From toad at amphibian.dyndns.org Sat Mar 1 15:27:53 2008 From: toad at amphibian.dyndns.org (Matthew Toseland) Date: Sat, 1 Mar 2008 15:27:53 +0000 Subject: [freenet-dev] Freenet 0.7 build 1119 Message-ID: <200803011527.58010.toad@amphibian.dyndns.org> Freenet 0.7 build 1119 is available and will be mandatory on Monday. Please upgrade. The last few builds were seriously broken in various ways. Sorry for the recent mess... :| Some bug fixes, and some minor features, exposed (or sometimes caused) larger bugs, and I didn't properly test everything before releasing it. Please upgrade, and report any remaining bugs to the bugtracker or elsewhere. Thank you for testing Freenet. :) -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://emu.freenetproject.org/pipermail/devl/attachments/20080301/1c6a7ec7/attachment.pgp From toad at amphibian.dyndns.org Sat Mar 1 17:16:14 2008 From: toad at amphibian.dyndns.org (Matthew Toseland) Date: Sat, 1 Mar 2008 17:16:14 +0000 Subject: [freenet-dev] Google Summer of Code 2008 Message-ID: <200803011716.20154.toad@amphibian.dyndns.org> We will be participating in Google Summer of Code 2008, if we are accepted as a mentoring organisation. We can apply on Monday. I have started a wiki page, based partly on the previous years, explaining our approach this year, and listing some project ideas (some of which are very easy and some very difficult). Please have a look, and add any ideas for project proposals you come up with. Also please let us know if you are considering taking part this year. I've already been approached by one enthusiastic and apparently competent indian, who is working on this minor bug: https://bugs.freenetproject.org/view.php?id=2122 http://wiki.freenetproject.org/SummerOfCode2008 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://emu.freenetproject.org/pipermail/devl/attachments/20080301/52418083/attachment.pgp From ian.clarke at gmail.com Sun Mar 2 16:35:50 2008 From: ian.clarke at gmail.com (Ian Clarke) Date: Sun, 2 Mar 2008 10:35:50 -0600 Subject: [freenet-dev] An interesting website for support Message-ID: <823242bd0803020835i15147ccas60f69e62815541cb@mail.gmail.com> What do people think of this website as a possible way to improve how we provide user support?: http://getsatisfaction.com/ It looks friendly, and pretty powerful. Ian. -- Email: ian at uprizer.com Cell: +1 512 422 3588 Skype: sanity From alejandro at mosteo.com Sun Mar 2 19:04:41 2008 From: alejandro at mosteo.com (Jano) Date: Sun, 02 Mar 2008 20:04:41 +0100 Subject: [freenet-dev] Unbundling Frost References: <200802291143.10299.toad@amphibian.dyndns.org> Message-ID: Matthew Toseland wrote: > Ian has stated that Frost is a separate project, and we should not wait > for a usable FMS. (Background: Frost has been severely DoS'ed recently due > to being based on KSK queues, and FMS is the answer). Right now we are not > actually being DoS'ed, but yesterday we were; the spammer occasionally > takes a day off, but IMHO he's likely to stop spamming now until shortly > before we ship 0.7.0, and then make Frost unusable again. > > 1) We could just not ship Frost, in order to meet Ian's totally arbitrary > deadline (not that totally arbitrary deadlines aren't of some value!). I'm for deadlines, even if arbitrary. Otherwise things tend to get unnecessarily delayed. > However IMHO we will have *dramatically* less user retention if we don't > have a usable chat client - at least on the order of 50%. This is because > Freenet is a community, and no community can function without chat. Totally agree here. Announcing 0.7 without some kind of chat will be a big wasted opportunity. There's an extra reason that makes chat important for freenet: since there's no searching (I don't consider spidering the entire freenet a good-enough substitute), users need to ask for things they're looking for, or to publicize their insertions. > 2) Or we could ship Frost even though we know it will probably be DoS'ed > again, and may be being actively DoS'ed at the point that we ship it. In > which case IMHO we should advise users about this fact in our announcement > for 0.7.0. Maybe some good publicity will come from it - it could hardly > be any worse than us shipping an application which is utterly useless, and > each user having to figure that out themselves! Telling users will put > them off ... but not telling users will also put them off. Shipping a fundamentally broken system that is actively being attacked is (at least to me) very bad publicity, and freenet has already too much of it. > 3) Or we could make a working chat system of some kind a release blocker, > and act accordingly: review third party code and help in porting FMS to > java if that is necessary. At the moment FMS is written in C (and > therefore not bundle-able), and uses a combination of HTTP and NNTP > interfaces (and therefore is not user friendly). IMHO the critical path > would be to translate it to java, implement it as a plugin, implement a > separate plugin with a web interface based on that of Worst, bundle those, > and let the Frost devs port Frost to use the plugin. Some of this has > already been started, but I haven't seen much progress recently on the FMS > board (which oddly is the only board never to have been DoS'ed). I'm for making the chat system a release blocker. If you can't anonymously chat about freenet with freenet, it's like a compiler that cannot compile itself. It doesn't help at all in selling it. Furthermore, people with previous exposure to freenet coming back will miss the feature, and how does this reflect on the project? From sven-ola at gmx.de Mon Mar 3 22:34:01 2008 From: sven-ola at gmx.de (Sven-Ola =?iso-8859-1?q?T=FCcke?=) Date: Mon, 3 Mar 2008 23:34:01 +0100 Subject: [freenet-dev] Freenet on Mips Message-ID: <200803032334.01205.sven-ola@gmx.de> Hey devs, I still want to build a freenet client for embedded devices (my target: mips). Can you please give me a pointer where to grab missing sources. Something closed here? root at MH03N648R5A00003157792:/usr/src/freenet-v1118/contrib/NativeThread# make rm -f freenet/support/io/NativeThread.class *.class NativeThread.h libNativeThread*.so javac java/NativeThread.java File java/NativeThread.java is missing Ref: http://emu.freenetproject.org/pipermail/devl/2007-December/296282.html Thank you, // Sven-Ola From tommy100 at gmx.de Tue Mar 4 01:54:25 2008 From: tommy100 at gmx.de (Tommy[D]) Date: Tue, 04 Mar 2008 02:54:25 +0100 Subject: [freenet-dev] Freenet on Mips In-Reply-To: <200803032334.01205.sven-ola@gmx.de> References: <200803032334.01205.sven-ola@gmx.de> Message-ID: <47CCABD1.6090009@gmx.de> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Sven-Ola T?cke schrieb: | Hey devs, | | I still want to build a freenet client for embedded devices (my target: mips). | Can you please give me a pointer where to grab missing sources. Something | closed here? | | root at MH03N648R5A00003157792:/usr/src/freenet-v1118/contrib/NativeThread# make | rm -f freenet/support/io/NativeThread.class *.class NativeThread.h | libNativeThread*.so | javac java/NativeThread.java | File java/NativeThread.java is missing | | Ref: http://emu.freenetproject.org/pipermail/devl/2007-December/296282.html | | Thank you, | // Sven-Ola | _______________________________________________ | Devl mailing list | Devl at freenetproject.org | http://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl | grab it out of freenet/src/freenet/support/io/ and copy it over for now :) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.7 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQCVAwUBR8yr0Ru5KnE1iZBnAQoXqwP/W3QBaCeM9gPfc/tLr0S3VUpKRM+5uaSm tMFUCd8gAHoJ9NxRWbhz5WGYC0odcgtR7uJmsEfB4cgUJ3jPrETaiL6BPGaXM0o4 CFviuhLXyDxKTsbT+lBgy2NUXq4WeWTOek2+0rKQRrHynUjAgo+KF60JEFB2hRUx lSVWbwr9PTA= =03lF -----END PGP SIGNATURE----- From nextgens at freenetproject.org Tue Mar 4 02:17:48 2008 From: nextgens at freenetproject.org (Florent =?iso-8859-1?Q?Daigni=E8re?=) Date: Tue, 4 Mar 2008 03:17:48 +0100 Subject: [freenet-dev] Freenet on Mips In-Reply-To: <200803032334.01205.sven-ola@gmx.de> References: <200803032334.01205.sven-ola@gmx.de> Message-ID: <20080304021746.GG3501@freenetproject.org> * Sven-Ola T?cke [2008-03-03 23:34:01]: > Hey devs, > > I still want to build a freenet client for embedded devices (my target: mips). > Can you please give me a pointer where to grab missing sources. svn co http://freenet.googlecode.com/svn/trunk/freenet/src/freenet/support/io/ java > Something closed here? No :) > root at MH03N648R5A00003157792:/usr/src/freenet-v1118/contrib/NativeThread# make > rm -f freenet/support/io/NativeThread.class *.class NativeThread.h > libNativeThread*.so > javac java/NativeThread.java > File java/NativeThread.java is missing > > Ref: http://emu.freenetproject.org/pipermail/devl/2007-December/296282.html > > Thank you, > // Sven-Ola You will probably need to export the CLASSPATH variable... Use something like : CLASSPATH=.:freenet-stable-latest.jar:freenet-ext.jar make to build the library. When it's built, you should put it into the lib/ folder of you node (the current node won't attempt to load it from the -ext.jar file on mips) By all means, keep us posted on how freenet works on embedded systems :) NextGen$ -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: Digital signature Url : http://emu.freenetproject.org/pipermail/devl/attachments/20080304/fe939f8f/attachment.pgp From sven-ola at gmx.de Tue Mar 4 07:10:27 2008 From: sven-ola at gmx.de (Sven-Ola =?utf-8?q?T=C3=BCcke?=) Date: Tue, 4 Mar 2008 08:10:27 +0100 Subject: [freenet-dev] Freenet on Mips In-Reply-To: <20080304021746.GG3501@freenetproject.org> References: <200803032334.01205.sven-ola@gmx.de> <20080304021746.GG3501@freenetproject.org> Message-ID: <200803040810.27802.sven-ola@gmx.de> Florent, thanks for the pointer - next time I'll try to search harder first . If you're interested: I've placed my W.I.P (readme, current binaries) on our download server. Second link points you to "screenshots" (2 pics on the bottom of page). http://download-master.berlin.freifunk.net/sven-ola/freenet-v1118/ http://www.muhri.net/skipstone/page.php3?node=screenshots // Sven-Ola Am Dienstag 04 M?rz 2008 03:17:48 schrieb Florent Daigni?re: > svn co > http://freenet.googlecode.com/svn/trunk/freenet/src/freenet/support/io/ > java From nextgens at freenetproject.org Tue Mar 4 08:20:31 2008 From: nextgens at freenetproject.org (Florent =?iso-8859-1?Q?Daigni=E8re?=) Date: Tue, 4 Mar 2008 09:20:31 +0100 Subject: [freenet-dev] Freenet on Mips In-Reply-To: <200803040810.27802.sven-ola@gmx.de> References: <200803032334.01205.sven-ola@gmx.de> <20080304021746.GG3501@freenetproject.org> <200803040810.27802.sven-ola@gmx.de> Message-ID: <20080304082030.GI3501@freenetproject.org> * Sven-Ola T?cke [2008-03-04 08:10:27]: > Florent, > > thanks for the pointer - next time I'll try to search harder first . If > you're interested: I've placed my W.I.P (readme, current binaries) on our > download server. Second link points you to "screenshots" (2 pics on the > bottom of page). > > http://download-master.berlin.freifunk.net/sven-ola/freenet-v1118/ > http://www.muhri.net/skipstone/page.php3?node=screenshots > > // Sven-Ola Cool :) I've merged some of your patches upstream (see r18326 and r18327). I might consider bundling official libraries for mips into freenet-ext.jar if you tell me that freenet is usable on such embedded systems. NextGen$ -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: Digital signature Url : http://emu.freenetproject.org/pipermail/devl/attachments/20080304/6dc2dea2/attachment.pgp From toad at amphibian.dyndns.org Tue Mar 4 09:57:50 2008 From: toad at amphibian.dyndns.org (Matthew Toseland) Date: Tue, 4 Mar 2008 09:57:50 +0000 Subject: [freenet-dev] Freenet on Mips In-Reply-To: <20080304082030.GI3501@freenetproject.org> References: <200803032334.01205.sven-ola@gmx.de> <200803040810.27802.sven-ola@gmx.de> <20080304082030.GI3501@freenetproject.org> Message-ID: <200803040957.57624.toad@amphibian.dyndns.org> On Tuesday 04 March 2008 08:20, Florent Daigni?re wrote: > * Sven-Ola T?cke [2008-03-04 08:10:27]: > > > Florent, > > > > thanks for the pointer - next time I'll try to search harder first . If > > you're interested: I've placed my W.I.P (readme, current binaries) on our > > download server. Second link points you to "screenshots" (2 pics on the > > bottom of page). > > > > http://download-master.berlin.freifunk.net/sven-ola/freenet-v1118/ > > http://www.muhri.net/skipstone/page.php3?node=screenshots > > > > // Sven-Ola > > Cool :) > > I've merged some of your patches upstream (see r18326 and r18327). > I might consider bundling official libraries for mips into freenet-ext.jar > if you tell me that freenet is usable on such embedded systems. According to his README, BDBJE requires java 1.5. Is this true? -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://emu.freenetproject.org/pipermail/devl/attachments/20080304/b0066f97/attachment.pgp From sven-ola at gmx.de Tue Mar 4 10:02:20 2008 From: sven-ola at gmx.de (Sven-Ola Tuecke) Date: Tue, 4 Mar 2008 11:02:20 +0100 Subject: [freenet-dev] Freenet on Mips References: <200803032334.01205.sven-ola@gmx.de><20080304021746.GG3501@freenetproject.org><200803040810.27802.sven-ola@gmx.de> <20080304082030.GI3501@freenetproject.org> Message-ID: <00fa01c87dde$d694b220$0370a8c0@PCSvenOla> Ooops - you shouldn't commit too early, since I'm not done yet. You don't want half-baken things in your repo. I will feed back if I'm up and running... // Sven-Ola ----- Original Message ----- From: "Florent Daigni?re" To: "Sven-Ola T?cke" Cc: "Discussion of development issues" Sent: Tuesday, March 04, 2008 9:20 AM Subject: Re: [freenet-dev] Freenet on Mips Cool :) I've merged some of your patches upstream (see r18326 and r18327). I might consider bundling official libraries for mips into freenet-ext.jar if you tell me that freenet is usable on such embedded systems. NextGen$ From sven-ola at gmx.de Tue Mar 4 10:19:26 2008 From: sven-ola at gmx.de (Sven-Ola Tuecke) Date: Tue, 4 Mar 2008 11:19:26 +0100 Subject: [freenet-dev] Freenet on Mips References: <200803032334.01205.sven-ola@gmx.de><200803040810.27802.sven-ola@gmx.de><20080304082030.GI3501@freenetproject.org> <200803040957.57624.toad@amphibian.dyndns.org> Message-ID: <011301c87de1$3df418a0$0370a8c0@PCSvenOla> Matthew, yes - seems so. Uses java-enum for example which is java-1.5 to my knowledge. Consequently, no libdb-je for debian-etch. Only debian-lenny, ref http://packages.debian.org/lenny/libdb-je-java which does not run on my box since lenny requires kernel-2.6 and I don't have months to hack new kernel patches for 2.6 currently... // Sven-Ola ----- Original Message ----- From: "Matthew Toseland" To: ; "Discussion of development issues" Sent: Tuesday, March 04, 2008 10:57 AM Subject: Re: [freenet-dev] Freenet on Mips > According to his README, BDBJE requires java 1.5. Is this true? From toad at amphibian.dyndns.org Tue Mar 4 11:14:16 2008 From: toad at amphibian.dyndns.org (Matthew Toseland) Date: Tue, 4 Mar 2008 11:14:16 +0000 Subject: [freenet-dev] Freenet on Mips In-Reply-To: <011301c87de1$3df418a0$0370a8c0@PCSvenOla> References: <200803032334.01205.sven-ola@gmx.de> <200803040957.57624.toad@amphibian.dyndns.org> <011301c87de1$3df418a0$0370a8c0@PCSvenOla> Message-ID: <200803041114.22637.toad@amphibian.dyndns.org> On Tuesday 04 March 2008 10:19, Sven-Ola Tuecke wrote: > Matthew, > > yes - seems so. Uses java-enum for example which is java-1.5 to my > knowledge. Consequently, no libdb-je for debian-etch. Only debian-lenny, ref > http://packages.debian.org/lenny/libdb-je-java which does not run on my box > since lenny requires kernel-2.6 and I don't have months to hack new kernel > patches for 2.6 currently... I was under the impression that Freenet worked (modulo a few bugs) on GCJ. That means BDBJE cannot possibly require 1.5??? -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://emu.freenetproject.org/pipermail/devl/attachments/20080304/783642ca/attachment.pgp From sven-ola at gmx.de Tue Mar 4 11:55:32 2008 From: sven-ola at gmx.de (Sven-Ola Tuecke) Date: Tue, 4 Mar 2008 12:55:32 +0100 Subject: [freenet-dev] Freenet on Mips References: <200803032334.01205.sven-ola@gmx.de><200803040957.57624.toad@amphibian.dyndns.org><011301c87de1$3df418a0$0370a8c0@PCSvenOla> <200803041114.22637.toad@amphibian.dyndns.org> Message-ID: <041f01c87dee$a73d4cc0$0370a8c0@PCSvenOla> Matthew, yes and no. A matter of software versions. Here are details: ecj from debian-stable (etch): compiler accepts "-version 1.5" but bails out. That older version comes as a virtual packet, so ejc->ejc-bootstrap-3.2.1-3 ejc from debian testing (lenny) / ubuntu-gutsy: compiles fine (ecj-3.3.0) but 2 cases from the test suite fail if executed with gij-4.2.1. Same tests pass if executed with sun-jre-5. Does not look too serious: - gij returns that "127.0.0.0.1" is a valid IPv4 addr - gij states isProbablePrime(1) as true wile sun-java returns false Currently unsure, if gij-4.1.1 executes fine. Which may not be the case. If that happens, I need to cross/recompile gij from scratch to have the newer gij-4.1.2 on my box. And yes - I constantly switch the JRE using update-alternatives-java currently. BTW - I'm not a java expert, but I'm used to computers since the 1980's While I'm at it: the GUI installer freezes if executed with gij (cannot click the controls). But that's on a low prio queue because a) I want freenet running and b) I need to check the robustness against UDP packet loss and then eventually c) correct any GUI... HTH // Sven-Ola ----- Original Message ----- From: "Matthew Toseland" To: "Discussion of development issues" Sent: Tuesday, March 04, 2008 12:14 PM Subject: Re: [freenet-dev] Freenet on Mips I was under the impression that Freenet worked (modulo a few bugs) on GCJ. That means BDBJE cannot possibly require 1.5??? From toad at amphibian.dyndns.org Tue Mar 4 11:59:08 2008 From: toad at amphibian.dyndns.org (Matthew Toseland) Date: Tue, 4 Mar 2008 11:59:08 +0000 Subject: [freenet-dev] Bogus network construction function?? was Re: [freenet-cvs] r18322 - trunk/freenet/src/freenet/node/simulator In-Reply-To: <20080303214044.D9652478925@freenetproject.org> References: <20080303214044.D9652478925@freenetproject.org> Message-ID: <200803041159.15704.toad@amphibian.dyndns.org> Hmmm, we really need to fix this, if our simulations are skewed... Any hints, Oskar? The network construction function is right at the top of this file.. could you have a look at it? Thanks. http://emu.freenetproject.org/cgi-bin/viewcvs.cgi/trunk/freenet/src/freenet/node/simulator/RealNodeTest.java?rev=18322&view=markup On Monday 03 March 2008 21:40, robert at freenetproject.org wrote: > Author: robert > Date: 2008-03-03 21:40:44 +0000 (Mon, 03 Mar 2008) > New Revision: 18322 > > Modified: > trunk/freenet/src/freenet/node/simulator/RealNodeTest.java > Log: > comments > > > Modified: trunk/freenet/src/freenet/node/simulator/RealNodeTest.java > =================================================================== > --- trunk/freenet/src/freenet/node/simulator/RealNodeTest.java 2008-03-03 13:38:58 UTC (rev 18321) > +++ trunk/freenet/src/freenet/node/simulator/RealNodeTest.java 2008-03-03 21:40:44 UTC (rev 18322) > @@ -29,6 +29,10 @@ > > /* > Borrowed from mrogers simulation code (February 6, 2008) > + -- > + FIXME: May not generate good networks. Presumably this is because the arrays are always scanned > + [0..n], some nodes tend to have *much* higher connections than the degree (the first few), > + starving the latter ones. > */ > static void makeKleinbergNetwork (Node[] nodes, boolean idealLocations, int degree, boolean forceNeighbourConnections) > { -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://emu.freenetproject.org/pipermail/devl/attachments/20080304/85fdbbf7/attachment.pgp From nextgens at freenetproject.org Tue Mar 4 12:03:20 2008 From: nextgens at freenetproject.org (Florent =?iso-8859-1?Q?Daigni=E8re?=) Date: Tue, 4 Mar 2008 13:03:20 +0100 Subject: [freenet-dev] Freenet on Mips In-Reply-To: <00fa01c87dde$d694b220$0370a8c0@PCSvenOla> References: <20080304082030.GI3501@freenetproject.org> <00fa01c87dde$d694b220$0370a8c0@PCSvenOla> Message-ID: <20080304120318.GK3501@freenetproject.org> * Sven-Ola Tuecke [2008-03-04 11:02:20]: > Ooops - you shouldn't commit too early, since I'm not done yet. You don't > want half-baken things in your repo. I will feed back if I'm up and > running... > > // Sven-Ola > Your changes were sensible anyway, hence I've commited them :) NextGen$ -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: Digital signature Url : http://emu.freenetproject.org/pipermail/devl/attachments/20080304/cf553496/attachment.pgp From nextgens at freenetproject.org Tue Mar 4 12:06:23 2008 From: nextgens at freenetproject.org (Florent =?iso-8859-1?Q?Daigni=E8re?=) Date: Tue, 4 Mar 2008 13:06:23 +0100 Subject: [freenet-dev] Freenet on Mips In-Reply-To: <200803040957.57624.toad@amphibian.dyndns.org> References: <200803032334.01205.sven-ola@gmx.de> <200803040810.27802.sven-ola@gmx.de> <20080304082030.GI3501@freenetproject.org> <200803040957.57624.toad@amphibian.dyndns.org> Message-ID: <20080304120621.GL3501@freenetproject.org> * Matthew Toseland [2008-03-04 09:57:50]: > On Tuesday 04 March 2008 08:20, Florent Daigni?re wrote: > > * Sven-Ola T?cke [2008-03-04 08:10:27]: > > > > > Florent, > > > > > > thanks for the pointer - next time I'll try to search harder first . > If > > > you're interested: I've placed my W.I.P (readme, current binaries) on our > > > download server. Second link points you to "screenshots" (2 pics on the > > > bottom of page). > > > > > > http://download-master.berlin.freifunk.net/sven-ola/freenet-v1118/ > > > http://www.muhri.net/skipstone/page.php3?node=screenshots > > > > > > // Sven-Ola > > > > Cool :) > > > > I've merged some of your patches upstream (see r18326 and r18327). > > I might consider bundling official libraries for mips into freenet-ext.jar > > if you tell me that freenet is usable on such embedded systems. > > According to his README, BDBJE requires java 1.5. Is this true? It requires 1.5 to compile but 1.4 is enough for it to run (some 1.5 optimizations will be disabled at runtime) NextGen$ -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: Digital signature Url : http://emu.freenetproject.org/pipermail/devl/attachments/20080304/8370ffda/attachment.pgp From toad at amphibian.dyndns.org Tue Mar 4 12:44:56 2008 From: toad at amphibian.dyndns.org (Matthew Toseland) Date: Tue, 4 Mar 2008 12:44:56 +0000 Subject: [freenet-dev] Summer of Code mentors sign up Message-ID: <200803041245.15937.toad@amphibian.dyndns.org> Who wants to be a mentor this year? Please email me privately and we can discuss it. As far as I can see we have until April 11 to sign up mentors. I will be a mentor, so far that's about as far as I've got! -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://emu.freenetproject.org/pipermail/devl/attachments/20080304/56d08c40/attachment.pgp From m.rogers at cs.ucl.ac.uk Tue Mar 4 13:06:05 2008 From: m.rogers at cs.ucl.ac.uk (Michael Rogers) Date: Tue, 04 Mar 2008 13:06:05 +0000 Subject: [freenet-dev] Bogus network construction function?? was Re: [freenet-cvs] r18322 - trunk/freenet/src/freenet/node/simulator In-Reply-To: <200803041159.15704.toad@amphibian.dyndns.org> References: <20080303214044.D9652478925@freenetproject.org> <200803041159.15704.toad@amphibian.dyndns.org> Message-ID: <47CD493D.9090503@cs.ucl.ac.uk> Are you checking for duplicate connections and self-connections? In my code that was done in the connect() method. Cheers, Michael Matthew Toseland wrote: > Hmmm, we really need to fix this, if our simulations are skewed... > > Any hints, Oskar? The network construction function is right at the top of > this file.. could you have a look at it? Thanks. > > http://emu.freenetproject.org/cgi-bin/viewcvs.cgi/trunk/freenet/src/freenet/node/simulator/RealNodeTest.java?rev=18322&view=markup > > On Monday 03 March 2008 21:40, robert at freenetproject.org wrote: >> Author: robert >> Date: 2008-03-03 21:40:44 +0000 (Mon, 03 Mar 2008) >> New Revision: 18322 >> >> Modified: >> trunk/freenet/src/freenet/node/simulator/RealNodeTest.java >> Log: >> comments >> >> >> Modified: trunk/freenet/src/freenet/node/simulator/RealNodeTest.java >> =================================================================== >> --- trunk/freenet/src/freenet/node/simulator/RealNodeTest.java 2008-03-03 > 13:38:58 UTC (rev 18321) >> +++ trunk/freenet/src/freenet/node/simulator/RealNodeTest.java 2008-03-03 > 21:40:44 UTC (rev 18322) >> @@ -29,6 +29,10 @@ >> >> /* >> Borrowed from mrogers simulation code (February 6, 2008) >> + -- >> + FIXME: May not generate good networks. Presumably this is because the > arrays are always scanned >> + [0..n], some nodes tend to have *much* higher connections than the > degree (the first few), >> + starving the latter ones. >> */ >> static void makeKleinbergNetwork (Node[] nodes, boolean idealLocations, > int degree, boolean forceNeighbourConnections) >> { >> >> ------------------------------------------------------------------------ >> >> _______________________________________________ >> Devl mailing list >> Devl at freenetproject.org >> http://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl From m.rogers at cs.ucl.ac.uk Tue Mar 4 13:52:39 2008 From: m.rogers at cs.ucl.ac.uk (Michael Rogers) Date: Tue, 04 Mar 2008 13:52:39 +0000 Subject: [freenet-dev] Bogus network construction function?? was Re: [freenet-cvs] r18322 - trunk/freenet/src/freenet/node/simulator In-Reply-To: <200803041159.15704.toad@amphibian.dyndns.org> References: <20080303214044.D9652478925@freenetproject.org> <200803041159.15704.toad@amphibian.dyndns.org> Message-ID: <47CD5427.7000304@cs.ucl.ac.uk> I don't see any correlation between index and degree with the attached test code (which rejects duplicate connections because it uses HashSet). Cheers, Michael Matthew Toseland wrote: > Hmmm, we really need to fix this, if our simulations are skewed... > > Any hints, Oskar? The network construction function is right at the top of > this file.. could you have a look at it? Thanks. > > http://emu.freenetproject.org/cgi-bin/viewcvs.cgi/trunk/freenet/src/freenet/node/simulator/RealNodeTest.java?rev=18322&view=markup > > On Monday 03 March 2008 21:40, robert at freenetproject.org wrote: >> Author: robert >> Date: 2008-03-03 21:40:44 +0000 (Mon, 03 Mar 2008) >> New Revision: 18322 >> >> Modified: >> trunk/freenet/src/freenet/node/simulator/RealNodeTest.java >> Log: >> comments >> >> >> Modified: trunk/freenet/src/freenet/node/simulator/RealNodeTest.java >> =================================================================== >> --- trunk/freenet/src/freenet/node/simulator/RealNodeTest.java 2008-03-03 > 13:38:58 UTC (rev 18321) >> +++ trunk/freenet/src/freenet/node/simulator/RealNodeTest.java 2008-03-03 > 21:40:44 UTC (rev 18322) >> @@ -29,6 +29,10 @@ >> >> /* >> Borrowed from mrogers simulation code (February 6, 2008) >> + -- >> + FIXME: May not generate good networks. Presumably this is because the > arrays are always scanned >> + [0..n], some nodes tend to have *much* higher connections than the > degree (the first few), >> + starving the latter ones. >> */ >> static void makeKleinbergNetwork (Node[] nodes, boolean idealLocations, > int degree, boolean forceNeighbourConnections) >> { >> >> ------------------------------------------------------------------------ >> >> _______________________________________________ >> Devl mailing list >> Devl at freenetproject.org >> http://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl -------------- next part -------------- A non-text attachment was scrubbed... Name: KleinbergDegreeTest.java Type: text/x-java Size: 2161 bytes Desc: not available Url : http://emu.freenetproject.org/pipermail/devl/attachments/20080304/8ac05312/attachment.java From robert at freenetproject.org Tue Mar 4 15:54:23 2008 From: robert at freenetproject.org (Robert Hailey) Date: Tue, 4 Mar 2008 09:54:23 -0600 Subject: [freenet-dev] Bogus network construction function?? was Re: [freenet-cvs] r18322 - trunk/freenet/src/freenet/node/simulator In-Reply-To: <47CD5427.7000304@cs.ucl.ac.uk> References: <20080303214044.D9652478925@freenetproject.org> <200803041159.15704.toad@amphibian.dyndns.org> <47CD5427.7000304@cs.ucl.ac.uk> Message-ID: On Mar 4, 2008, at 7:52 AM, Michael Rogers wrote: > I don't see any correlation between index and degree with the > attached test code (which rejects duplicate connections because it > uses HashSet). > > Cheers, > Michael I don't know, it just seems like a degree-6 graph should not have node(s) with 21 connections. Something's afowl here, the array-scanning was just my best guess when I ran out of time to track it down. Running your sim at the stats of the present network coloring test (50 nodes, degree=6), I get a graph with an average degree of about 4 and a peak connection count of 8 (not 21). Without Michael's forceNeighborConnections mod, it would also make quite a number of leaf nodes. I don't recall if it makes zero- connection nodes. -- Robert Hailey > Matthew Toseland wrote: >> Hmmm, we really need to fix this, if our simulations are skewed... >> Any hints, Oskar? The network construction function is right at the >> top of this file.. could you have a look at it? Thanks. >> http://emu.freenetproject.org/cgi-bin/viewcvs.cgi/trunk/freenet/src/freenet/node/simulator/RealNodeTest.java?rev=18322&view=markup >> On Monday 03 March 2008 21:40, robert at freenetproject.org wrote: >>> Author: robert >>> Date: 2008-03-03 21:40:44 +0000 (Mon, 03 Mar 2008) >>> New Revision: 18322 >>> >>> Modified: >>> trunk/freenet/src/freenet/node/simulator/RealNodeTest.java >>> Log: >>> comments >>> >>> >>> Modified: trunk/freenet/src/freenet/node/simulator/RealNodeTest.java >>> =================================================================== >>> --- trunk/freenet/src/freenet/node/simulator/RealNodeTest.java >>> 2008-03-03 >> 13:38:58 UTC (rev 18321) >>> +++ trunk/freenet/src/freenet/node/simulator/RealNodeTest.java >>> 2008-03-03 >> 21:40:44 UTC (rev 18322) >>> @@ -29,6 +29,10 @@ >>> >>> /* >>> Borrowed from mrogers simulation code (February 6, 2008) >>> + -- >>> + FIXME: May not generate good networks. Presumably this is >>> because the >> arrays are always scanned >>> + [0..n], some nodes tend to have *much* higher >>> connections than the >> degree (the first few), >>> + starving the latter ones. >>> */ >>> static void makeKleinbergNetwork (Node[] nodes, boolean >>> idealLocations, >> int degree, boolean forceNeighbourConnections) >>> { >>> >>> ------------------------------------------------------------------------ >>> >>> _______________________________________________ >>> Devl mailing list >>> Devl at freenetproject.org >>> http://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl > > import java.util.ArrayList; > import java.util.HashSet; > > class KleinbergDegreeTest > { > static final int NODES = 1000, DEGREE = 10, MAX_DEGREE = 20; > static final boolean LIMIT = false; > > ArrayList nodes; > > KleinbergDegreeTest() > { > nodes = new ArrayList (NODES); > for (int i = 0; i < NODES; i++) nodes.add (new Node()); > } > > void makeKleinbergNetwork() > { > for (Node a : nodes) { > // Normalise the probabilities > double norm = 0.0; > for (Node b : nodes) { > if (a.location == b.location) continue; > norm += 1.0 / distance (a, b); > } > // Create DEGREE/2 outgoing connections > for (Node b : nodes) { > if (a.location == b.location) continue; > double p = 1.0 / distance (a, b) / norm; > for (int i = 0; i < DEGREE / 2; i++) { > if (Math.random() < p) { > connect (a, b); > break; > } > } > } > } > } > > double distance (Node a, Node b) > { > double x = a.location, y = b.location; > if (x > y) return Math.min (x - y, y - x + 1.0); > else return Math.min (y - x, x - y + 1.0); > } > > void connect (Node a, Node b) > { > if (LIMIT && > (a.neighbours.size() == MAX_DEGREE > || b.neighbours.size() == MAX_DEGREE)) return; > a.neighbours.add (b); > b.neighbours.add (a); > } > > // Print a scatterplot of index vs degree and a histogram of degree > void printDegreeDistribution() > { > int[] histogram = new int[DEGREE]; > for (int i = 0; i < NODES; i++) { > Node n = nodes.get (i); > System.out.println (i + " " + n.neighbours.size()); > int degree = n.neighbours.size(); > if (degree >= histogram.length) { > int[] newHistogram = new int[degree + 1]; > for (int j = 0; j < histogram.length; j++) > newHistogram[j] = histogram[j]; > histogram = newHistogram; > } > histogram[degree]++; > } > System.out.print ("#"); > for (int i = 0; i < histogram.length; i++) > System.out.print (" " + histogram[i]); > System.out.println(); > } > > public static void main (String[] args) > { > KleinbergDegreeTest kdt = new KleinbergDegreeTest(); > kdt.makeKleinbergNetwork(); > kdt.printDegreeDistribution(); > } > > class Node > { > HashSet neighbours = new HashSet(); > double location = Math.random(); > } > } > _______________________________________________ > Devl mailing list > Devl at freenetproject.org > http://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl From toad at amphibian.dyndns.org Tue Mar 4 16:16:05 2008 From: toad at amphibian.dyndns.org (Matthew Toseland) Date: Tue, 4 Mar 2008 16:16:05 +0000 Subject: [freenet-dev] [freenet-cvs] r18336 - trunk/freenet/src/freenet/node In-Reply-To: <20080304161446.3D3B54797CF@freenetproject.org> References: <20080304161446.3D3B54797CF@freenetproject.org> Message-ID: <200803041616.10387.toad@amphibian.dyndns.org> Do we need a forARK flag? On Tuesday 04 March 2008 16:14, you wrote: > Author: tommy > Date: 2008-03-04 16:14:45 +0000 (Tue, 04 Mar 2008) > New Revision: 18336 > > Modified: > trunk/freenet/src/freenet/node/NodeCrypto.java > Log: > Partially revert r18272 to get ARKs working again > > Modified: trunk/freenet/src/freenet/node/NodeCrypto.java > =================================================================== > --- trunk/freenet/src/freenet/node/NodeCrypto.java 2008-03-04 14:08:35 UTC (rev 18335) > +++ trunk/freenet/src/freenet/node/NodeCrypto.java 2008-03-04 16:14:45 UTC (rev 18336) > @@ -283,7 +283,7 @@ > */ > SimpleFieldSet exportPublicFieldSet(boolean forSetup, boolean forAnonInitiator) { > SimpleFieldSet fs = exportPublicCryptoFieldSet(forSetup, forAnonInitiator); > - if((!forAnonInitiator) && (!forSetup)) { > + if(!forAnonInitiator) { > // IP addresses > Peer[] ips = detector.detectPrimaryPeers(); > if(ips != null) { > > _______________________________________________ > cvs mailing list > cvs at freenetproject.org > http://emu.freenetproject.org/cgi-bin/mailman/listinfo/cvs > > -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://emu.freenetproject.org/pipermail/devl/attachments/20080304/492e1fb8/attachment.pgp From m.rogers at cs.ucl.ac.uk Tue Mar 4 17:22:20 2008 From: m.rogers at cs.ucl.ac.uk (Michael Rogers) Date: Tue, 04 Mar 2008 17:22:20 +0000 Subject: [freenet-dev] Bogus network construction function?? was Re: [freenet-cvs] r18322 - trunk/freenet/src/freenet/node/simulator In-Reply-To: References: <20080303214044.D9652478925@freenetproject.org> <200803041159.15704.toad@amphibian.dyndns.org> <47CD5427.7000304@cs.ucl.ac.uk> Message-ID: <47CD854C.8040903@cs.ucl.ac.uk> Robert Hailey wrote: > I don't know, it just seems like a degree-6 graph should not have > node(s) with 21 connections. Agreed, it should be very rare (though not impossible). The degree distribution should be Poisson, approximately normal for large graphs. The histogram at the end of the test code output looks about right to me - what kind of degree distribution are you getting in RealNodeTest? > Something's afowl here, the array-scanning was just my best guess when > I ran out of time to track it down. Running your sim at the stats of > the present network coloring test (50 nodes, degree=6), I get a graph > with an average degree of about 4 and a peak connection count of 8 > (not 21). That sounds about right - the actual mean will usually be lower than the specified mean, especially in small networks, because duplicate connections are discarded. > Without Michael's forceNeighborConnections mod, it would also make > quite a number of leaf nodes. I don't recall if it makes zero- > connection nodes. Again, it's possible but it should be very rare. (Slightly updated version of the test code attached - you can now choose regular or random locations. Still no correlation between index and degree.) Cheers, Michael -------------- next part -------------- A non-text attachment was scrubbed... Name: KleinbergDegreeTest.java Type: text/x-java Size: 2375 bytes Desc: not available Url : http://emu.freenetproject.org/pipermail/devl/attachments/20080304/b42f38a7/attachment.java From ian.clarke at gmail.com Tue Mar 4 23:55:33 2008 From: ian.clarke at gmail.com (Ian Clarke) Date: Tue, 4 Mar 2008 17:55:33 -0600 Subject: [freenet-dev] Debundling Frost Message-ID: <823242bd0803041555n2e7c78caldce43f4fc21dcc72@mail.gmail.com> It seems (based somewhat on personal experience) that Frost is currently having some difficulties due to spamming. It has been argued that since we bundle Frost, we are responsible to ensure that it is working well, and thus we must delay our release until it can be fixed to deal with this problem. This is simply unacceptable. The point of a release is to draw a line in the sand, to force people to shift their focus from adding new features to ensuring that existing features work. Setting a requirement that these third party apps work well before we release is effectively adding a huge feature to our set of responsibilities at the very last minute, exactly what a release is supposed to prevent. I can see an argument, however, that by bundling these apps, we are endorsing them, and if they don't work well, that this could reflect negatively on us. I therefore recommend that for this release, we de-bundle Frost, and any other app that currently isn't working well, unless it can be fixed in time for the release. The release should *NOT* be delayed for these apps - we've had months, even years of delays, someone has to draw a line in the sand. This means that we get a Freenet release in a reasonable timeframe, and hopefully it will help to focus the minds of developers of those apps. Thoughts? Ian. -- Email: ian at uprizer.com Cell: +1 512 422 3588 Skype: sanity From sven-ola at gmx.de Wed Mar 5 09:04:58 2008 From: sven-ola at gmx.de (Sven-Ola =?utf-8?q?T=C3=BCcke?=) Date: Wed, 5 Mar 2008 10:04:58 +0100 Subject: [freenet-dev] Freenet on Mips In-Reply-To: <20080304120621.GL3501@freenetproject.org> References: <200803032334.01205.sven-ola@gmx.de> <200803040957.57624.toad@amphibian.dyndns.org> <20080304120621.GL3501@freenetproject.org> Message-ID: <200803051004.58352.sven-ola@gmx.de> Jep. Got it up and running. A bit memory consuming though - needs optimization. Requires two more patches to these files: freenet/src/freenet/support/LibraryLoader.java freenet/src/net/i2p/util/NativeBigInteger.java as well as relaxing two junit tests for ECJ in: freenet/test/freenet/crypt/DSAGroupGeneratorTest.java freenet/test/freenet/io/AddressIdentifierTest.java I uploaded my stuff to http://download-master.berlin.freifunk.net/sven-ola/freenet-v1118/ freenet-v1118-mips.patch source patchset freenet-v1118-mips.tgz compiled binaries for source tree freenet07-mips.patch patches for installer freenet07-mips.tgz prepared installer for mips readme-freenet.txt some notes // Sven-Ola Am Dienstag 04 M?rz 2008 13:06:23 schrieb Florent Daigni?re: [tofu removed] > It requires 1.5 to compile but 1.4 is enough for it to run (some 1.5 > optimizations will be disabled at runtime) > > NextGen$ From toad at amphibian.dyndns.org Wed Mar 5 11:05:30 2008 From: toad at amphibian.dyndns.org (Matthew Toseland) Date: Wed, 5 Mar 2008 11:05:30 +0000 Subject: [freenet-dev] Freenet on Mips In-Reply-To: <200803051004.58352.sven-ola@gmx.de> References: <200803032334.01205.sven-ola@gmx.de> <20080304120621.GL3501@freenetproject.org> <200803051004.58352.sven-ola@gmx.de> Message-ID: <200803051105.36617.toad@amphibian.dyndns.org> You won't have a native FEC library, so decoding downloads will be *really* slow. On Wednesday 05 March 2008 09:04, Sven-Ola T?cke wrote: > Jep. Got it up and running. A bit memory consuming though - needs > optimization. Requires two more patches to these files: > > freenet/src/freenet/support/LibraryLoader.java > freenet/src/net/i2p/util/NativeBigInteger.java > > as well as relaxing two junit tests for ECJ in: > > freenet/test/freenet/crypt/DSAGroupGeneratorTest.java > freenet/test/freenet/io/AddressIdentifierTest.java > > I uploaded my stuff to > http://download-master.berlin.freifunk.net/sven-ola/freenet-v1118/ > > freenet-v1118-mips.patch source patchset > freenet-v1118-mips.tgz compiled binaries for source tree > freenet07-mips.patch patches for installer > freenet07-mips.tgz prepared installer for mips > readme-freenet.txt some notes > > // Sven-Ola > > Am Dienstag 04 M?rz 2008 13:06:23 schrieb Florent Daigni?re: > [tofu removed] > > It requires 1.5 to compile but 1.4 is enough for it to run (some 1.5 > > optimizations will be disabled at runtime) > > > > NextGen$ > > > _______________________________________________ > Devl mailing list > Devl at freenetproject.org > http://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://emu.freenetproject.org/pipermail/devl/attachments/20080305/16cf3b55/attachment.pgp From nextgens at freenetproject.org Wed Mar 5 11:22:27 2008 From: nextgens at freenetproject.org (Florent =?iso-8859-1?Q?Daigni=E8re?=) Date: Wed, 5 Mar 2008 12:22:27 +0100 Subject: [freenet-dev] Freenet on Mips In-Reply-To: <200803051105.36617.toad@amphibian.dyndns.org> References: <200803032334.01205.sven-ola@gmx.de> <20080304120621.GL3501@freenetproject.org> <200803051004.58352.sven-ola@gmx.de> <200803051105.36617.toad@amphibian.dyndns.org> Message-ID: <20080305112225.GE3547@freenetproject.org> * Matthew Toseland [2008-03-05 11:05:30]: > You won't have a native FEC library, so decoding downloads will be *really* > slow. Why won't he have one ? He can probably manage to compile NativeFec on his own. > > On Wednesday 05 March 2008 09:04, Sven-Ola T?cke wrote: > > Jep. Got it up and running. A bit memory consuming though - needs > > optimization. Requires two more patches to these files: > > > > freenet/src/freenet/support/LibraryLoader.java > > freenet/src/net/i2p/util/NativeBigInteger.java > > > > as well as relaxing two junit tests for ECJ in: > > > > freenet/test/freenet/crypt/DSAGroupGeneratorTest.java > > freenet/test/freenet/io/AddressIdentifierTest.java > > > > I uploaded my stuff to > > http://download-master.berlin.freifunk.net/sven-ola/freenet-v1118/ > > > > freenet-v1118-mips.patch source patchset > > freenet-v1118-mips.tgz compiled binaries for source tree > > freenet07-mips.patch patches for installer > > freenet07-mips.tgz prepared installer for mips > > readme-freenet.txt some notes > > > > // Sven-Ola > > > > Am Dienstag 04 M?rz 2008 13:06:23 schrieb Florent Daigni?re: > > [tofu removed] > > > It requires 1.5 to compile but 1.4 is enough for it to run (some 1.5 > > > optimizations will be disabled at runtime) > > > > > > NextGen$ > > > > > > _______________________________________________ > > Devl mailing list > > Devl at freenetproject.org > > http://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl > _______________________________________________ > Devl mailing list > Devl at freenetproject.org > http://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: Digital signature Url : http://emu.freenetproject.org/pipermail/devl/attachments/20080305/83ad3746/attachment.pgp From sven-ola at gmx.de Wed Mar 5 11:35:26 2008 From: sven-ola at gmx.de (Sven-Ola Tuecke) Date: Wed, 5 Mar 2008 12:35:26 +0100 Subject: [freenet-dev] Freenet on Mips References: <200803032334.01205.sven-ola@gmx.de><20080304120621.GL3501@freenetproject.org><200803051004.58352.sven-ola@gmx.de> <200803051105.36617.toad@amphibian.dyndns.org> Message-ID: <003c01c87eb5$084d8ea0$0370a8c0@PCSvenOla> Hi, the native FEC is already included. But I may missed the changes necessary to pull in the shared lib. Maybe the quality assurance office is of some help C:\TMP>tar tvzf freenet-v1118-mips.tgz contrib/NativeBigInteger/lib/net/i2p/util/libjbigi-linux-mips.so contrib/fec/lib/linux/mips/ contrib/fec/lib/linux/mips/libfec16.so contrib/fec/lib/linux/mips/libfec8.so contrib/wrapper/lib/libwrapper.so contrib/wrapper/bin/wrapper // Sven-Ola ----- Original Message ----- From: "Matthew Toseland" To: "Discussion of development issues" Sent: Wednesday, March 05, 2008 12:05 PM Subject: Re: [freenet-dev] Freenet on Mips You won't have a native FEC library, so decoding downloads will be *really* slow. From toad at amphibian.dyndns.org Wed Mar 5 11:45:58 2008 From: toad at amphibian.dyndns.org (Matthew Toseland) Date: Wed, 5 Mar 2008 11:45:58 +0000 Subject: [freenet-dev] Freenet on Mips In-Reply-To: <20080305112225.GE3547@freenetproject.org> References: <200803032334.01205.sven-ola@gmx.de> <200803051105.36617.toad@amphibian.dyndns.org> <20080305112225.GE3547@freenetproject.org> Message-ID: <200803051146.05424.toad@amphibian.dyndns.org> On Wednesday 05 March 2008 11:22, Florent Daigni?re wrote: > * Matthew Toseland [2008-03-05 11:05:30]: > > > You won't have a native FEC library, so decoding downloads will be *really* > > slow. > > Why won't he have one ? He can probably manage to compile NativeFec on > his own. Oh, MIPS is 32-bit? But isn't it little-endian? > > > > > On Wednesday 05 March 2008 09:04, Sven-Ola T?cke wrote: > > > Jep. Got it up and running. A bit memory consuming though - needs > > > optimization. Requires two more patches to these files: > > > > > > freenet/src/freenet/support/LibraryLoader.java > > > freenet/src/net/i2p/util/NativeBigInteger.java > > > > > > as well as relaxing two junit tests for ECJ in: > > > > > > freenet/test/freenet/crypt/DSAGroupGeneratorTest.java > > > freenet/test/freenet/io/AddressIdentifierTest.java > > > > > > I uploaded my stuff to > > > http://download-master.berlin.freifunk.net/sven-ola/freenet-v1118/ > > > > > > freenet-v1118-mips.patch source patchset > > > freenet-v1118-mips.tgz compiled binaries for source tree > > > freenet07-mips.patch patches for installer > > > freenet07-mips.tgz prepared installer for mips > > > readme-freenet.txt some notes > > > > > > // Sven-Ola > > > > > > Am Dienstag 04 M?rz 2008 13:06:23 schrieb Florent Daigni?re: > > > [tofu removed] > > > > It requires 1.5 to compile but 1.4 is enough for it to run (some 1.5 > > > > optimizations will be disabled at runtime) > > > > > > > > NextGen$ > > > > > > > > > _______________________________________________ > > > Devl mailing list > > > Devl at freenetproject.org > > > http://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl > > > > > _______________________________________________ > > Devl mailing list > > Devl at freenetproject.org > > http://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl > -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://emu.freenetproject.org/pipermail/devl/attachments/20080305/a00f2297/attachment.pgp From toad at amphibian.dyndns.org Wed Mar 5 11:46:39 2008 From: toad at amphibian.dyndns.org (Matthew Toseland) Date: Wed, 5 Mar 2008 11:46:39 +0000 Subject: [freenet-dev] Freenet on Mips In-Reply-To: <003c01c87eb5$084d8ea0$0370a8c0@PCSvenOla> References: <200803032334.01205.sven-ola@gmx.de> <200803051105.36617.toad@amphibian.dyndns.org> <003c01c87eb5$084d8ea0$0370a8c0@PCSvenOla> Message-ID: <200803051146.39642.toad@amphibian.dyndns.org> On Wednesday 05 March 2008 11:35, Sven-Ola Tuecke wrote: > Hi, > > the native FEC is already included. But I may missed the changes necessary > to pull in the shared lib. Maybe the quality assurance office is of some > help Does it work? > > C:\TMP>tar tvzf freenet-v1118-mips.tgz > contrib/NativeBigInteger/lib/net/i2p/util/libjbigi-linux-mips.so > contrib/fec/lib/linux/mips/ > contrib/fec/lib/linux/mips/libfec16.so > contrib/fec/lib/linux/mips/libfec8.so > contrib/wrapper/lib/libwrapper.so > contrib/wrapper/bin/wrapper > > // Sven-Ola > > ----- Original Message ----- > From: "Matthew Toseland" > To: "Discussion of development issues" > Sent: Wednesday, March 05, 2008 12:05 PM > Subject: Re: [freenet-dev] Freenet on Mips > > > You won't have a native FEC library, so decoding downloads will be *really* > slow. > > _______________________________________________ > Devl mailing list > Devl at freenetproject.org > http://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl > > -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://emu.freenetproject.org/pipermail/devl/attachments/20080305/0d2a498d/attachment.pgp From sven-ola at gmx.de Wed Mar 5 11:56:06 2008 From: sven-ola at gmx.de (Sven-Ola Tuecke) Date: Wed, 5 Mar 2008 12:56:06 +0100 Subject: [freenet-dev] Freenet on Mips References: <200803032334.01205.sven-ola@gmx.de><20080304120621.GL3501@freenetproject.org><200803051004.58352.sven-ola@gmx.de> <200803051105.36617.toad@amphibian.dyndns.org> Message-ID: <005b01c87eb7$e9f87bb0$0370a8c0@PCSvenOla> Some more words. You may have some headache by not beeing able to compile for yourself. It should be possible to cross-compile that binaries too - so these are the options: - I can offer a shell access to that box (for assorted devs of course) - Grab,compile,integrate openembedded/libc6 cross tool chain - Grab,compile,itnegrate openwrt/uclibc cross tool chain Depends on how often that binary stuff needs an API change cycle. I currently own 3 of that boxes and there are plenty more in our berlin mesh network if I can manage to limit memory a bit to fit into 64 Mb RAM. Proposed livetime depends on usage - a direct function of it's local usefulness - which is currently unclear... // Sven-Ola From sven-ola at gmx.de Wed Mar 5 12:09:00 2008 From: sven-ola at gmx.de (Sven-Ola Tuecke) Date: Wed, 5 Mar 2008 13:09:00 +0100 Subject: [freenet-dev] Freenet on Mips References: <200803032334.01205.sven-ola@gmx.de><200803051105.36617.toad@amphibian.dyndns.org><003c01c87eb5$084d8ea0$0370a8c0@PCSvenOla> <200803051146.39642.toad@amphibian.dyndns.org> Message-ID: <002f01c87eb9$b93077b0$0370a8c0@PCSvenOla> Works - at least that was my impression. I cannot run too long, because our local mesh network policy officer says: "no udp conntracks > 1000" via the inet gateways. My target is a local darknet on wireless anyhow. And yes: MIPS is divided in "mipsel" (le) und "mips" (be), endianess is switchable but normally once configured by the boot loader (uboot, redboot). My hacks are "mipsel" actually - which needs more tweaks (next week). Haven't I wrote this is experimental and half-bakened stuff? // Sven-Ola ----- Original Message ----- From: "Matthew Toseland" To: "Discussion of development issues" Sent: Wednesday, March 05, 2008 12:46 PM Subject: Re: [freenet-dev] Freenet on Mips Does it work? From freenet-devl at david.sowder.com Wed Mar 5 14:09:20 2008 From: freenet-devl at david.sowder.com (David Sowder) Date: Wed, 05 Mar 2008 08:09:20 -0600 Subject: [freenet-dev] Proposal for Seednode harvesting In-Reply-To: <200801182251.23636.toad@amphibian.dyndns.org> References: <478D1C04.8010105@users.sourceforge.net> <200801181144.23804.toad@amphibian.dyndns.org> <4790F2DD.9050304@users.sourceforge.net> <200801182251.23636.toad@amphibian.dyndns.org> Message-ID: <47CEA990.1010103@david.sowder.com> Reading through some old threads (catching up on some of the devl@ traffic I hadn't read yet), Matthew mentioned something that gave me an idea. Perhaps the seednodes could connect to each other, verifying each other as valid seednodes. If there are trust concerns with just anybody's box being a seednode because of attackers and such, perhaps there could be two tiers of seednode, the first tier would be between only those were manually added to the first tier group of seednodes. The second tier could be automatically joined and verified by the trusted first tier. If this two tier seednode pool approach looks good and is implemented, I see a potential for the seedserver to merely need to talk to the first tier seednodes (to verify they're up ATM) and maintain a roundrobin A record list for a hostname such as seeds70.freenetproject.org (this layer can potentially have a pretty decent level of redundancy to mitigate DoS attacks). Seedclients could then be coded such that they merely need to make a connection to one (or more) of the seednodes listed in DNS at seeds70.freenetproject.org to get a list of FNP-level seednodes (i.e. members of the first and second tier seednodes) to connect to be used for announcement. The first tier seednodes could use a common pool of public/private key pairs, the public keys of which would be shipped with the installer. The installer has already passed a signature check at this point, so either the public keys are good and work on the seednodes listed at seeds70.freenetproject.org or the installer has been compromised and the public keys aren't good on an uncompromised seeds70.freenetproject.org, forcing both the installer mirror network source and the seeds70.freenetproject.org source to be compromised to silently compromise a seedclient. the installer mirror network and the seeds70.freenetproject.org source maintenance could be maintained in separate VMs on emu at a minimum and potentially on separate, geographically separated systems at the extreme. Both could be monitored by a stealth set of parallel operations (private instances of the seedserver software, not made public necessarily outside of the core devs and/or first tier seednode operators and potentially, private jar file build farms, pulling from public SVN/in-Freenet DVCS). If the seeds70.freenetproject.org list doesn't change too terribly quickly, the list could also be published in Freenet allowing potentially anonymous third-party verification. OK, now you can pick it apart... :) Matthew Toseland wrote: > On Friday 18 January 2008 18:41, Michael T?nzer wrote: > >> Matthew Toseland schrieb: >> >>> On Thursday 17 January 2008 23:06, Michael T?nzer wrote: >>> >>>> Michael T?nzer schrieb: >>>> >>>>> Matthew Toseland schrieb: >>>>> >>>>>> On Thursday 17 January 2008 03:23, Michael T?nzer (vid,smtp2) wrote: >>>>>> >>>>>>> Matthew Toseland schrieb: >>>>>>> As we probably don't want to run a node on our server itself (we >>>>>>> > could, > >>>>>>> but would it have enough ressources to serve the important things like >>>>>>> web pages, SVN and stuff even if we are /.ed?) the Seedserver has to >>>>>>> have a connection to a node somewhere and as we have some Nodes which >>>>>>> should be available anyway, why not use them? This also balances the >>>>>>> load between the Seednodes, avoids another single point of failure and >>>>>>> makes sure they're online so we don't have to recheck apart from that. >>>>>>> We don't have to be connected to all of our Seednodes all the time. >>>>>>> > Just > >>>>>>> if we want to verify a new Seednode we establish a new connection to >>>>>>> > one > >>>>>>> of our Seednodes on the Port which on which the Seedservice runs and >>>>>>> verify that it's us. >>>>>>> >>>>>> You mean for the seed server to connect to the seednodes (easily >>>>>> >>> spoofed), or >>> >>>>>> for the seednodes to connect to each other (somewhat less easily >>>>>> >>> spoofed)? >>> >>>>> For the Seedserver connecting to the Seednodes. >>>>> How is it supposed to be spoofed? >>>>> - Each packet that doesn't come from our Seedservers IP is dropped >>>>> - To accept the package it has to be encrypted with our public key >>>>> (which _should_ only be known to us) >>>>> >>>> Doh, of course the public key is known by someone else (otherwise it >>>> wouldn't be public) it should be only known by the _SeedServer_ because >>>> he's the only one we gave it to. But it also shouldn't be a problem if >>>> it get's known in public, then the second part of the identification >>>> process comes into play: >>>> >>> That's not what I mean. I mean an attacker's bogus seednodes know the IP >>> > of > >>> the seed server and can easily only respond to that IP address, thus >>> > saving > >>> lots of bandwidth and not providing any useful service to any other node. >>> Also, if it's only verified shortly after adding, they can use this info >>> > too. > >> That's what my proposal in the other mail prevents: There are a few >> trusted nodes (not SeedNodes) which report to the SeedServer when >> they've found a SeedServer wich is not responding/only sending bogus but >> they will connect on random not on command of the SeedServer, so it >> should be harder to discover who our trusted nodes are (maybe every Node >> reports but only a few are trusted (maybe with a certain probability to >> reduce traffic), so the traffic of the trusted Nodes is covered by the >> untrusted ones). But I think we would still need the other check to >> avoid good SeedNodes getting blacklisted because if we can't connect >> with at all (neither with Seednodes nor with trusted peers) that's >> likely to be a nodecrash or something but if a SeedNode is connectable >> to other SeedNodes but not to trusted peers that is likely to be >> malicious and the IP should be blacklisted for 24 hours. >> > > Hmm maybe, sounds complicated... > >> And I believe it's important to set a limit to the number of SeedNodes. >> So if we've got 20 good SeedNodes an attacker can do whatever he wants >> (ha can do perform headstands as we say in Germany) he won't appear on >> our seednodes.fref. If some attacker is on our list and we detect it, >> we'll kick him from our list and hopefully another good SeedNode will >> turn in for him. >> > > Well he can always try social engineering - ask to be on the list, we'll > probably put him on it. > > But if we can get 20 from people we know, and IF that is sufficient to deal > with a major slashdotting, then we don't need auto-harvesting. > >> Backdraws: >> - an attacker will try to turn down the good SeedNodes so they will be >> listed as disconnected (maybe we should keep a list of disconnected good >> SeedNodes which we will try to connect to on their SeedService so >> another good SeedNode can take turn for the DoSed one) >> > > Yeah, this may be a problem.. you've moved from finding trusted seed nodes to > finding trusted verifier nodes, you still have the same basic problem, > although you hopefully don't need may of them. > > >> - If an attacker has turned down a SeedNode he will start to connect >> with his fake nodes immediately but our unlisted good SeedNodes probably >> don't know when to connect and when they check back whether a slot has >> been freed, they will be too late. >> > > Another problem is preventing the attacker from getting a full seednodes list. > This we need to deal with anyway, maybe by giving out a different set to each > IP. > >> As an attacker will (hopefully) be likely to not stay long on the list, >> we probably want to add some Captcha/hashcash/essay why he should be on >> the list/whever to prevent scripting (maybe provide some timed captcha >> (a captcha which times out, so it needs to be answered quick and is less >> likely to be passed on) which is asked for when the "SeedNode-mode" is >> enabled and all SeedNodes which solved that captcha are kept on a list >> (the list also includes NodeRef, SeedService-Port and public key), from >> which a node is choosen at random to go through the verification process >> (another SeedNode fetches ref through it etc.). >> > > This is to become a super-seednode? > >> Well this is getting pretty complicated but it should do the job and as >> we don't want the access to freenet (the process on which we afterwards >> build our anonymity) to be insecure or not working (this will push >> people to return to the "old ways" (ref trading)) and haven't come up >> with a better/easier solution we could either stay with the old system >> (which afaics not working because people actually have to do a bit of >> work (they have to paste the noderef into an email, adress it to toad >> and enable encryption) which is against the 5-clicks rule, which is >> solved when people only have to enable SeedNoding and solve a captcha) >> or implement the new (although pretty complicated) system. >> >> But maybe someone has a simpler solution or can point out where we can >> reduce complexity in the given one. >> >> >>>>> - The SeedServer has to verify itself, by sending back a random number >>>>> encrypted with it's public key (only the SeedServer knows the private >>>>> key to decrypt it an send it back) >>>>> >>> I accept that you can't MITM the SeedServer ... but you can watch its >>> > traffic > >>> and identify seednodes. That's probably unavoidable. >>> >> As SeedNodes are public anyway (unless we do it even more complicated >> and let one user only see 3 SeedNode-refs which is IMHO not working) >> they don't need to be identified via watching traffic, so yes that's >> unavoidable. >> From toad at amphibian.dyndns.org Wed Mar 5 20:12:32 2008 From: toad at amphibian.dyndns.org (Matthew Toseland) Date: Wed, 5 Mar 2008 20:12:32 +0000 Subject: [freenet-dev] Firefox and Freenet Message-ID: <200803052012.37034.toad@amphibian.dyndns.org> Firefox is able to create profiles, and run two of them at once (at least my iceweasel is). I propose that the browse freenet script creates a new firefox profile called Freeet (if it doesn't already exist), creates a user.js telling it to use a lot of connections, turn off javascript, etc (if necessary), and then launch it. One big reason for Freenet being slow is that web browsers used to access it use very few connections. By turning off persistent connections, we have increased that from 2 to 8 connections for firefox, but freenet would work better (due to its high latency) with more. This especially impacts the performance of node when the user has just installed it. I have tried implementing inline-image-prefetching, but this does not seem to help. It is likely that there are other bottlenecks e.g. poor initial connections, and the node's not sending its own requests in preference to those of others because of anonymity. However, IMHO the above should still help. Is it possible to automatically create a firefox profile from a batch file/shell script, and then add the settings we need? We cannot expect the average user to tweak the settings in about:config, even if we detect that they need to and tell them. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://emu.freenetproject.org/pipermail/devl/attachments/20080305/ec055cfe/attachment.pgp From colin at sq7.org Wed Mar 5 22:13:22 2008 From: colin at sq7.org (Colin Davis) Date: Wed, 05 Mar 2008 17:13:22 -0500 Subject: [freenet-dev] Firefox and Freenet In-Reply-To: <200803052012.37034.toad@amphibian.dyndns.org> References: <200803052012.37034.toad@amphibian.dyndns.org> Message-ID: <47CF1B02.7090009@sq7.org> As a ignorant user, I think that's as a general principal, Freenet should try to be as browser agnostic as possible.. 1) Firefox may not be the dominant browser down the line- Freenet shouldn't constantly chase the tale of different browsers. 2) Most users don't use Firefox currently. Most general web users still use IE or Safari, depending on what their PC shipped with. 3) Freenet is a server process, and optimization shouldn't suffer unless absolutely necessary over a network. 4) It's considered "impolite" to modify settings in programs that you didn't ship. You don't want Freenet to get a reputation as a invading your system. 5) I think there may be other ways to fix the problem. One of the way to get around the persistent connection limit is to connect to Freenet on multiple hostnames, or DNS addresses. For example, if Freenet is running on the local system, the URLS on the page could be given multiple ways. For example, if we had a page of activelinks, freenet could return them as: http://127.0.0.1/CHK/foo1.png http://127.0.0.1/CHK/foo2.png http://localhost/CHK/foo3.png http://localhost/CHK/foo3.png http://192.168.1.15/CHK/foo5.png http://0.0.0.0/CHK/foo5.png (Linux only) By varying the URL, you increase the number of connections to the max per browser, rather than the max per server. See: http://www.ajaxperformance.com/2006/12/18/circumventing-browser-connection-limits-for-fun-and-profit/ Matthew Toseland wrote: > Firefox is able to create profiles, and run two of them at once (at least my > iceweasel is). I propose that the browse freenet script creates a new firefox > profile called Freeet (if it doesn't already exist), creates a user.js > telling it to use a lot of connections, turn off javascript, etc (if > necessary), and then launch it. > > One big reason for Freenet being slow is that web browsers used to access it > use very few connections. By turning off persistent connections, we have > increased that from 2 to 8 connections for firefox, but freenet would work > better (due to its high latency) with more. This especially impacts the > performance of node when the user has just installed it. > > I have tried implementing inline-image-prefetching, but this does not seem to > help. It is likely that there are other bottlenecks e.g. poor initial > connections, and the node's not sending its own requests in preference to > those of others because of anonymity. However, IMHO the above should still > help. > > Is it possible to automatically create a firefox profile from a batch > file/shell script, and then add the settings we need? We cannot expect the > average user to tweak the settings in about:config, even if we detect that > they need to and tell them. > > ------------------------------------------------------------------------ > > _______________________________________________ > Devl mailing list > Devl at freenetproject.org > http://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl From nextgens at freenetproject.org Thu Mar 6 02:46:15 2008 From: nextgens at freenetproject.org (Florent =?iso-8859-1?Q?Daigni=E8re?=) Date: Thu, 6 Mar 2008 03:46:15 +0100 Subject: [freenet-dev] Firefox and Freenet In-Reply-To: <47CF1B02.7090009@sq7.org> References: <200803052012.37034.toad@amphibian.dyndns.org> <47CF1B02.7090009@sq7.org> Message-ID: <20080306024613.GE3507@freenetproject.org> * Colin Davis [2008-03-05 17:13:22]: > As a ignorant user, I think that's as a general principal, Freenet > should try to be as browser agnostic as possible.. > > 1) Firefox may not be the dominant browser down the line- Freenet > shouldn't constantly chase the tale of different browsers. > 2) Most users don't use Firefox currently. Most general web users still > use IE or Safari, depending on what their PC shipped with. > 3) Freenet is a server process, and optimization shouldn't suffer unless > absolutely necessary over a network. > 4) It's considered "impolite" to modify settings in programs that you > didn't ship. You don't want Freenet to get a reputation as a invading > your system. > 5) I think there may be other ways to fix the problem. Which ones ? The one you propose below can't work. > > One of the way to get around the persistent connection limit is to > connect to Freenet on multiple hostnames, or DNS addresses. Isn't it a per-ip setting ? I don't see the point of limiting the number of simultaneous connections at all if it's not on a per ip basis. > For example, if Freenet is running on the local system, the URLS on the > page could be given multiple ways. How do you detect it's running on the local system ? What if it isn't ? NextGen$ -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: Digital signature Url : http://emu.freenetproject.org/pipermail/devl/attachments/20080306/d7b0d241/attachment.pgp From toad at amphibian.dyndns.org Thu Mar 6 11:49:30 2008 From: toad at amphibian.dyndns.org (Matthew Toseland) Date: Thu, 6 Mar 2008 11:49:30 +0000 Subject: [freenet-dev] Firefox and Freenet In-Reply-To: <47CF1B02.7090009@sq7.org> References: <200803052012.37034.toad@amphibian.dyndns.org> <47CF1B02.7090009@sq7.org> Message-ID: <200803061149.39726.toad@amphibian.dyndns.org> On Wednesday 05 March 2008 22:13, Colin Davis wrote: > As a ignorant user, I think that's as a general principal, Freenet > should try to be as browser agnostic as possible.. > > 1) Firefox may not be the dominant browser down the line- Freenet > shouldn't constantly chase the tale of different browsers. > 2) Most users don't use Firefox currently. Most general web users still > use IE or Safari, depending on what their PC shipped with. Both IE and Safari have *MAJOR* problems with Freenet. Safari waits for all the images to be loaded before even attempting to render the page; IE autodetects HTML even when it is told that a page is plain text (which is a major security breach as an attacker can then send unfiltered HTML including webbugs and scripting). Therefore neither is appropriate for Freenet. I'd seriously consider a browser plugin at this point, but it'd probably need to be a full browser fork and there's no way we have the resources for one. > 3) Freenet is a server process, and optimization shouldn't suffer unless > absolutely necessary over a network. > 4) It's considered "impolite" to modify settings in programs that you > didn't ship. You don't want Freenet to get a reputation as a invading > your system. True enough, but the alternatives are: - Doing nothing. This sucks. - Telling the user to change the settings manually. But if they do, their browser will be detectable (with a few false positives) as having been modified to work better with Freenet. - Creating a Firefox profile for Freenet, and using that. This may result in the user when they open a browser normally being asked to select a profile. > 5) I think there may be other ways to fix the problem. > > One of the way to get around the persistent connection limit is to > connect to Freenet on multiple hostnames, or DNS addresses. > For example, if Freenet is running on the local system, the URLS on the > page could be given multiple ways. Doesn't work on a LAN. On localhost, we could conceivably listen on 127.0.0.1, 127.0.0.2, 127.0.0.3 etc. Rewriting URLs as absolute links referring to different hosts is posssible if we're on localhost (which we can tell from the IP on the other end of the connection). So you have a point to some degree. Although the whole purpose of having a higher global limit is to leave some slack for other servers, and we'd break this, so if the user has other browser windows open they may not work. > > For example, if we had a page of activelinks, freenet could return them as: > > http://127.0.0.1/CHK/foo1.png > http://127.0.0.1/CHK/foo2.png > http://localhost/CHK/foo3.png > http://localhost/CHK/foo3.png > http://192.168.1.15/CHK/foo5.png > http://0.0.0.0/CHK/foo5.png (Linux only) > > By varying the URL, you increase the number of connections to the max > per browser, rather than the max per server. > > See: > http://www.ajaxperformance.com/2006/12/18/circumventing-browser-connection-limits-for-fun-and-profit/ -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://emu.freenetproject.org/pipermail/devl/attachments/20080306/70916253/attachment.pgp From toad at amphibian.dyndns.org Thu Mar 6 12:42:38 2008 From: toad at amphibian.dyndns.org (Matthew Toseland) Date: Thu, 6 Mar 2008 12:42:38 +0000 Subject: [freenet-dev] Firefox and Freenet In-Reply-To: <200803061149.39726.toad@amphibian.dyndns.org> References: <200803052012.37034.toad@amphibian.dyndns.org> <47CF1B02.7090009@sq7.org> <200803061149.39726.toad@amphibian.dyndns.org> Message-ID: <200803061242.44574.toad@amphibian.dyndns.org> On Thursday 06 March 2008 11:49, Matthew Toseland wrote: > On Wednesday 05 March 2008 22:13, Colin Davis wrote: > > As a ignorant user, I think that's as a general principal, Freenet > > should try to be as browser agnostic as possible.. > > > > 1) Firefox may not be the dominant browser down the line- Freenet > > shouldn't constantly chase the tale of different browsers. > > 2) Most users don't use Firefox currently. Most general web users still > > use IE or Safari, depending on what their PC shipped with. > > Both IE and Safari have *MAJOR* problems with Freenet. Safari waits for all > the images to be loaded before even attempting to render the page; IE > autodetects HTML even when it is told that a page is plain text (which is a > major security breach as an attacker can then send unfiltered HTML including > webbugs and scripting). Therefore neither is appropriate for Freenet. I'd > seriously consider a browser plugin at this point, but it'd probably need to > be a full browser fork and there's no way we have the resources for one. > > > 3) Freenet is a server process, and optimization shouldn't suffer unless > > absolutely necessary over a network. > > 4) It's considered "impolite" to modify settings in programs that you > > didn't ship. You don't want Freenet to get a reputation as a invading > > your system. > > True enough, but the alternatives are: > - Doing nothing. This sucks. > - Telling the user to change the settings manually. But if they do, their > browser will be detectable (with a few false positives) as having been > modified to work better with Freenet. > - Creating a Firefox profile for Freenet, and using that. This may result in > the user when they open a browser normally being asked to select a profile. Actually there is one problem with this: when you load firefox without any arguments, it uses the previous profile. :( > > > 5) I think there may be other ways to fix the problem. > > > > One of the way to get around the persistent connection limit is to > > connect to Freenet on multiple hostnames, or DNS addresses. > > For example, if Freenet is running on the local system, the URLS on the > > page could be given multiple ways. > > Doesn't work on a LAN. On localhost, we could conceivably listen on 127.0.0.1, > 127.0.0.2, 127.0.0.3 etc. Rewriting URLs as absolute links referring to > different hosts is posssible if we're on localhost (which we can tell from > the IP on the other end of the connection). So you have a point to some > degree. Although the whole purpose of having a higher global limit is to > leave some slack for other servers, and we'd break this, so if the user has > other browser windows open they may not work. > > > > For example, if we had a page of activelinks, freenet could return them as: > > > > http://127.0.0.1/CHK/foo1.png > > http://127.0.0.1/CHK/foo2.png > > http://localhost/CHK/foo3.png > > http://localhost/CHK/foo3.png > > http://192.168.1.15/CHK/foo5.png > > http://0.0.0.0/CHK/foo5.png (Linux only) > > > > By varying the URL, you increase the number of connections to the max > > per browser, rather than the max per server. > > > > See: > > > http://www.ajaxperformance.com/2006/12/18/circumventing-browser-connection-limits-for-fun-and-profit/ > -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://emu.freenetproject.org/pipermail/devl/attachments/20080306/fdce69ac/attachment.pgp From jUrner at arcor.de Thu Mar 6 13:01:17 2008 From: jUrner at arcor.de (juergen urner) Date: Thu, 06 Mar 2008 14:01:17 +0100 Subject: [freenet-dev] Firefox and Freenet In-Reply-To: <200803061149.39726.toad@amphibian.dyndns.org> References: <200803052012.37034.toad@amphibian.dyndns.org> <47CF1B02.7090009@sq7.org> <200803061149.39726.toad@amphibian.dyndns.org> Message-ID: <47CFEB1D.70200@arcor.de> Matthew Toseland schrieb: > On Wednesday 05 March 2008 22:13, Colin Davis wrote: > >> As a ignorant user, I think that's as a general principal, Freenet >> should try to be as browser agnostic as possible.. >> >> 1) Firefox may not be the dominant browser down the line- Freenet >> shouldn't constantly chase the tale of different browsers. >> 2) Most users don't use Firefox currently. Most general web users still >> use IE or Safari, depending on what their PC shipped with. >> > > Both IE and Safari have *MAJOR* problems with Freenet. Safari waits for all > the images to be loaded before even attempting to render the page; IE > autodetects HTML even when it is told that a page is plain text (which is a > major security breach as an attacker can then send unfiltered HTML including > webbugs and scripting). Therefore neither is appropriate for Freenet. I'd > seriously consider a browser plugin at this point, but it'd probably need to > be a full browser fork and there's no way we have the resources for one. > > >> 3) Freenet is a server process, and optimization shouldn't suffer unless >> absolutely necessary over a network. >> 4) It's considered "impolite" to modify settings in programs that you >> didn't ship. You don't want Freenet to get a reputation as a invading >> your system. >> > > True enough, but the alternatives are: > - Doing nothing. This sucks. > - Telling the user to change the settings manually. But if they do, their > browser will be detectable (with a few false positives) as having been > modified to work better with Freenet. > - Creating a Firefox profile for Freenet, and using that. This may result in > the user when they open a browser normally being asked to select a profile. > > >> 5) I think there may be other ways to fix the problem. >> >> One of the way to get around the persistent connection limit is to >> connect to Freenet on multiple hostnames, or DNS addresses. >> For example, if Freenet is running on the local system, the URLS on the >> page could be given multiple ways. >> > > Doesn't work on a LAN. On localhost, we could conceivably listen on 127.0.0.1, > 127.0.0.2, 127.0.0.3 etc. Rewriting URLs as absolute links referring to > different hosts is posssible if we're on localhost (which we can tell from > the IP on the other end of the connection). So you have a point to some > degree. Although the whole purpose of having a higher global limit is to > leave some slack for other servers, and we'd break this, so if the user has > other browser windows open they may not work. > >> For example, if we had a page of activelinks, freenet could return them as: >> >> http://127.0.0.1/CHK/foo1.png >> http://127.0.0.1/CHK/foo2.png >> http://localhost/CHK/foo3.png >> http://localhost/CHK/foo3.png >> http://192.168.1.15/CHK/foo5.png >> http://0.0.0.0/CHK/foo5.png (Linux only) >> >> By varying the URL, you increase the number of connections to the max >> per browser, rather than the max per server. >> >> See: >> >> > http://www.ajaxperformance.com/2006/12/18/circumventing-browser-connection-limits-for-fun- Sorry for jumping in.... Can of worms. You shouldn't even consider manipulating any data or trying to find out wich proggies a user uses along with Freenet. As soon as so. finds out Freenet is sniffing their os or is performing strange hacks Freenet will be dead. There is nothig you can do to keep a user from doing something stupid in FProxy as long as FProxy needs ie, ff, whatever. Even my notepad has the strange habit of phoning home when I throw certain control chars at it. You should separate client and node stuff better. FProxy is a client like any other client. If it sucks, kick it ...or leave a note to users. ...and leave it up to client devels to come up with somthing that works. Everything else is taking devel time from me ...the client. Juergen From ian.clarke at gmail.com Thu Mar 6 13:52:42 2008 From: ian.clarke at gmail.com (Ian Clarke) Date: Thu, 6 Mar 2008 07:52:42 -0600 Subject: [freenet-dev] Firefox and Freenet In-Reply-To: <200803061149.39726.toad@amphibian.dyndns.org> References: <200803052012.37034.toad@amphibian.dyndns.org> <47CF1B02.7090009@sq7.org> <200803061149.39726.toad@amphibian.dyndns.org> Message-ID: <823242bd0803060552n16c51e60l9fcf9759c3444f62@mail.gmail.com> Simple fix for the safari problem: don't include active links in the front page... This can be done by checking the user agent string. Ian. On Thu, Mar 6, 2008 at 5:49 AM, Matthew Toseland wrote: > On Wednesday 05 March 2008 22:13, Colin Davis wrote: > > As a ignorant user, I think that's as a general principal, Freenet > > should try to be as browser agnostic as possible.. > > > > 1) Firefox may not be the dominant browser down the line- Freenet > > shouldn't constantly chase the tale of different browsers. > > 2) Most users don't use Firefox currently. Most general web users still > > use IE or Safari, depending on what their PC shipped with. > > Both IE and Safari have *MAJOR* problems with Freenet. Safari waits for all > the images to be loaded before even attempting to render the page; IE > autodetects HTML even when it is told that a page is plain text (which is a > major security breach as an attacker can then send unfiltered HTML including > webbugs and scripting). Therefore neither is appropriate for Freenet. I'd > seriously consider a browser plugin at this point, but it'd probably need to > be a full browser fork and there's no way we have the resources for one. > > > > 3) Freenet is a server process, and optimization shouldn't suffer unless > > absolutely necessary over a network. > > 4) It's considered "impolite" to modify settings in programs that you > > didn't ship. You don't want Freenet to get a reputation as a invading > > your system. > > True enough, but the alternatives are: > - Doing nothing. This sucks. > - Telling the user to change the settings manually. But if they do, their > browser will be detectable (with a few false positives) as having been > modified to work better with Freenet. > - Creating a Firefox profile for Freenet, and using that. This may result in > the user when they open a browser normally being asked to select a profile. > > > > 5) I think there may be other ways to fix the problem. > > > > One of the way to get around the persistent connection limit is to > > connect to Freenet on multiple hostnames, or DNS addresses. > > For example, if Freenet is running on the local system, the URLS on the > > page could be given multiple ways. > > Doesn't work on a LAN. On localhost, we could conceivably listen on 127.0.0.1, > 127.0.0.2, 127.0.0.3 etc. Rewriting URLs as absolute links referring to > different hosts is posssible if we're on localhost (which we can tell from > the IP on the other end of the connection). So you have a point to some > degree. Although the whole purpose of having a higher global limit is to > leave some slack for other servers, and we'd break this, so if the user has > other browser windows open they may not work. > > > > > > For example, if we had a page of activelinks, freenet could return them as: > > > > http://127.0.0.1/CHK/foo1.png > > http://127.0.0.1/CHK/foo2.png > > http://localhost/CHK/foo3.png > > http://localhost/CHK/foo3.png > > http://192.168.1.15/CHK/foo5.png > > http://0.0.0.0/CHK/foo5.png (Linux only) > > > > By varying the URL, you increase the number of connections to the max > > per browser, rather than the max per server. > > > > See: > > > http://www.ajaxperformance.com/2006/12/18/circumventing-browser-connection-limits-for-fun-and-profit/ > > _______________________________________________ > Devl mailing list > Devl at freenetproject.org > http://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl > -- Email: ian at uprizer.com Cell: +1 512 422 3588 Skype: sanity From nextgens at freenetproject.org Thu Mar 6 14:03:35 2008 From: nextgens at freenetproject.org (Florent =?iso-8859-1?Q?Daigni=E8re?=) Date: Thu, 6 Mar 2008 15:03:35 +0100 Subject: [freenet-dev] Firefox and Freenet In-Reply-To: <823242bd0803060552n16c51e60l9fcf9759c3444f62@mail.gmail.com> References: <200803052012.37034.toad@amphibian.dyndns.org> <47CF1B02.7090009@sq7.org> <200803061149.39726.toad@amphibian.dyndns.org> <823242bd0803060552n16c51e60l9fcf9759c3444f62@mail.gmail.com> Message-ID: <20080306140332.GA3519@freenetproject.org> * Ian Clarke [2008-03-06 07:52:42]: > Simple fix for the safari problem: don't include active links in the > front page... > > This can be done by checking the user agent string. > > Ian. In fact I have reintroduced active-links on the front-page because users weren't clicking on bookmarks... and where asking about "what the key box is". NextGen$ > > On Thu, Mar 6, 2008 at 5:49 AM, Matthew Toseland > wrote: > > On Wednesday 05 March 2008 22:13, Colin Davis wrote: > > > As a ignorant user, I think that's as a general principal, Freenet > > > should try to be as browser agnostic as possible.. > > > > > > 1) Firefox may not be the dominant browser down the line- Freenet > > > shouldn't constantly chase the tale of different browsers. > > > 2) Most users don't use Firefox currently. Most general web users still > > > use IE or Safari, depending on what their PC shipped with. > > > > Both IE and Safari have *MAJOR* problems with Freenet. Safari waits for all > > the images to be loaded before even attempting to render the page; IE > > autodetects HTML even when it is told that a page is plain text (which is a > > major security breach as an attacker can then send unfiltered HTML including > > webbugs and scripting). Therefore neither is appropriate for Freenet. I'd > > seriously consider a browser plugin at this point, but it'd probably need to > > be a full browser fork and there's no way we have the resources for one. > > > > > > > 3) Freenet is a server process, and optimization shouldn't suffer unless > > > absolutely necessary over a network. > > > 4) It's considered "impolite" to modify settings in programs that you > > > didn't ship. You don't want Freenet to get a reputation as a invading > > > your system. > > > > True enough, but the alternatives are: > > - Doing nothing. This sucks. > > - Telling the user to change the settings manually. But if they do, their > > browser will be detectable (with a few false positives) as having been > > modified to work better with Freenet. > > - Creating a Firefox profile for Freenet, and using that. This may result in > > the user when they open a browser normally being asked to select a profile. > > > > > > > 5) I think there may be other ways to fix the problem. > > > > > > One of the way to get around the persistent connection limit is to > > > connect to Freenet on multiple hostnames, or DNS addresses. > > > For example, if Freenet is running on the local system, the URLS on the > > > page could be given multiple ways. > > > > Doesn't work on a LAN. On localhost, we could conceivably listen on 127.0.0.1, > > 127.0.0.2, 127.0.0.3 etc. Rewriting URLs as absolute links referring to > > different hosts is posssible if we're on localhost (which we can tell from > > the IP on the other end of the connection). So you have a point to some > > degree. Although the whole purpose of having a higher global limit is to > > leave some slack for other servers, and we'd break this, so if the user has > > other browser windows open they may not work. > > > > > > > > > > For example, if we had a page of activelinks, freenet could return them as: > > > > > > http://127.0.0.1/CHK/foo1.png > > > http://127.0.0.1/CHK/foo2.png > > > http://localhost/CHK/foo3.png > > > http://localhost/CHK/foo3.png > > > http://192.168.1.15/CHK/foo5.png > > > http://0.0.0.0/CHK/foo5.png (Linux only) > > > > > > By varying the URL, you increase the number of connections to the max > > > per browser, rather than the max per server. > > > > > > See: > > > > > http://www.ajaxperformance.com/2006/12/18/circumventing-browser-connection-limits-for-fun-and-profit/ > > > > _______________________________________________ > > Devl mailing list > > Devl at freenetproject.org > > http://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl > > > > > > -- > Email: ian at uprizer.com > Cell: +1 512 422 3588 > Skype: sanity > _______________________________________________ > Devl mailing list > Devl at freenetproject.org > http://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: Digital signature Url : http://emu.freenetproject.org/pipermail/devl/attachments/20080306/7b46cedf/attachment.pgp From ian.clarke at gmail.com Thu Mar 6 14:06:18 2008 From: ian.clarke at gmail.com (Ian Clarke) Date: Thu, 6 Mar 2008 08:06:18 -0600 Subject: [freenet-dev] Firefox and Freenet In-Reply-To: <20080306140332.GA3519@freenetproject.org> References: <200803052012.37034.toad@amphibian.dyndns.org> <47CF1B02.7090009@sq7.org> <200803061149.39726.toad@amphibian.dyndns.org> <823242bd0803060552n16c51e60l9fcf9759c3444f62@mail.gmail.com> <20080306140332.GA3519@freenetproject.org> Message-ID: <823242bd0803060606jfe852bfg6a7fe2f7840779d9@mail.gmail.com> On Thu, Mar 6, 2008 at 8:03 AM, Florent Daigni?re wrote: > * Ian Clarke [2008-03-06 07:52:42]: > > > > Simple fix for the safari problem: don't include active links in the > > front page... > > > > This can be done by checking the user agent string. > > > > Ian. > > In fact I have reintroduced active-links on the front-page because users > weren't clicking on bookmarks... and where asking about "what the key > box is". Yes, but safari users aren't seeing the active links, they are seeing a blank page, for over 60 seconds. Ian. -- Email: ian at uprizer.com Cell: +1 512 422 3588 Skype: sanity From m.rogers at cs.ucl.ac.uk Thu Mar 6 14:51:33 2008 From: m.rogers at cs.ucl.ac.uk (Michael Rogers) Date: 06 Mar 2008 14:51:33 +0000 Subject: [freenet-dev] Firefox and Freenet In-Reply-To: <200803061149.39726.toad@amphibian.dyndns.org> References: <200803052012.37034.toad@amphibian.dyndns.org> <47CF1B02.7090009@sq7.org> <200803061149.39726.toad@amphibian.dyndns.org> Message-ID: On Mar 6 2008, Matthew Toseland wrote: > True enough, but the alternatives are: - Doing nothing. This sucks. - > Telling the user to change the settings manually. But if they do, their > browser will be detectable (with a few false positives) as having been > modified to work better with Freenet. - Creating a Firefox profile for > Freenet, and using that. This may result in the user when they open a > browser normally being asked to select a profile. (Sorry for the broken formatting.) It might be worth looking at Torbutton, a Firefox extentsion that switches between Tor settings and non-Tor settings: https://addons.mozilla.org/en-US/firefox/addon/2275 Cheers, Michael From toad at amphibian.dyndns.org Thu Mar 6 15:52:03 2008 From: toad at amphibian.dyndns.org (Matthew Toseland) Date: Thu, 6 Mar 2008 15:52:03 +0000 Subject: [freenet-dev] Firefox and Freenet In-Reply-To: <823242bd0803060552n16c51e60l9fcf9759c3444f62@mail.gmail.com> References: <200803052012.37034.toad@amphibian.dyndns.org> <200803061149.39726.toad@amphibian.dyndns.org> <823242bd0803060552n16c51e60l9fcf9759c3444f62@mail.gmail.com> Message-ID: <200803061552.10733.toad@amphibian.dyndns.org> On Thursday 06 March 2008 13:52, Ian Clarke wrote: > Simple fix for the safari problem: don't include active links in the > front page... > > This can be done by checking the user agent string. What is the user agent string for Safari? > > Ian. > > On Thu, Mar 6, 2008 at 5:49 AM, Matthew Toseland > wrote: > > On Wednesday 05 March 2008 22:13, Colin Davis wrote: > > > As a ignorant user, I think that's as a general principal, Freenet > > > should try to be as browser agnostic as possible.. > > > > > > 1) Firefox may not be the dominant browser down the line- Freenet > > > shouldn't constantly chase the tale of different browsers. > > > 2) Most users don't use Firefox currently. Most general web users still > > > use IE or Safari, depending on what their PC shipped with. > > > > Both IE and Safari have *MAJOR* problems with Freenet. Safari waits for all > > the images to be loaded before even attempting to render the page; IE > > autodetects HTML even when it is told that a page is plain text (which is a > > major security breach as an attacker can then send unfiltered HTML including > > webbugs and scripting). Therefore neither is appropriate for Freenet. I'd > > seriously consider a browser plugin at this point, but it'd probably need to > > be a full browser fork and there's no way we have the resources for one. > > > > > > > 3) Freenet is a server process, and optimization shouldn't suffer unless > > > absolutely necessary over a network. > > > 4) It's considered "impolite" to modify settings in programs that you > > > didn't ship. You don't want Freenet to get a reputation as a invading > > > your system. > > > > True enough, but the alternatives are: > > - Doing nothing. This sucks. > > - Telling the user to change the settings manually. But if they do, their > > browser will be detectable (with a few false positives) as having been > > modified to work better with Freenet. > > - Creating a Firefox profile for Freenet, and using that. This may result in > > the user when they open a browser normally being asked to select a profile. > > > > > > > 5) I think there may be other ways to fix the problem. > > > > > > One of the way to get around the persistent connection limit is to > > > connect to Freenet on multiple hostnames, or DNS addresses. > > > For example, if Freenet is running on the local system, the URLS on the > > > page could be given multiple ways. > > > > Doesn't work on a LAN. On localhost, we could conceivably listen on 127.0.0.1, > > 127.0.0.2, 127.0.0.3 etc. Rewriting URLs as absolute links referring to > > different hosts is posssible if we're on localhost (which we can tell from > > the IP on the other end of the connection). So you have a point to some > > degree. Although the whole purpose of having a higher global limit is to > > leave some slack for other servers, and we'd break this, so if the user has > > other browser windows open they may not work. > > > > > > > > > > For example, if we had a page of activelinks, freenet could return them as: > > > > > > http://127.0.0.1/CHK/foo1.png > > > http://127.0.0.1/CHK/foo2.png > > > http://localhost/CHK/foo3.png > > > http://localhost/CHK/foo3.png > > > http://192.168.1.15/CHK/foo5.png > > > http://0.0.0.0/CHK/foo5.png (Linux only) > > > > > > By varying the URL, you increase the number of connections to the max > > > per browser, rather than the max per server. > > > > > > See: > > > > > http://www.ajaxperformance.com/2006/12/18/circumventing-browser-connection-limits-for-fun-and-profit/ > > > > _______________________________________________ > > Devl mailing list > > Devl at freenetproject.org > > http://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl > > > > > > -- > Email: ian at uprizer.com > Cell: +1 512 422 3588 > Skype: sanity > _______________________________________________ > Devl mailing list > Devl at freenetproject.org > http://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl > > -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://emu.freenetproject.org/pipermail/devl/attachments/20080306/18ea1f85/attachment.pgp From colin at sq7.org Thu Mar 6 16:32:53 2008 From: colin at sq7.org (Colin Davis) Date: Thu, 06 Mar 2008 11:32:53 -0500 Subject: [freenet-dev] Firefox and Freenet In-Reply-To: <200803061149.39726.toad@amphibian.dyndns.org> References: <200803052012.37034.toad@amphibian.dyndns.org> <47CF1B02.7090009@sq7.org> <200803061149.39726.toad@amphibian.dyndns.org> Message-ID: <47D01CB5.70804@sq7.org> > Both IE and Safari have *MAJOR* problems with Freenet. Safari waits for all > the images to be loaded before even attempting to render the page; IE > autodetects HTML even when it is told that a page is plain text (which is a > major security breach as an attacker can then send unfiltered HTML including > webbugs and scripting). Therefore neither is appropriate for Freenet. I'd > seriously consider a browser plugin at this point, but it'd probably need to > be a full browser fork and there's no way we have the resources for one. > > Fair points, I hadn't realized the situation with IE and Safari was so dire. What about shipping Freenet with a copy of Portable Firefox? http://portableapps.com/apps/internet/firefox_portable It runs out of it's own directory, so the project could pre-configure the settings for it, rather than adding a profile to the existing installation. From robert at freenetproject.org Thu Mar 6 17:21:18 2008 From: robert at freenetproject.org (Robert Hailey) Date: Thu, 6 Mar 2008 11:21:18 -0600 Subject: [freenet-dev] Firefox and Freenet In-Reply-To: <823242bd0803060606jfe852bfg6a7fe2f7840779d9@mail.gmail.com> References: <200803052012.37034.toad@amphibian.dyndns.org> <47CF1B02.7090009@sq7.org> <200803061149.39726.toad@amphibian.dyndns.org> <823242bd0803060552n16c51e60l9fcf9759c3444f62@mail.gmail.com> <20080306140332.GA3519@freenetproject.org> <823242bd0803060606jfe852bfg6a7fe2f7840779d9@mail.gmail.com> Message-ID: On Mar 6, 2008, at 8:06 AM, Ian Clarke wrote: > On Thu, Mar 6, 2008 at 8:03 AM, Florent Daigni?re > wrote: >> * Ian Clarke [2008-03-06 07:52:42]: >> >> >>> Simple fix for the safari problem: don't include active links in the >>> front page... >>> >>> This can be done by checking the user agent string. >>> >>> Ian. >> >> In fact I have reintroduced active-links on the front-page because >> users >> weren't clicking on bookmarks... and where asking about "what the key >> box is". > > Yes, but safari users aren't seeing the active links, they are seeing > a blank page, for over 60 seconds. > > Ian. > In my experience Safari does not always behave that way (waiting for all images before render), and I have not found a reliable indicator of when it will. It usually does it the first time... maybe it does some kind of ex-post-facto analysis and determines it shouldn't do that for 'localhost'? On Mar 6, 2008, at 9:52 AM, Matthew Toseland wrote: > What is the user agent string for Safari? Here is my Safari's user agent string: "Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en-us) AppleWebKit/523.15.1 (KHTML, like Gecko) Version/3.0.4 Safari/523.15" -- Robert Hailey -------------- next part -------------- An HTML attachment was scrubbed... URL: http://emu.freenetproject.org/pipermail/devl/attachments/20080306/da139144/attachment.htm From toad at amphibian.dyndns.org Thu Mar 6 20:09:15 2008 From: toad at amphibian.dyndns.org (Matthew Toseland) Date: Thu, 6 Mar 2008 20:09:15 +0000 Subject: [freenet-dev] Packet size proposal Message-ID: <200803062009.22075.toad@amphibian.dyndns.org> Our current approach to packet sizes has several major disadvantages. I will explain them in a moment, first, here's what we do: All messages are held for up to 100ms for coalescing as many messages as possible into one packet, and are sent in priority order. We send a packet anyway if we have more than MTU-100 bytes of data to send. Base overhead is a minimum of 27 bytes, plus one byte per ack/resend request/etc. After that, the packet is padded to the next 64 byte boundary, and then we add between 0 and 63 bytes. This is all random padding. Bulk and block transfers are split into 1024 byte blocks, which are passed to the coalescing queue as often as congestion control and bandwidth limiting will allow. Most messages are between 8 and ~14 bytes. CHK found, CHK data insert, and some opennet messages, are up to 42 bytes. Messages which include keys range from 52 to 107 bytes (SSK keys are 64 bytes, CHK keys are 32). The last phase of swapping involves 188 byte messages. Block and bulk transfer messages, SSK requests, pubkeys, and inserts, and times-last-few-messages-were-received (on connect, to identify if we are NATed) messages, are over 1024 bytes, some of them quite a lot over it. By rewriting the transport layer, we can reduce the base overhead to maybe 10-16 bytes. The hash (32 bytes) will be replaced by a MAC of the same size. We could reduce its size for smaller packets, at the cost of some security. We could limit the security cost by doing a MAC at a higher layer (after reassembling a stream), but this won't work if there isn't a stream to reassemble: right now, there isn't, short packets contain a few short messages and a few acks. We could implement an in-order stream to put the short messages in, and then do a MAC before passing them on, but that would cost quite a bit of latency. The original design goals were to minimise request latency, and maximise block transfer efficiency. Problems with current system =================== Security: - We remain fairly vulnerable to traffic analysis based on packet size. Because a few messages are HUGE, they can probably be traced across the network by a global passive traffic analyser. We're being reasonably open about this since They undoubtedly already know this! - Stego transports will not work well with the current approach. We want a transport mimicing realplayer streams to have packet sizes equivalent to those of realplayer streams, for example. Reliability: - Those few messages may not fit within the available MTU. This will cause *severe* problems on some connections. Performance: - Because block transfer data is sent in large chunks, it is usually not combined with small messages. Therefore, the small messages are heavily padded (as well as suffering the significant crypto overhead on their own). Of course, the big packets have a relatively low overhead. Proposed solution ============= All big messages are converted into streams. Small messages such as FNPAccepted should remain as messages. The packet size does not depend directly on the details of the pending messages. We determine the packet size by reference to a target profile, of whatever we are trying to mimic (e.g. some realplayer codecs send a lot of 660 byte packets; some send a lot of 330 byte packets; skype sends a lot of 68 byte packets). If we're not using a steganographic transport, there are other means to decide on a packet size - a fixed 256 bytes maybe, or a range. However, this only applies if we are currently sending streams to the node. If we not, we have essentially the same problem we have now: high packet overhead. The only way to solve this at this level would be to bundle messages into a stream anyway, but that would cost latency... However, not having any streams in progress is IMHO the result of a higher level problem. With the new transport layer, all packets are subject to both bandwidth limiting and congestion control. Streams (including bulk and block transfers) are no longer sent in 1kB chunks. They are sent in byte ranges. A packet containing a few messages will be padded up to the target size by adding data from streams (in priority order, of course), not by adding random data. Advantages of proposed solution ===================== Security: - Greatly reduced vulnerability to traffic analysis. No information can be derived from the size of an outgoing packet. - Compatible with most packet-based stego transports, although for really small packets some changes would be needed. Reliability: - Compatible with any MTU down to modem sizes (576 bytes). Performance: - For any peer which has a transfer in progress (including e.g. SSK inserts/requests), we should achieve a very good payload percentage. However, if there are no pending streams, we don't achieve good results: if there are no steganographic concerns, and no pending streams, we could send packets as we do now (big enough to fit the messages to send plus some padding). -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://emu.freenetproject.org/pipermail/devl/attachments/20080306/687c31db/attachment.pgp From toad at amphibian.dyndns.org Thu Mar 6 20:13:15 2008 From: toad at amphibian.dyndns.org (Matthew Toseland) Date: Thu, 6 Mar 2008 20:13:15 +0000 Subject: [freenet-dev] Firefox and Freenet In-Reply-To: <47D01CB5.70804@sq7.org> References: <200803052012.37034.toad@amphibian.dyndns.org> <200803061149.39726.toad@amphibian.dyndns.org> <47D01CB5.70804@sq7.org> Message-ID: <200803062013.16386.toad@amphibian.dyndns.org> On Thursday 06 March 2008 16:32, Colin Davis wrote: > > > Both IE and Safari have *MAJOR* problems with Freenet. Safari waits for all > > the images to be loaded before even attempting to render the page; IE > > autodetects HTML even when it is told that a page is plain text (which is a > > major security breach as an attacker can then send unfiltered HTML including > > webbugs and scripting). Therefore neither is appropriate for Freenet. I'd > > seriously consider a browser plugin at this point, but it'd probably need to > > be a full browser fork and there's no way we have the resources for one. > > > > > Fair points, I hadn't realized the situation with IE and Safari was so > dire. > What about shipping Freenet with a copy of Portable Firefox? > > http://portableapps.com/apps/internet/firefox_portable > > It runs out of it's own directory, so the project could pre-configure > the settings for it, rather than adding a profile to the existing > installation. Not a bad idea, although it's an additional 6MB download, and one more thing to update (does it auto-update?). And it's windows specific: what would we do on linux and OS/X ? -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://emu.freenetproject.org/pipermail/devl/attachments/20080306/70e08baa/attachment.pgp From toad at amphibian.dyndns.org Thu Mar 6 20:19:18 2008 From: toad at amphibian.dyndns.org (Matthew Toseland) Date: Thu, 6 Mar 2008 20:19:18 +0000 Subject: [freenet-dev] Another possible reason for low payload%? Message-ID: <200803062019.19262.toad@amphibian.dyndns.org> I know some of it is likely to be recently introduced transport layer bugs, and I am trying to chase them down. However, a possible reason for the recent low payload percentages may be that we are doing more SSK requests, because of the increasingly widespread use of FMS, and because those who still use Frost download massive quantities of invisible and useless spam messages? If this is true, it will likely get worse over time. The solution, which we cannot implement until after 0.7.0 has shipped, especially as bugs in it could be extremely disruptive, is to implement the RecentlyFailed mechanism in ULPRs, which will limit the number of requests for the same key that can happen within a certain period of time, sending a (fatal) RecentlyFailed error with a timeout to too eager requestors (who will be notified anyway if it is found because of ULPRs). This is similar to the old 0.5 failure tables system (which was also developed to deal with polling), but will work better because of being combined with ULPRs and not being able to self-seed (which on 0.5 was catastrophic). One worry is that we may need to track more keys than will easily fit in RAM... -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://emu.freenetproject.org/pipermail/devl/attachments/20080306/37489e39/attachment.pgp From colin at sq7.org Thu Mar 6 21:17:24 2008 From: colin at sq7.org (Colin Davis) Date: Thu, 06 Mar 2008 16:17:24 -0500 Subject: [freenet-dev] Firefox and Freenet In-Reply-To: <200803062013.16386.toad@amphibian.dyndns.org> References: <200803052012.37034.toad@amphibian.dyndns.org> <200803061149.39726.toad@amphibian.dyndns.org> <47D01CB5.70804@sq7.org> <200803062013.16386.toad@amphibian.dyndns.org> Message-ID: <47D05F64.4030505@sq7.org> > Not a bad idea, although it's an additional 6MB download, and one more thing > to update (does it auto-update?). And it's windows specific: what would we do > on linux and OS/X ? > > Portable Firefox is what TorPark uses. There is a version of Portable Firefox for Mac. http://www.freesmug.org/portableapps/firefox/ Linux users are likely proficient enough to change their own settings... But there does appear to be a way to run Portable Firefox under Linux. http://chanux.wordpress.com/2008/02/09/use-portable-firefox-profile-from-gnulinux/ I agree that the size might be a substantial obstacle, however. Just raising the topic for discussion. -Colin > ------------------------------------------------------------------------ > > _______________________________________________ > Devl mailing list > Devl at freenetproject.org > http://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl From toad at amphibian.dyndns.org Thu Mar 6 22:33:25 2008 From: toad at amphibian.dyndns.org (Matthew Toseland) Date: Thu, 6 Mar 2008 22:33:25 +0000 Subject: [freenet-dev] Firefox and Freenet In-Reply-To: References: <200803052012.37034.toad@amphibian.dyndns.org> <200803061149.39726.toad@amphibian.dyndns.org> Message-ID: <200803062233.35842.toad@amphibian.dyndns.org> On Thursday 06 March 2008 14:51, Michael Rogers wrote: > On Mar 6 2008, Matthew Toseland wrote: > > True enough, but the alternatives are: - Doing nothing. This sucks. - > > Telling the user to change the settings manually. But if they do, their > > browser will be detectable (with a few false positives) as having been > > modified to work better with Freenet. - Creating a Firefox profile for > > Freenet, and using that. This may result in the user when they open a > > browser normally being asked to select a profile. > > (Sorry for the broken formatting.) It might be worth looking at Torbutton, > a Firefox extentsion that switches between Tor settings and non-Tor > settings: https://addons.mozilla.org/en-US/firefox/addon/2275 Well it wouldn't be usable directly... We could maybe fork it? Any volunteers? Also, according to the comments, it clobbers your proxy settings when you turn it off (rather than restoring them). > > Cheers, > Michael -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://emu.freenetproject.org/pipermail/devl/attachments/20080306/10443f5c/attachment.pgp From toad at amphibian.dyndns.org Thu Mar 6 22:39:35 2008 From: toad at amphibian.dyndns.org (Matthew Toseland) Date: Thu, 6 Mar 2008 22:39:35 +0000 Subject: [freenet-dev] Firefox and Freenet In-Reply-To: <47D05F64.4030505@sq7.org> References: <200803052012.37034.toad@amphibian.dyndns.org> <200803062013.16386.toad@amphibian.dyndns.org> <47D05F64.4030505@sq7.org> Message-ID: <200803062239.35920.toad@amphibian.dyndns.org> On Thursday 06 March 2008 21:17, Colin Davis wrote: > > > Not a bad idea, although it's an additional 6MB download, and one more thing > > to update (does it auto-update?). And it's windows specific: what would we do > > on linux and OS/X ? > > > > > Portable Firefox is what TorPark uses. > > There is a version of Portable Firefox for Mac. > http://www.freesmug.org/portableapps/firefox/ > > Linux users are likely proficient enough to change their own settings... Not necessarily, a lot use Ubuntu etc and may not be especially competent. Anyway we want to avoid changing settings, because the settings that work well for Freenet stick out and are easily detectable on the web. > But there does appear to be a way to run Portable Firefox under Linux. > http://chanux.wordpress.com/2008/02/09/use-portable-firefox-profile-from-gnulinux/ Here he's just creating a profile for the installed firefox with the settings off the USB stick. That's what we were trying to avoid. Ideally we want an external profile option - something where the settings are kept outside of the firefox directory, where firefox will always default to the default profile, without asking the user. > > I agree that the size might be a substantial obstacle, however. Just > raising the topic for discussion. What about updating? > > -Colin -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://emu.freenetproject.org/pipermail/devl/attachments/20080306/0e25f507/attachment.pgp From toad at amphibian.dyndns.org Thu Mar 6 22:42:53 2008 From: toad at amphibian.dyndns.org (Matthew Toseland) Date: Thu, 6 Mar 2008 22:42:53 +0000 Subject: [freenet-dev] Proposal for Seednode harvesting In-Reply-To: <47CEA990.1010103@david.sowder.com> References: <478D1C04.8010105@users.sourceforge.net> <200801182251.23636.toad@amphibian.dyndns.org> <47CEA990.1010103@david.sowder.com> Message-ID: <200803062242.53622.toad@amphibian.dyndns.org> On Wednesday 05 March 2008 14:09, David Sowder wrote: > Reading through some old threads (catching up on some of the devl@ > traffic I hadn't read yet), Matthew mentioned something that gave me an > idea. > > Perhaps the seednodes could connect to each other, verifying each other > as valid seednodes. If there are trust concerns with just anybody's box > being a seednode because of attackers and such, perhaps there could be > two tiers of seednode, the first tier would be between only those were > manually added to the first tier group of seednodes. The second tier > could be automatically joined and verified by the trusted first tier. If the first tier is known, the second tier can fake it by always working when a first tier node connects to them. And if it's not known, it can be found out fairly easily. > > If this two tier seednode pool approach looks good and is implemented, I > see a potential for the seedserver to merely need to talk to the first > tier seednodes (to verify they're up ATM) and maintain a roundrobin A > record list for a hostname such as seeds70.freenetproject.org (this > layer can potentially have a pretty decent level of redundancy to > mitigate DoS attacks). Seedclients could then be coded such that they > merely need to make a connection to one (or more) of the seednodes > listed in DNS at seeds70.freenetproject.org to get a list of FNP-level > seednodes (i.e. members of the first and second tier seednodes) to > connect to be used for announcement. You haven't solved the first problem (bad second tier seednodes). > > The first tier seednodes could use a common pool of public/private key > pairs, the public keys of which would be shipped with the installer. > The installer has already passed a signature check at this point, so > either the public keys are good and work on the seednodes listed at > seeds70.freenetproject.org or the installer has been compromised and the > public keys aren't good on an uncompromised seeds70.freenetproject.org, > forcing both the installer mirror network source and the > seeds70.freenetproject.org source to be compromised to silently > compromise a seedclient. the installer mirror network and the > seeds70.freenetproject.org source maintenance could be maintained in > separate VMs on emu at a minimum and potentially on separate, > geographically separated systems at the extreme. Both could be > monitored by a stealth set of parallel operations (private instances of > the seedserver software, not made public necessarily outside of the core > devs and/or first tier seednode operators and potentially, private jar > file build farms, pulling from public SVN/in-Freenet DVCS). If the > seeds70.freenetproject.org list doesn't change too terribly quickly, the > list could also be published in Freenet allowing potentially anonymous > third-party verification. > > OK, now you can pick it apart... :) -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://emu.freenetproject.org/pipermail/devl/attachments/20080306/9134d09d/attachment.pgp From toad at amphibian.dyndns.org Thu Mar 6 23:02:33 2008 From: toad at amphibian.dyndns.org (Matthew Toseland) Date: Thu, 6 Mar 2008 23:02:33 +0000 Subject: [freenet-dev] [freenet-cvs] r18398 - in trunk/freenet/src/freenet: node/updater support support/io In-Reply-To: <20080306161922.95257479818@freenetproject.org> References: <20080306161922.95257479818@freenetproject.org> Message-ID: <200803062302.34280.toad@amphibian.dyndns.org> On Thursday 06 March 2008 16:19, nextgens at freenetproject.org wrote: > Author: nextgens > Date: 2008-03-06 16:19:22 +0000 (Thu, 06 Mar 2008) > New Revision: 18398 > > Modified: > trunk/freenet/src/freenet/node/updater/NodeUpdateManager.java > trunk/freenet/src/freenet/support/LibraryLoader.java > trunk/freenet/src/freenet/support/io/NativeThread.java > Log: > DOH! > > Modified: trunk/freenet/src/freenet/node/updater/NodeUpdateManager.java > =================================================================== > --- trunk/freenet/src/freenet/node/updater/NodeUpdateManager.java 2008-03-06 16:05:56 UTC (rev 18397) > +++ trunk/freenet/src/freenet/node/updater/NodeUpdateManager.java 2008-03-06 16:19:22 UTC (rev 18398) > @@ -464,7 +464,7 @@ > boolean writtenNewJar = false; > boolean writtenNewExt = false; > > - boolean tryEasyWay = File.pathSeparatorChar == '/' && !hasNewExtJar; > + boolean tryEasyWay = File.pathSeparatorChar == ':' && !hasNewExtJar; Wrong, the easy way only works on *nix. > > File mainJar = ctx.getMainJar(); > File newMainJar = ctx.getNewMainJar(); > > Modified: trunk/freenet/src/freenet/support/LibraryLoader.java > =================================================================== > --- trunk/freenet/src/freenet/support/LibraryLoader.java 2008-03-06 16:05:56 UTC (rev 18397) > +++ trunk/freenet/src/freenet/support/LibraryLoader.java 2008-03-06 16:19:22 UTC (rev 18398) > @@ -32,7 +32,7 @@ > } > > public static void loadNative(String path, String libraryName) { > - final boolean isWindows = File.pathSeparatorChar == '\\'; > + final boolean isWindows = File.pathSeparatorChar == ';'; That looks a lot like a semicolon to me. > final String prefix = (isWindows ? ".dll" : ((System.getProperty("os.name")).toLowerCase().startsWith("mac") ? ".jnilib" : ".so")); > final String libraryNameWithPrefix = (isWindows ? "" : "lib") + libraryName; > final String libraryNameWithPrefixAndArch = libraryNameWithPrefix + '-' + getSimplifiedArchitecture(); > > Modified: trunk/freenet/src/freenet/support/io/NativeThread.java > =================================================================== > --- trunk/freenet/src/freenet/support/io/NativeThread.java 2008-03-06 16:05:56 UTC (rev 18397) > +++ trunk/freenet/src/freenet/support/io/NativeThread.java 2008-03-06 16:19:22 UTC (rev 18398) > @@ -38,7 +38,7 @@ > > static { > Logger.minor(NativeThread.class, "Running init()"); > - _loadNative = (!(File.pathSeparatorChar == '\\')) || (NodeStarter.extBuildNumber < 18); > + _loadNative = (File.pathSeparatorChar == ':') && (NodeStarter.extBuildNumber < 18); That finally makes sense. :) > Logger.debug(NativeThread.class, "Run init(): should loadNative="+_loadNative); > if(_loadNative) { > //System.loadLibrary("NativeThread"); > > _______________________________________________ > cvs mailing list > cvs at freenetproject.org > http://emu.freenetproject.org/cgi-bin/mailman/listinfo/cvs > > -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://emu.freenetproject.org/pipermail/devl/attachments/20080306/b37b0026/attachment.pgp From toad at amphibian.dyndns.org Thu Mar 6 23:07:04 2008 From: toad at amphibian.dyndns.org (Matthew Toseland) Date: Thu, 6 Mar 2008 23:07:04 +0000 Subject: [freenet-dev] [freenet-cvs] r18389 - in trunk/freenet/src/freenet/support: . io In-Reply-To: <20080306153137.68B3A4799A9@freenetproject.org> References: <20080306153137.68B3A4799A9@freenetproject.org> Message-ID: <200803062307.04520.toad@amphibian.dyndns.org> I thought the benchmarks showed that loading the library was unhelpful? On Thursday 06 March 2008 15:31, nextgens at freenetproject.org wrote: > Author: nextgens > Date: 2008-03-06 15:31:37 +0000 (Thu, 06 Mar 2008) > New Revision: 18389 > > Modified: > trunk/freenet/src/freenet/support/LibraryLoader.java > trunk/freenet/src/freenet/support/io/NativeThread.java > Log: > Tweak NativeThread to toad the library on MacOs as well > > Modified: trunk/freenet/src/freenet/support/LibraryLoader.java > =================================================================== > --- trunk/freenet/src/freenet/support/LibraryLoader.java 2008-03-06 14:51:09 UTC (rev 18388) > +++ trunk/freenet/src/freenet/support/LibraryLoader.java 2008-03-06 15:31:37 UTC (rev 18389) > @@ -35,7 +35,7 @@ > final boolean isWindows = File.pathSeparatorChar == '\\'; > final String libraryNameWithPrefix = (isWindows ? "" : "lib") + libraryName; > final String libraryNameWithPrefixAndArch = libraryNameWithPrefix + '-' + getSimplifiedArchitecture(); > - final String libraryNameWithPrefixAndArchAndSuffix = libraryNameWithPrefixAndArch + (isWindows ? ".dll" : ".so"); > + final String libraryNameWithPrefixAndArchAndSuffix = libraryNameWithPrefixAndArch + (isWindows ? ".dll" : ((System.getProperty("os.name")).toLowerCase().startsWith("mac") ? ".jnilib" : ".so")); > String resourceName = path + libraryNameWithPrefixAndArchAndSuffix; > > File nativeLib = new File((System.getProperty("java.library.path")) + "/lib" + libraryName + (isWindows ? ".dll" : ".so")); > > Modified: trunk/freenet/src/freenet/support/io/NativeThread.java > =================================================================== > --- trunk/freenet/src/freenet/support/io/NativeThread.java 2008-03-06 14:51:09 UTC (rev 18388) > +++ trunk/freenet/src/freenet/support/io/NativeThread.java 2008-03-06 15:31:37 UTC (rev 18389) > @@ -4,6 +4,7 @@ > > package freenet.support.io; > > +import java.io.File; > import freenet.node.NodeStarter; > import freenet.support.LibraryLoader; > import freenet.support.Logger; > @@ -37,7 +38,7 @@ > > static { > Logger.minor(NativeThread.class, "Running init()"); > - _loadNative = "Linux".equalsIgnoreCase(System.getProperty("os.name")) && NodeStarter.extBuildNumber > 18; > + _loadNative = !(File.pathSeparatorChar == '\\') && NodeStarter.extBuildNumber > 18; > if(_loadNative) { > //System.loadLibrary("NativeThread"); > LibraryLoader.loadNative("/freenet/support/io/", "NativeThread"); > > _______________________________________________ > cvs mailing list > cvs at freenetproject.org > http://emu.freenetproject.org/cgi-bin/mailman/listinfo/cvs > > -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://emu.freenetproject.org/pipermail/devl/attachments/20080306/7e3f31d2/attachment.pgp From colin at sq7.org Thu Mar 6 23:26:11 2008 From: colin at sq7.org (Colin Davis) Date: Thu, 06 Mar 2008 18:26:11 -0500 Subject: [freenet-dev] Firefox and Freenet In-Reply-To: <200803062239.35920.toad@amphibian.dyndns.org> References: <200803052012.37034.toad@amphibian.dyndns.org> <200803062013.16386.toad@amphibian.dyndns.org> <47D05F64.4030505@sq7.org> <200803062239.35920.toad@amphibian.dyndns.org> Message-ID: <47D07D93.2030206@sq7.org> > Ideally we want an external profile option - something where the settings are > kept outside of the firefox directory, where firefox will always default to > the default profile, without asking the user. > > Well.. If you wanted to go that way, you could use the -no-remote option, which allows two Firefox processes to run at once. We could then use -profile to manually load a profile. On Windows: firefox.exe -profile "c:\progra~1\freenet\myprofile" -no-remote On Linux: ./firefox -profile "\tmp\freenet\myprofile" -no-remote This would work either with the pre-installed version of Firefox, or with a bundled version. Bundling works even if Firefox isn't installed, and ensures you know where the binary is.. But it wouldn't auto-update. If you did want to bundle, you could use the Portable Firefox versions for Windows/OSX, and just use the standard .tgz file for Linux, passing it the profile from the freenet directory. If you were to just start Firefox with a command-line option to specify a profile, that likely eliminates the "tresspassing" argument entirely, and makes bundling less necessary. The way I see it on bundling, the Pros are: No default plugins, so no leaks through SWF/PDF/etc. Easier to know You know exactly where it is, and don't need to search the HD. You know what version it is, so you can trust the behavior. The cons are- It doesn't auto-update. You'd need to either update over freenet, or leave old versions in place. It adds to download size. -Colin From nextgens at freenetproject.org Fri Mar 7 01:38:36 2008 From: nextgens at freenetproject.org (Florent =?iso-8859-1?Q?Daigni=E8re?=) Date: Fri, 7 Mar 2008 02:38:36 +0100 Subject: [freenet-dev] Firefox and Fre