NEOatNHNG> ok
[19:28] <toad_> but he should connect to you first off
[19:28] <toad_> and you can't do that through opennet
[19:30] * Shadow_Vixen (n=panther@) has joined #freenet
[19:46] * sanity (n=ian@) has joined #freenet
[19:46] * ChanServ sets mode +o sanity
[19:55] * ZoontF (n=zoontf@) has joined #freenet
[20:16] <toad_> sanity: I've coded announcement, it should work, but we won't know until Thursday when the new code is mandatory
[20:16] <sanity> toad_: cool :-)
[20:16] <toad_> sanity: if it works, that leaves the central seednodes collector and the seednodes upload code
[20:17] <toad_> and updating the installer to bundle the seednodes file
[20:17] <sanity> toad: how do we want to do that?
[20:17] <toad_> hmmm?
[20:17] <sanity> toad_: well, is the seednodes collector just a freenet node, perhaps running in a "collector" mode?:
[20:17] <sanity> that is how dijjer did it
[20:17] <toad_> oh and the seednode connection protocol
[20:18] <toad_> well...
[20:18] <sanity> if so, we may want more than one - of which two should be randomly selected when a node connects (to avoid fragmenting the network)
[20:18] <toad_> a lot of nodes don't qualify to be seednodes: you can only be a seednode if you are port forwarded
[20:18] <toad_> we can detect this now, although not immediately
[20:18] <sanity> define "seednode"
[20:18] <toad_> also i think maybe we should ask the user whether they WANT to be a seednode
[20:18] <sanity> oh, i see
[20:19] <toad_> seednode = node we initially connect to. used purely as a bounce for the announcement, we don't actually send a request
[20:19] <sanity> another way to do it is to have a couple of seednodes operated by us that are public
[20:19] <toad_> we don't send any requests to it
[20:19] <sanity> new nodes can connect to the network through them, but they will only accept announcement requests, they don't store data
[20:19] <toad_> that won't scale very well even with the bounce protocol
[20:20] <sanity> ok
[20:20] <toad_> especially if we get /.ed
[20:20] <sanity> so is the connector implemented in Java?
[20:20] <sanity> or, collector
[20:20] <toad_> so it's a choice of having a central depository, or automatically harvesting them
[20:20] <sanity> how does it work?
[20:20] <toad_> i dunno how well harvesting them is going to work given only 20% or so of nodes are eligible
[20:21] <toad_> i was thinking we just upload them via HTTP to a central script, a la 0.3
[20:21] <sanity> so nodes volunteer to be seednodes
[20:21] <toad_> maybe, i'm not sure
[20:21] <sanity> ok, so a cheesy PHP script?
[20:21] <sanity> i guess that works
[20:21] <toad_> maybe we should compel people to run seednodes if they run opennet and are port forwarded
[20:21] <sanity> although it should be smart enough to ping nodes to make sure they are still up
[20:21] <toad_> but that sucks especially if we have a central list
[20:21] <sanity> or at least have a reporting mechanism if they go down
[20:21] <toad_> well how do you do that?
[20:22] <toad_> methinks maybe upload every 24 hours or on changing IP
[20:22] <sanity> if a node gets a seenode from the collector and it doesn't work, it tells the collector so
[20:22] <sanity> so long as it doesn't DoS the collector
[20:22] <toad_> that requires all seednodes are up 24x7 ... which they probably should be. so again that limits eligibility.
[20:22] <sanity> we should start with the simplest possible approach, and elaborate from there as necessary
[20:23] <toad_> what are the benefits for harvesting?
[20:23] <toad_> in 0.5 we iirc had a bunch of feeder nodes and we'd just combine their lists of live nodes
[20:23] <toad_> but you need a lot of feeder nodes for that to work especially with lower connection limits in 0.7
[20:24] <toad_> so suppose we have a script
[20:24] <toad_> lets say we have 20,000 seed nodes uploading once a day
[20:25] <toad_> and it takes say 4k to upload our noderef, including setting up the connection
[20:25] <toad_> that's 80MB a day
[20:25] <toad_> no big deal
[20:25] <sanity> yeah, ok
[20:25] <sanity> if that is the simplest approach
[20:25] <toad_> looks like it
[20:26] <toad_> then we simply only show nodes which have uploaded in the last 48 hours
[20:26] <toad_> and add defences if we get problems
[20:26] <toad_> so either a java app or a script
[20:27] <toad_> a script has the downside of running on port 80 and therefore being transparent proxied
[20:27] <toad_> and anyway i don't know any php or much perl
[20:27] <toad_> so i'll write an app
[20:27] <toad_> but i'll KISS
[20:28] <toad_> of course a short term solution, purely for testing, would be to simply use amphibian.dyndns.org as the Official Seednode, I may do that first
[20:28] <toad_> any useful seednode needs to be an actual node, so we can't run a no-routing node on emu
[20:29] <toad_> and running a real node on emu would be a lot of CPU, a lot of memory and a lot of bandwidth
[20:31] <toad_> so... 1) node-to-seednode connection protocol (JFK with unknown initiator). connects but not routable. but can do an announcement. 2) some sort of seednode collector. 3) bundle generated seednodes list.
[20:31] <toad_> easily be done by xmas
[20:32] <toad_> oh, 0) test and debug announcement
[20:32] <toad_> but i can't do that till thursday
[20:37] <toad_> bbiab
[20:57] * sback (n=sback@) Quit ("Ex-Chat")
[21:01] * HerzogDeXtEr (n=dex@) has joined #freenet
[21:07] <NEOatNHNG> toad_, if we do our own "harvesting" or some kind of list we should take measures to prevent harvesting. e.g. just give them just a couple of nodes which are online at that point of time
[21:10] <Ratchet> one of the drawbacks of the recent release torrent is, that people deactivate the auto-update feature. not one of my 15 friend nodes has updated to 1088 until now. (i deactivated it, too)
[21:10] <Ratchet> i manually updated as soon as it was available
[21:13] * free_cips (n=chatzill@) has joined #freenet
[21:13] * free_cips (n=chatzill@) Quit ("ChatZilla 0.9.79 [Firefox 2.0.0.11/2007112718]")
[21:14] <NEOatNHNG> for example the seednode connects to the seedserver and gives his data, if there's some request from a new node the seedserver sends a pinglike request to the seednode the node answers if he's up and has connections to te network (maybe he must prove it in giving the seedserver a code which was inserted second ago by another seednode)
[21:16] <NEOatNHNG> and the seedserver gives the contact-data to the requesting node.
[21:18] * FrinkC is now known as FrinkC|off
[21:18] * HerzogDeXtE1 (n=dex@) Quit (Success)
[21:19] <NEOatNHNG> If there's more than one request from the same IP (in 24 hours) just give them the same let's say 3 refs
[21:23] * Guest16067 (n=mmr@) has joined #freenet
[21:46] * whiztech (i=HTM@) has joined #freenet
[21:48] * Ratchet (n=xxxx@) has left #freenet
[21:52] * greycat (i=rfc1413@) Quit ("This time the bullet cold rocked ya / A yellow ribbon instead of a swastika")
[21:59] * diip (n=deep@) has joined #freenet
[22:00] <diip> hi...anyone on a mac?
[22:01] <nextgens> just ask your question, maybe we can help
[22:03] <nextgens> pheenode> are you still around ?
[22:04] * sback (n=sback@) has joined #freenet
[22:04] <diip> i'm trying to install a refbot but the linux instructions aren't working for me
[22:08] * Guest16067 (n=mmr@) Quit (Read error: 110 (Connection timed out))
[22:10] * sback (n=sback@) Quit ("Ex-Chat")
[22:14] * whiztech (i=HTM@) Quit ()
[22:14] <NEOatNHNG> diip do you have python with the needed librarys installed?
[22:15] <diip> neoatnhng i'm not sure let me check
[22:21] <nextgens> Bombe> you might get scared by the color I've chosen in r16288, feel free to change it if it's really ugly :)
[22:26] * n0ob (n=travis@) has joined #freenet
[22:27] <nextgens> pheenode> grab r16288, it has the feature you requested... and it requires testing :)
[22:30] * TheBishop_ (n=bishop@) has joined #freenet
[22:38] * sback (n=sback@) has joined #freenet
[22:42] <diip> is this the correct address to download the bot? http://get.freenetproject.org/get.php?location=/alpha/pyFreenet/pyFreenet-latest.tbz
[22:43] <nextgens> yes
[22:44] <diip> ty
[22:48] <toad_> NEOatNHNG: well, the bad guys could easily DoS the few nodes that are being given out at a time. and if we give different nodes to different IPs/requests, the bad guys will just keep requesting till they get all of them.
[22:48] <toad_> NEOatNHNG: all in all, opennet sucks :|
[22:49] <toad_> NEOatNHNG: oh and that's assuming they don't compromise emu, which of course they could do too
[22:50] <toad_> it must be pretty easy for the security service or even the police to get physical access to dedicated servers; we do know that some of the remailers have been tampered with
[22:51] * sich (n=sich@) Quit ("KVIrc 3.2.6 Anomalies http://www.kvirc.net/")
[22:56] <NEOatNHNG> toad_, I know it can't be safe, cause if it is, the new nodes will have no chance to connect, but we could at least raise the bar
[22:56] <toad_> NEOatNHNG: the other obvious problem is that even seednodes *WILL* go down
[22:56] <toad_> so we have to provide a reasonable list
[22:58] <nextgens> on the other hand, having only once would be nice at the beginning
[22:58] <nextgens> to evaluate the load it generates
[22:58] <nextgens> and to have a better idea of what the churn is on the network
[22:58] <NEOatNHNG> yes, that's why I propose that the seednodes send a kind of greeting to the seedserver they could expire just like you said after max 48 hours
[22:59] <toad_> nonetheless if we send 3 refs only, many nodes will have problems
[23:00] <toad_> and i haven't seen an answer to the question of whether to send the same 3 refs for a period to everyone, or to send a different 3 refs to each one
[23:00] <toad_> both options suck
[23:00] <NEOatNHNG> why, we check first if the seednodes are online
[23:00] <toad_> how are we supposed to do that?
[23:00] <toad_> without a significant bandwidth and latency cost?
[23:01] <toad_> a node that is online at time t may be offline at time t+1
[23:02] <pheenode> nextgens: what feature does it have?
[23:02] <NEOatNHNG> toad_, that seems unlikely if the time-delta between the check and the transfer of the ref to the new node is small enough
[23:03] <nextgens> pheenode> the "disable routing for a given peer" one
[23:04] <nextgens> pheenode> you need your peer connected to the "real darknet" to be up to date too though for it to be effective
[23:04] <pheenode> ok but what parts of it is disabled?
[23:05] <nextgens> everything but ip detection, update over mandatory and revocation certificate spreading iirc
[23:05] * nextgens forgot N2NMs
[23:06] <nextgens> but to sum up, keeping a link up with the real darknet and that option shouldn't cost you much bandwidth
[23:06] <nextgens> and your node *will* update when needed
[23:06] <pheenode> oh sweet
[23:06] <nextgens> (only when the build is mandatory though)
[23:06] <nextgens> maybe we need a flag to trigger UoM even when it's not required
[23:07] <pheenode> but what about other nodes on the forknet?
[23:07] <pheenode> regarding update
[23:07] <nextgens> they will update too as soon as the gateway has updated
[23:07] <pheenode> I see
[23:07] <pheenode> ok
[23:07] <nextgens> if you are in a hurry I suggest you re-insert the blob in freenet's folder
[23:07] <pheenode> lets try this
[23:08] <nextgens> otherwise you just wait for them to update using UoM
[23:08] <pheenode> how do I re-insert it?
[23:08] <pheenode> just upload it like any other file?
[23:08] <toad_> NEOatNHNG: it can't be that low or it'd use tons of bandwidth
[23:08] <nextgens> as I said, for it to be really efficient you need to peer with someone who is using trunk too
[23:08] <nextgens> pheenode> yeah but there is a fcp parameter to pass iirc
[23:08] <toad_> nextgens: announcement is also passed over it
[23:09] <nextgens> toad_> they shouldn't be!
[23:09] <toad_> nextgens: well it is passed over it, but it isn't routed TO it
[23:10] <toad_> nextgens: well, announcements need to go over seed connections. seed connections aren't routable.
[23:10] <toad_> but maybe there should be a separate flag.
[23:10] <toad_> when i've implemented seed connections, i may do that
[23:10] <NEOatNHNG> toad_, we can use the fact that the seednode is already connected to freenet and that the seedserver can use machanisms as SSL
[23:11] <toad_> NEOatNHNG: even the installer can be MITMed quite easily at the moment
[23:11] <nextgens> toad_> no way my node won't send opennetDisabled messages out.
[23:12] <nextgens> and I don't care that it will clobber the memory of the requesting node.
[23:12] <toad_> :)
[23:12] <toad_> it'll time out because it doesn't get an Accepted
[23:12] <toad_> so it won't be a *big* problem
[23:13] <NEOatNHNG> toad_, that's a problem we can't fix now but we should enshure things we can, reminds me of the motto of the anonym alcoholics
[23:13] <nextgens> toad_> btw you test is fishy
[23:13] <toad_> NEOatNHNG: you think buying a real SSL cert would solve the problem? I'm not convinced it would
[23:13] <nextgens> OpennetManager om = node.getOpennet();
[23:13] <nextgens> if(om == null ||
[23:13] <toad_> nextgens: what is?
[23:13] <nextgens> ((!source.isOpennet()) && (!node.passOpennetRefsThroughDarknet()))) {
[23:14] <toad_> what's wrong with that?
[23:14] <nextgens> if opennet is disabled and the darknet node is configured to pass refs through, it won't
[23:14] <toad_> if opennet is disabled om will be null
[23:14] <nextgens> so it will send opennetDisabled
[23:14] <nextgens> that's not what you want it to do when it's configured to pass opennet refs through, is it ?
[23:15] <NEOatNHNG> toad_, why buy one, if we can rpoduce our own an hardcode the fingerprint in our node, so we can check it's valid, but I'm not a genius at cryptographie
[23:15] <toad_> nextgens: we don't pass opennet refs through if opennet is disabled
[23:15] <nextgens> ah ok
[23:15] <toad_> nextgens: irc
[23:15] <toad_> nextgens: iirc
[23:15] * Shadow_Vixen (n=panther@) Quit ("Leaving")
[23:15] <toad_> NEOatNHNG: check it against what?
[23:16] <nextgens> NEOatNHNG> are you french or something ?
[23:16] <NEOatNHNG> no german
[23:16] <NEOatNHNG> oh i see cryptography
[23:17] <NEOatNHNG> check against the fingerprint or don't they work that way?
[23:17] * NEOatNHNG has to look how SSL works
[23:17] <toad_> NEOatNHNG: there is no PKI!
[23:18] <nextgens> NEOatNHNG> we will use asymmetric cryptography
[23:18] <nextgens> NEOatNHNG> we will have pubkeys in the seednode file
[23:18] * saces (n=saces@) Quit (Read error: 110 (Connection timed out))
[23:20] <NEOatNHNG> anyway we do it is okay
[23:20] <toad_> hehe we will have the pubkeys of the nodes sure
[23:21] <toad_> but what is to prevent Mallory from MITMing the seednode collector itself?
[23:21] <nextgens> nothing of course
[23:21] <toad_> or the installer, to get everyone within his jurisdiction to install a trojaned version
[23:21] <nextgens> well, we could hardcode a signature
[23:21] <toad_> yeah but that only works if we secure the installer download
[23:21] <nextgens> toad_> I'm signing the installer
[23:21] <nextgens> even though I'm not proud of it
[23:22] <nextgens> well, no, I was signing it
[23:22] <nextgens> until someone objected that noone trust me anyway
[23:22] <toad_> :)
[23:22] <nextgens> so now I sign it with a "project" key I signed
[23:22] <toad_> that's no reason not to sign it
[23:22] <nextgens> well it's signed... but not by my key
[23:22] <nextgens> not at the first-level at least
[23:23] <toad_> even to get to you is nontrivial though
[23:24] * dra9on (n=dra9on@) Quit ("Leaving")
[23:26] <toad_> should the anonymous connect cipher use the identity, the hash of the identity, or the hash of the identity plus some string?
[23:26] <NEOatNHNG> toad_, the seednode sends his pubkey to the server encrypted with the pubkey of the server (which it already has)
[23:27] <toad_> NEOatNHNG: i mean at the point of the client fetching from the server
[23:27] <nextgens> toad_> identity or its hash is the same thing
[23:27] <toad_> NEOatNHNG: encrypting the incoming seednodes is a good idea though
[23:28] <nextgens> it's probably a good idea not to use a known plaintext but the identity
[23:28] <toad_> nextgens: JFK for example uses hashes of data plus some constant string for getting different values
[23:28] <toad_> nextgens: it might be a good idea?
[23:28] <toad_> or should i just use the plain identity
[23:28] <nextgens> depending how much bytes the block cypher needs
[23:29] <toad_> the identity hash is 32 bytes, the identity is 32 bytes
[23:29] <nextgens> you have various options
[23:29] <nextgens> use the identity then
[23:29] <toad_> i'm just thinking of keeping it separate from the other setup keys
[23:31] <NEOatNHNG> toad_, I'm lost, what did you mean?
[23:32] <toad_> NEOatNHNG: different piece of crypto, i'm implementing anonymous-connect crypto so that we can have seednode connections and eventually various forms of invites
[23:32] <NEOatNHNG> ok
[23:32] <toad_> anonymous-connect = responder does not know initiator
[23:32] <diip> so any mac users here?
[23:32] * mikeDOTd (n=mikedotd@) Quit ("brb")
[23:32] * nextgens thinks that the Logger can be a DoS vector on jfk
[23:32] <NEOatNHNG> diip, still lost with refbot?
[23:32] <nextgens> we log hmac verification failures
[23:33] <toad_> NEOatNHNG: so what you're saying is all communication to and from the seednode harvester should be encrypted
[23:33] <nextgens> meaning that someone sending garbage will effectively DoS the logger :<
[23:33] <toad_> nextgens: it can also be a debugging vector
[23:33] <diip> neoatnhng yeah i think i need cvs whatever that is
[23:33] <nextgens> or at least trigger the "log-limiting cap" and put it on hold
[23:33] <NEOatNHNG> cvs is a versioning system
[23:33] <NEOatNHNG> like svn
[23:33] <diip> ok thanks
[23:34] <nextgens> so that he can do bad things and be 100% sure they won't ever be reported because they aren't logged
[23:35] <NEOatNHNG> toad_, encrypted and the harvester shouldn't give the identities from all seednodes he knows all at once, to prevent "spamming-like" attacks
[23:36] * mikeDOTd (n=mikedotd@) has joined #freenet
[23:36] <NEOatNHNG> toad_, to enshure that the identities he gives to the new node are still valid he must check the nodes are still online
[23:37] <nextgens> toad_> I found the bug :))
[23:37] <toad_> NEOatNHNG: as i said, if we just give out the same 3 refs for a long period, the attacker will simply DoS them
[23:37] <nextgens> regarding the loss of exponentials
[23:38] <NEOatNHNG> toad_, he will DoS three but not the whole network as he will if we give him the whole list
[23:38] <NEOatNHNG> diip, what does the refbot actually say if you start it?
[23:39] <diip> i can't start it...i can't get the file to download :[
[23:39] <NEOatNHNG> which file?
[23:39] <toad_> NEOatNHNG: sure but he can prevent anyone from joining it
[23:39] <toad_> NEOatNHNG: if you give him the full list he may not have the capacity to DoS all of them, and the network is much bigger than the seednodes list
[23:39] <diip> the source code, i think
[23:41] <NEOatNHNG> toad_, how is he going to block other users? just if he DoS our seedserver but then he could also DoS our website so noone can download freenet anymore
[23:41] <toad_> NEOatNHNG: ok that's true, but the seednodes probably have less bandwidth than our site does
[23:42] <NEOatNHNG> diip, you can't download http://get.freenetproject.org/get.php?location=/alpha/pyFreenet/pyFreenet-latest.tbz?
[23:43] <NEOatNHNG> toad_, of cours we give three different refs per IP
[23:43] <diip> neoatnhng, i can't download it in any usable form
[23:44] <toad_> NEOatNHNG: even so, they're probably DSL connections etc, the central server runs on emu
[23:44] <NEOatNHNG> so node A will get ref 14 168 and 139 and node B 137 9998 and 300
[23:44] <toad_> NEOatNHNG: emu is a dedicated server at bytemark, ~ 100Mbps bandwidth
[23:45] <toad_> of course, we have a quota...
[23:45] <NEOatNHNG> diip, it should be an archive
[23:45] <diip> no luck there
[23:46] <nextgens> diip> http://mirror1.freenetproject.org/alpha/pyFreenet/pyFreenet-15921.tbz
[23:46] <nextgens> diip> try that one
[23:47] <NEOatNHNG> nextgens, I think we have a problem there firefox is opening it as plaintext
[23:49] <diip> nextgens it worked! thanks
[23:49] * Caco_Patane (n=caco@) has joined #freenet
[23:51] <NEOatNHNG> toad_, i think I missed the problem, if we give (how are they always called Eve?) three ref (containing the one of Anna?) Eve will DoS Anna but she would also if we gave her a whole list in which she randomly chose anna
[23:52] <NEOatNHNG> but if Bob is also a Seednode eve can't DoS him because she doesn't even know he exists
[23:52] <NEOatNHNG> sorry think alice instead of anna ;-)
[23:54] <toad_> NEOatNHNG: the current suggestion is to give a full list and have nodes choose them randomly
[23:54] <NEOatNHNG> so as long as our site is not DoSed charlie will get a connection to freenet because our seedserver (randomly) chose dianas ref for him
[23:55] <toad_> well if the seedserver chooses random refs for each connection, then Eve will just keep requesting seeds from the server until she has the full set
[23:55] <NEOatNHNG> toad_, the server will give the same three per IP
[23:55] <toad_> NEOatNHNG: so she uses more than one IP, big deal
[23:56] <toad_> IPs are cheap
[23:56] <toad_> i wonder what the going rate is for a 500 node botnet?
[23:56] <dbkr> you could make the node solve a thinkcash puzzle before giving out refs but still that's probably a bit pointless - CPU time is cheap
[23:57] <NEOatNHNG> toad_, but it's more work to do than just to request a list
[23:57] <toad_> true ... but what if the reason the node requests again is that all 3 are down?
[23:57] <diip> so now the bot keeps asking for an opennet ref and I'm on darknet
[23:57] <toad_> that is likely to happen a lot
[23:57] <toad_> if we give them the full list we get much better reliability
[23:57] <dbkr> (and FWIW Eve is an Eavesdropper - the mallicious person is Mallory :)
[23:58] <NEOatNHNG> I didn't say it's a good solution against the real evil guys but it helps against some scriptkiddies or "spamming-persons"
[23:58] <dbkr> yeah, a given set per IP probably won't work for that reason
[23:59] <NEOatNHNG> toad_, thats why we have to check wether they're online before we give them away
[23:59] <dbkr> at least with thinkcash the node will have spent time trying to connect to the nodes, and so will have been able to solve another puzzle in that time
[23:59] <NEOatNHNG> so the process would be
[23:59] <dbkr> did we ever find a way of checking that?
[23:59] <toad_> NEOatNHNG: we can't do that, it would be far too expensive
[23:59] <toad_> and far too slow
[23:59] <NEOatNHNG> 1. seedserver receives request (maybe asks a puzzle to solve)
Irc logs of #freenet : 2008 2007 2006 2005
These logs were automatically created by FreenetLogBot on chat.freenode.net using the Java IRC LogBot.