Fun and games in the dark.

06 August 2007

If you've read my website for any length of time, you're probably aware of the fact that I am very much a privacy advocate - I think that it is none of anyone's business what you search for on the Net, what you read, or where you go. Furthermore, it is also a closely held belief of mine that so long as you aren't bothering anyone, aren't causing trouble, and aren't doing anything to anyone of legal age in your country of residence that's hurting anyone (or if it is, it's consensual and has been negotiated for in advance), it is no one's business unless you go public with it for some reason. This extends to things that you write and communique's that you send unless you make them available to the public to read (such as posting to a weblog or a mailing list). Unfortunately in the twenty-first century, there are people who feel that privacy is fast becoming an outmoded concept and that we should get used to having none. In fact, I personally know a number of people who are deliberately dismantling their personal privacy as part of a deliberate social re-engineering effort. I've also heard some good arguments in favor of this (particularly from the transhumanism camp) that I respectfully disagree with. There are also a considerable number of people who feel that privacy and anonymity are dangerous because their notion of privacy is predicated by the idea that wanting to keep something secret (even something as mundane as a letter to your fiancee') is inherently incriminating. "If you aren't up to no good," they say, "then you don't have anything to hide."

Again, I disagree with this sentiment. Desiring privacy does not mean that you are hiding any wrongdoing, but keeping right-doing out of the spotlight of the natural desire for dignity, as well as showing respect for your fellow sapient lifeform. Generally speaking, if it's not explicitly shared or exposed in a public setting in front of everyone else then it's none of anyone's concern. In other words, it's not about hiding a wrong, and never has been regardless of what people may say to the contrary, regardless of the number of letters after their surnames.

For the past few years I've been working with a number of anonymity preserving technologies in various states of maturity and usability, Freenet and the Tor network, and documenting how well they work, what they're good for, and how to use them effectively.

Let's start this series of articles off with Freenet. The Freenet Project started its existence as a system for anonymously publishing information on the Net in such a way that it could neither be eradicated nor located with any degree of certainty. Files uploaded to Freenet are cryptographically signed for authentication of the source. The idea is that some number of systems X on the Net run the Freenet software (which is technically a peer-to-peer file sharing application) for some amount of time each day. Some nodes are online 24 hours a day, seven days a week, while others only sporadically connect to the darknet. Each node has an encrypted datastore on its drives that may or may not contain any information; if there are any files kept in the datastore, they too are encrypted to make them indistinguishable from garbage.

Each node also has a small list of other nodes that it connects to for the purpose of sharing information in the form of data files uploaded by users and indices of files that those other nodes know about. The idea is that popular files will be replicated to a large number of nodes and thus be readily available. Less popular files will be found on a much smaller set of nodes, and will take longer to pull down as a result. The least popular files may vanish utterly from the darknet - I don't know if this has ever actually happened, because you can't prove a negative, but this is stated on the Freenet website here. No matter what there is a very high probability that any files entered into the Freenet will completely escape the control of the originator - you can't censor, edit, or delete what you can't find. The only way to really rid Freenet of a file would be to hunt down each and every node and destroy the drives and any backups extant, which is a practical impossibility because a) they are geographically dispersed around the world, and b) not all of the nodes are online all the time, so finding all of them would require physically inspecting every Net-capable computer on the planet (also a practical impossibility). Also, tracing back a file transfer to a client is difficult in the extreme because every request and file block gets routed through some number of other Freenet nodes along with index transfers and other administrative traffic. A transfer might be a banned book, or it might be a message stating that such-and-such node just shut down, so stop trying to route traffic through them.

This sounds like the perfect way to make sure that what you say will be on the Net forever, right? Not so fast.

The biggest barrier to entry of the Freenet software is that as a whole it's slow. Setting up your own Freenet node is a relatively simple task: You download the software (which runs on most every modern operating system), run it, and allocate some amount of disk space to the persistent datastore. Then you have to associate with the rest of the darknet... and therein lies the problem.

One of the basic principles of the Freenet is that each node will only associate with other nodes that the owners trust. The way this is done is that each node has a uniquely identifiable node ID that contains the publically routable IP address of the node and other uniquely identifying information so that you can look at a node ID and tell your buddy Fred Dibb's Freenet node from Janet Weiss' Freenet node from J. Evil Hax0r's rogue Freenet node that happens to be keeping an eye on your node's traffic. If a node is discovered to be a rogue, it can be shunned by everyone else and minimize the amount of potential damage done. Also, you might personally know the person running some of the nodes that you link to, but neither you nor they will have any idea of exactly what data each node contains for the purpose of plausible deniability. This is why the datastore is encrypted as well as the files that may or may not be kept therein.

So how do you go about getting your hands on a couple of node references to get started? You can haunt websites that have node references pasted to them and add them to your node's reference list, but there is no guarantee that this will do you any good because both nodes have to accept the references of the other. In other words, "I add you, but you have to add me back" to build a link. The socially accepted way of getting links is to hang out on IRC and ask random people for their node references, which again is not a sure thing. You can't be certain that the other end will give you a good reference (though in my experience people will), and you can't be certain that they'll add you back (though with real life and jobs and everything this is understandable, though frustrating if you're trying to bootstrap your local Freenet instance).

It is possible to run an IRC bot that will sit on a channel used for swapping node references, but sometimes the channels will sit idle hour for hours with no one responding at all. A popular bot that will do this for you is called Refbot; I've seen it in action but never used it myself.

You can also talk a couple of friends into setting up their own nodes so you can exchange references, but then the problem of getting a line into the Freenet network at large remains. There also seems to be a variable delay before a link with a neighboring node is actually constructed: During testing, the shortest amount of time I waited was six hours, while fully half of the references I received from other people never resulted in working connections. I am at a loss to determine exactly why this was so, but my working hypothesis has to do with how heavily trafficked those nodes were (or not) and their available bandwidth at the time. In short, they were probably too busy with known-reliable nodes to worry about my newbie Freenet node for a couple of weeks.

Another problem with the Freenet is speed: The more active node links you have, the faster the files you download will actually materialize on your hard drive. In my experience it's difficult enough to get a really useful working number of node connections to make downloading files really feasible. Remember, popular files are distributed over a larger number of nodes, so having more active links means having access to a large number of nodes that have those files. If you're after something relatively obscure (say, an InSoc concert bootleg from 1986), chances are only one or two nodes have it, so your chances of getting hold of a copy from the Freenet are slim to none. On top of all of this, one must take into account the fact that each node has a limited amount of usable bandwidth, so popular nodes might be too busy to respond to your requests.

There is another, more subtle problem with the Freenet: It's not searchable. You can't key into your web browser "freenet:william gibson dna sequence" and wait for the Freenet software to hunt down William Gibson's sqeuenced DNA for you. Freenet supposes that you either know the reference to the file (called a Content Hash Key) already, or that you have a reference to a page on the Freenet that has the CHK for the file listed. The former is the sort of thing that you're likely to get if you've been active on the Freenet for a while, while finding the latter is more likely. The Freenet client comes with a few references to index pages right out of the box which are helpful, but certainly not complete. It would be possible to write a web spider that crawls the Freenet and indexes everything it can reach, though it would then destroy anonymity. The IP addresses of each Freenet node are known, but to be able to search, Freenet would have to be able to correlate CHKs with IP addresses. It would then be possible to determine which nodes needed to be attacked to render a particular file inaccessible to the Freenet. Of course, the people who ran each node would then be targets, defeating the entire purpose. So, happy hunting. Keep notes on what you find where, but like any privacy-enhancing technology, encrypt your notes.

Freenet also has built into it support for a Usenet-like system for posting messages called Frost, which allows the user to hunt through a hierarchical index of forums on a myriad of topics. I've found active discussions pertaining to the development of Freenet itself, suggestions for making it more efficient, politics, technology, cracking, and of course bases for sharing files of all kinds. It's kind of like Usenet without all the junk, actually, or reading BBS echoes back in the day. I found myself using Frost more than anything else because not only was it actively updated (people post to it a lot) but there signal to noise ratio was very high for such a system.. and it ran much faster than the rest of the Freenet services I was experimenting with. I never tried to use the Freemail software for transmitting e-mail because I was more interested in seeing how the rest of the system performed.

A common question that people ask about the Freenet is "Can I use Freenet to browse websites anonymously?" The short and sweet answer is "No." The longer, more accurate answer is "You can if someone has checked a snapshot of the entire website into the Freenet and lots of people are reading it, which will make it more readily available." Freenet is an anonymous, highly resilient data publishing and archival system, not an anonymous proxying system. If you have something of world-shattering importance that you want to get out, Freenet is a good way of making sure that it'll be around for a very long time, though whether or not it can actually be retrieved in a predictable period of time is another matter entirely. Some transfers have gone through in a matter of hours, in my experience, and others never started by the time I took my Freenet node offline. Ultimately, I found it unsuitable for my purposes because there was absolutely no guarantee that I'd get the data I was after before the end of life as we know it on this planet. While I respect the founders and developers of the Freenet, I can't really recommend this anonymous publishing service to anyone unless you have the patience of Job.

Like any non-mainstream technology, it is important to know exactly what you want because how to go about it follows. If you want to anonymously browse the Net, then Tor is your best bet. If you want to browse data that might not be found anywhere else, Freenet is probably better for you because it's been around longer, and was designed as a publishing system first and foremost. If you are searching for a way to anonymously communicate with other anonymous people with reasonable speed, then Freenet (Freemail and the Frost application, specifically) would be ideal. Additionally, Frost allows the user to set up a brand-new forum and restrict access using a cryptographic key, so it would be worth researching this.