Freenet

From I2P Wiki
Jump to navigation Jump to search

Freenet

Introduction

Freenet, The Freedom Network, is a Content Distribution Network and communications platform. Participant clients, called nodes, contribute bandwidth and storage space. Every client serves the same role in the network, besides those that choose to act as seednodes. Freenet is also a solution to the hosting problem. Freenet has been in development since 2000.

Even without strong guarantees from the network, Freenet users take anonymity very seriously.

Some of Freenet's goals are:

  • to provide anonymity for network participants, particularly uploaders (inserters).
  • to have no central points of control.
  • to resist censorship and survive in hostile environments. Examples:
node takedowns/closures.
Denial of Service attacks.
datastore pollution.
jurisdictions where it is illegal to run a Freenet node.

Network Design

  • Data is transferred hop-by-hop through the network, not tunneled.
  • Requests and inserts use a Hops-to-live (HTL) value that decreases per-node, with probalistic decrement of 0.5 at MaxHTL (18 default) and 0.25 at HTL 1.
  • There is no node hierarchy, although each client can choose to become a seednode to help bootstrap new opennet nodes.
  • Everything on the network is static content, webservers and javascript are not used.
  • Slow nodes are accomodated.
  • Nodes are identifiable by IP Address and network location.

Vulnerabilities & Attacks

Currently, the most serious vulnerabilities for Freenet are Black Ice nodes run by law enforcement and Mobile Attacker Source Tracing (MAST).

  • Law Enforcement Freenet Nodes are run by law enforcement agencies in the United States that have partnerships with Canada and (likely) other nations. Known as the Black Ice project.
specially designed nodes measure HTL and frequency of requests/inserts from neighboring nodes. These measurements are used to identify suspects who are requesting files of interest. Files of interest, in this case, are currently known or suspected child pornography files. However, the analysis can be used for any file in the network, making Black Ice a very serious threat.
LE's current strategy is to evenly distribute their node locations across the network to maximize successful identification of suspects. Open proposals to eliminate Freenet's HTL would seriously mitigate this type of threat.
Black Ice resulted in at least 50 court cases in the United States and Canada. At least one case in Canada was thrown out because of how the evidence was gathered. Do not have conversations with law enforcement. Never admit guilt to law enforcement.
  • MAST attacks are performed by special nodes that follow requests and inserts through the network to find their source. MAST was previously only theoretical, but it is now a reality. Prime candidates for such an attack are research nodes run by academic institutions.
Attack Mitigations
  • Friend-of-a-Friend (FOAF) helps confirm both MAST and Black Ice attacks, but disabling FOAF hurts routing performance. These settings can be accessed from Freenet's core settings advanced mode.
LE correlation attacks are easier if "Shall we send our peers' locations to our peers?" is set to true. Attackers can also get information by probing for "Respond to probe requests for bandwidth limit" and "Respond to probe requests for overall capacity usage and very approximate bandwidth limit."
MAST attacks can be mitigated for the network if "Shall we take the locations of the peers of our peers into account for routing purposes?" is set to false.

Network Modes

There are two modes of operation in the network, Opennet and Darknet.

Opennet

Opennet is the public Freenet network. Connections between Opennet clients are mediated by Seednodes. This is what most nodes use to connect to Freenet.


Darknet

Darknet mode is meant to increase node security, as connections are to be made only to trusted social contacts. Developers tout widespread Darknet mode as the solution to many problems inherent in Freenet, but this is not a realistic goal. Anonymity networks are, by nature, not social. Research has also suggested that data retrievability suffers when requests are made to a Darknet node.


See Also

https://freenetproject.org

Black Ice: "They sheath their data in black ice, lethal viruses waiting to burn the brains of intruders." Johnny Mnemonic, 1995

Retrieved from "http://wiki.i2p-projekt.i2p/wiki/index.php?title=Freenet&oldid=37"