What are
/r/darknetplan's
favorite Products & Services?
From 3.5 billion Reddit comments
The most popular Products mentioned in /r/darknetplan:
The most popular Services mentioned in /r/darknetplan:
cjdns
Tor
Google Docs
Yggdrasil
Raspberry Pi
Freenet
IPFS
GNUnet
Engadget
MikroTik RouterOS
Briar
I2P
Tails
TechCrunch
Google Groups
The most popular Android Apps mentioned in /r/darknetplan:
The Serval Mesh
GNURoot Debian
WiFON
The most popular VPNs mentioned in /r/darknetplan:
The most popular reviews in /r/darknetplan:
A major part of this operation is to teach people about and encourage people to use free and open source software as a means of protecting their privacy and digital freedom. Windows is proprietary ($), and NOT safe from a privacy standpoint.
Read these articles:
HideMyAss keeps logs of your activity for a month. Because they do this, they have to share them with law enforcement when presented with a court order, which has already happened before. Be very aware of this, and consider someone who doesn't log, such as .
I recommend moving to Mullvad and paying in cold hard cash if you want to improve your setup, also the wireless extender might be a weak point (you don't really provide any information about it)
The way you operate online is also important, you can be doing all the right steps but if you login to your Gmail, start scrolling on Facebook and check up on your colleagues on LinkedIn you're no longer private online.
Last of all, this is the wrong sub, check r/privacy or r/vpn
FreeNet is already taken and might get confusing if you used the same name. A name something along those lines though promoting freedom of censorship, governments and commercial control would be good though.
Please don't make shit up. Onion domains do not resemble DNS in any meaningful way. They aren't centralized and they don't map a meaningful name to an IP.
The server creates a public/private key pair. The .onion address is derived from this public key. This information is then advertised on the network. A client can then create a temporary key and pick a rendezvous node through which to pass data, encrypt these settings with the server's public key, and send them through one of several nodes to the server, which can then decrypt the settings with its private key. Then the server and client can talk through the chosen rendezvous point, which cannot eavesdrop because the communications are encrypted with the temporary key. Here is an excellent explanation of this process.
While they can't replace the routing infrastructure, .onion domains do a decent job of taking DNS's place. Their main disadvantage is that they aren't meaningful or memorable addresses.
Yes, that's what the article says. But I wouldn't assume the UK Government can't already do that themselves, too, though, especially with their latest snooping bills attempts.
Jitsi is the best alternative to Skype, cross-platform:
I hate to bring it up, but Ex Post Facto. Weren't the "illegal" sites he is referring to all taken down before DMCA?
Also, I went to cnet.com and found this:
>You will be taken to a third-party site to complete your download. Using P2P and file-sharing software to distribute copyrighted material without authorization is illegal in the United States and many other countries. CBS Interactive does not encourage or condone the illegal duplication or distribution of copyrighted content
The ruling in MGM vs. Grokster says "We hold that one who distributes a device with the object of promoting its use to infringe copyright, as shown by clear expression or other affirmative steps taken to foster infringement, is liable for the resulting acts of infringement by third parties." I believe the above quote from cnet.com is enough to acquit them from the charge of taking affirmative steps for fostering infringement.
You might also like the free cryptography online lessons by Stanford: https://www.coursera.org/course/crypto
too bad it started already like a month ago but I'm sure they'll do this again. These courses come with practical assignments and exams (ofcourse multiple choice), all for free! Some of the top guys of the field are at Stanford, and they give many more courses.
> The community could come together
This is what I'm worried about. I feel like the powers that be aren't going to like this. I hate wearing a tinfoil hat but honestly, if I was hired to stop a community based operation that was a threat to the internet I would find a way to get the community to fight against each other. It's a tactic right out of The Art of War.
TL;DR:
What? > Airchat is a free communication tool (Linux Install. Off the shelf hardware)
You connect a radio transmitter to your computer (or any other transmitting device) and use their software to communicate P2P with other devices. Basically it's a radio transmitter modem.
How? > It doesn't need the internet infrastructure, nor does it need a cellphone network, instead it relies on any available radio link (or any device capable of transmitting audio - we even made a prototype working with light/laser based transmissions).
Why? > This project was conceived from lessons learned in the Egyptian, Libyan and Syrian revolutions, OccupyWallStreet and Plaza del Sol. We have started thinking about new ways in which people can free themselves from expensive, commercial, government controlled and highly surveilled infrastructure.
When?
>AirChat is a working PoC you can use today.
Video:
There is already something by the name of opennet. They do studies of restrictive/censored ISPs; so, related but only in philosophy. There is a company called Open Mesh as well, using that name might have some negative consequences. There is a Google site called OpenMeshNet that requires translation from Russian so maybe not that name either. Freenet is already taken as well, it's a distributed p2p protocol. FreeMesh is software for flight sims.
This sucks, you'd think it would be easier.
You shouldn't worry too much - it is signed by CAcert.org - a free certificate authority that is popular among open source circles.
It's fairly well trusted and well established.
Absolutely! We need to switch away from using YT almost exclusively! If you use blip.tv they will let you auto-upload to a whole bunch of other places simultaneously. And if you want to be more nerdy and secure check out MediaGoblin, a distributed, FOSS tool for putting media online.
Given that the most recent DDoS affected Dyn DNS services, you could have avoided most of the problems by simply using OpenDNS as one of your DNS resolvers. They cache the last-known address of a site even if the TTL of the record lapses.
Mesh networks like Hyperboria are theoretically resistant to DDoS attacks (see this deep dive for more info). However you're not going to find websites like Twitter on there (right now anyway).
Just a question, I'm located in the Netherlands and I have a firefox add-on that reroutes me to ThePirateBay.org through random proxy servers. Will this keep working? I actually installed it case this would happen.
This is the add-on: https://addons.mozilla.org/nl/firefox/addon/mafiaafire-piratebay-dancing/?src=search
Could also be relevant to others here.
Raspberry Pi has about the same Wattage I think and is even cheaper? ^^;
What we need to get this going is a minimal kit / DIY instruction to build something like this https://www.kickstarter.com/projects/1776324009/brck-your-backup-generator-for-the-internet
We need durable outdoor routers right? Is a Raspberry Pi the right choice? Can any router be equipped with a long range antenna?
What is the average Power Consumption of a Raspberry Pi vs. Standard Router?
new here, but isn't the goal to use the internet as crutch connections while the separate mesh is under development? Nodes would steadily replace the tunnels through the net until they become less than necessary, and finally unnecessary. Please tell me where I am wrong.
edit: I should have mentioned that cjdns is the method of choice for this, and the more people who participate in it, the faster the transition will be.
What's exciting to me isn't that I'll be downloading Abode CS in a couple seconds -- it's that this technology might mean there's no reason a wireless network (like, say, a mesh?) shouldn't be able to meet or exceed the speeds of conventional networks today, thus knocking off one of the arguments which makes people skeptical. Speed is one of the big things people point to as a disadvantage of a mesh. Most current "mesh networks" (really homemade prototypes) are built with what may be able to handle average wifi speeds in good conditions. But research like this lets us get a glimpse at the possibilities of the future, and we need to jump on it.
This means a mesh network could (and should) really work. Combine this with things like IPFS and metamesh's efforts, and I'm quite excited. I can see the opportunity for someone to capitalize on this as an alternative to the conventional internet while advancing freedom and privacy in the web at the same time.
Rohos Mini Drive creates an encrypted container on your USB-Device and is very easy to use. Then you just have to put the Tor Browser Bundle in it and you're ready to go.
> that seems to be against what CJDNS totes as one of it's main features.
Right. So I was curious how you solved this, or were even aware of it.
> I assume you mean large scale nodes
No, I do not mean large scale nodes but snodes. See e.g. https://github.com/cjdelisle/cjdns/blob/master/subnode/SupernodeHunter.c
> and we can address the problem
cjd is on the case actually, it's just not solved yet.
Are you saying cjdns doesn't run on Windows? Because last I checked that wasn't the case. It's just a rough implementation that needs some touching up (ie. firewalls)
https://ipfs.io/ they have installers for OS X or various flavors of linux.
there are two types of addresses. an IPFS and an IPNS. the first is a globally unique hash of the content that is used to address it (ipfs/QmZi7iTUGec2RX4kWutmDTFWT7tRcHsdWw9hZPoUuyz7Bo) sorta like a bittorrent magnet link..
the other is unique to the client. it can be changed to point to any IPFS address. They refer to this as "pinning". there has been some work to tie an entry in DNS/namecoin to an IPFS address using a txt record.. but its still a work in progress.
anyway what the .io address does is act as a caching server that pulls in the content from wherever its hosted and serves it up. If you were running the software on a local box you could access the same content by replacing the part before /ipfs/<hash> with the address/port of the local box..
it does NOT allow for dynamic content or api's. I think that is an idea in the future.. but its not in place now.
tl;dr: ipfs is kinda like git with a bittorrent backend. but a much more stripped down interface. Could work well as a poor mans CDN.
Directional Wi-Fi can travel a surprisingly long distance, but you would need line of sight. If people setup relays that you could point a directional antenna at, you wouldn't necessarily be screwed as it would make it possible to join, however it would be fairly technical, prone to failure (storm blowing an antenna over, etc.) and numerous other possible issues. Also the latency (the time it takes for packet of information to be delivered) would increase and interference causes packet loss, meaning packets have to be resent slowing the connection down a lot.
OP is suggesting we wear computers (Raspberry Pi) with custom software and link them all together to form a large mesh network (see darknetplan).
There's not much to contribute at this stage. There's a lot of active projects that are still maturing. Technology is progressing very quickly, but it's still early.
The best way to contribute is to keep the message alive. Spread the word. Help in protests against SOPA/ACTA/etc. You can also help run a TOR node to strengthen the service for those that desperately need it.
There will be other ways to help in the near future.
To be fair, both cjdns and Project Byzantium didn't spawn from one another, but were created at the same time. Cjdns' initial check-in was Feb. 16th, 2011 and Project Byzantium's was Feb. 26th, 2011.
hi Nomikos, yes there are many other desktop apps that run on the same Scuttlebutt protocol, the most popular of which is Patchwork. Manyverse is only the latest app in the ecosystem. :)
Research Update:
Due to licensing issues. Were not allowed to embed google earth into java, or .net programs. But we are allowed to alter the KML save files that it uses.
If we desperately want an application to embed an interactive and editable map, we can try to encorporate NASA's Open source world wind mapping software instead.
There are a lot of crypto-coin related P2P hosting projects working on this:
/r/ethereum (a platform for all sorts of P2P apps)
/r/maidsafe
/r/bitcloud
TPB's new browser will also host all the data in P2P format.
There's also GNU's MediaGoblin.
Yeah I always thought a solar powered one would be awesome. One would have to make it extremely cheap, totally disposable, water proof weather proof and easily hide-able. I bet people would buy them in droves and drop them in all sorts of wacky places giving us lots of fun reasons to get out of the house lol. It would be like geocacheing but with "Legal Linux Distro's" and "Un-copywritten home movies" Since it would be all over WIFI it would be so easy to just get near the spot instead of actually finding the device. http://www.raspberrypi.org/ might have some info/hardwars but I just dont have the time to mess with it. The Fire and Forget nature of it would make it very safe for the users and for the person who buys and places the device.
https://www.torproject.org/docs/hidden-services.html.en
Judging by the design, not easy. You can do just about anything if you own the vast majority of nodes in the network, of course, but that will never be the case with Tor. Too many volunteers.
The publicly advertised introduction points don't know the service's IP, the chains between the service and the introduction points don't know what data they're carrying between the two thanks to encryption, and separate chains are established for actual communication after the connection is established so that no introduction points are implicated. In fact, the final connection will always be at least 6 nodes between you and the hidden service. So like I was saying, the only effective way is mass data collusion, pooling information from many sources involved in the transaction to narrow things down.
The weakest points appear to be timing attacks based on the introduction point IPs, but it's flimsy at best. I2P has better resistance to timing attacks with garlic routing, but Tor does pretty okay too. Basically, the only easy way to fuck with Tor is to block it completely, which is China's strategy (there's actually a bit of a security arms race involved there). A more typical Russian/American approach, interception and targeted manipulation, is also completely impractical thanks to the volunteer numbers.
You can help increase the security without taking on exit node liability by running a bare Tor relay on your desktop or server. This keeps hidden services safer, without any risk of getting vanned :D Viva la freedom!
Do you know what Tor and I2P are? If not, look at TorProject.org and I2P2.de. Both are networks dedicated to bypassing censorship through encryption and anonymization.
The Tor Browser Bundle is a collection of programs that make it much easier to utilize the Tor network without much technical know-how. It's about as simple as using an ordinary web browser, with a bit of extra paranoia thrown in.
Actually, it was derived from an onion-routing project started by the Navy.
Here's the page for the Navy's version of TOR: http://www.onion-router.net/
They likely auto kicked you from irc cause of some recent spam problems, nothing to worry about. CJDNS can connect manually over the old Internet by adding a peer, or automatically if you set up some antennas, or are on the same LAN. In this case you want to manually peer, you'll have to find some machines to do it with. Check out this:
https://github.com/cjdelisle/cjdns/blob/master/doc/cjdns/peering-over-UDP-IP.md#add-peers
https://github.com/hyperboria/peers
You should also just be able to search around and find some online with the right keywords.
All that is needed right now is code. https://github.com/cjdelisle/cjdns
Edit: Goal is once CJDNS is done it will run on everything and be easy to setup. After that it will be easy for everyone to install the software on their PC hook up a wireless interface if they don't already have one and be on the network. To make it even easier the towns local techs can easily preconfigure all types of hardware for the computer illiterate to just plug in and go.
Nice... The controller you posted is unavailable, but a newer version is offered on Amazon.
We did have an earlier version of our tech that would work for some direct communication. At least this could be used to share some of the photos and videos: https://play.google.com/store/apps/details?id=com.lotd.yoapp
Why don't you post the untracked link?
https://aws.amazon.com/snowmobile/
Rather than the link you posted:
Seriously... They take you to the same place. If I were the admin, I would ask you to delete this thread and create a new one.
They don't throttle, they simply refuse to make needed capacity upgrades at the interconnection points between providers and let the links melt down under growing demand.
As described here
It's radio, so theoretically it will travel at close to the speed of light. 186,000 miles per second. you may get a few ms extra on a ping.
edit: check this KA video:
It really depends. Doing a point to point link using 15' dishes, perfect line of sight and dry air: 50 miles (see here). Not the same circumstances, but similar. This is best case scenario though.
Using large (15 dBi) omni antennas on top of buildings in a not flat urban environment with some trees you might get a mile if you're really lucky.
If it were in your house where your router is, expect it to have similar or worse range than the router. Routers typically have at least 500mW, fancier ones have 1000mW. edit: My main one is 250mW and my secondary is only 71mW but I have many laying around for tinkering that are 500mW.
The big benefit to the USRP is that it can do lower than 'normal' frequencies that have better propagation characteristics. The same power at 400MHz will travel through walls and foliage better than 2.4GHz. So while it's lower power it might have an edge up on existing off the shelf hardware. double edit: I should note that there's can be a ton of licensing and EIRP constraints for non-ISM frequencies.
Check out the Doc folder in the cjdns repo, it covers how IPv6 addresses are generated, auth and data packets are formed, and things like how IPTunnel is implemented.
> Could you show me how I can connect to a cjdns network on windows?
I am not sure how usable the windows port is, however, it is still possible to connect without actually having cjdns installed on windows:
You still need to have a secondary machine running linux, this can be your router but doesn't have to be.
Here's a guide for if you have a linux machine connected to your network somewhere: https://github.com/cjdelisle/cjdns/blob/master/doc/nat-gateway.md
It looks like there's a few guides on building it for openwrt, but they might be out of date. One of them said it won't build on openwrt currently.
> I don't want to pay for internet from a provider.
No, you read that wrong. By non-hierarchical, it means that addresses aren't assigned by range.
In the current internet infrastructure, you have huge ranges that are assigned regionally, and each region assigns thousands to millions of addresses to each ISP, and each ISP assigns you an address.
Under cjdns, each IP address is a hash of a public key, there is no "region" that you're in (a side effect of this is completely breaking geoip).
Mesh networking is unrelated, and is certainly something cjdns can do, but so can IPv4 and IPv6. Cjdns is an internet-layer protocol, which many people don't seem to get. It is an alternative to IPv4 and IPv6, it does not specifically support mesh networking or ISP models. It is just capable of those things.
CJDNS definitely has issues but I don't see where you are actually pointing out what you think makes it a "piece of shit"? What don't you like about it, currently? (By the way, those of us who use it - we complain all the time. Caleb listens, too, and often pushes fixes in a day or two. He's super active in development as are a lot of us who use the software.)
As for piping arbitrary commands in to your shell - you're absolutely right, it's insane and anyone doing it should have their Linux Operator licenses revoked. Luckily that page and that install procedure has nothing to do with the CJDNS project, it's just some (I'm sure) well-intention'ed third party trying to make it easier to install.
A much better build guide exists in the README file of the project page, which you can find here: https://github.com/cjdelisle/cjdns. I would advise everyone to avoid any other install instructions.
Freenet has been under continuous development since 2000
Developer(s) The Freenet Project[1] Initial release March, 2000 Stable release 0.7.5 Build #1404 (12 September 2011; 2 months ago[2][3]) [+/−] Preview release 0.7.5 Build #1404-pre1 (7 September 2011; 2 months ago[4]) [+/−] Written in Java Operating system Cross-platform Platform Java Available in English, French, German, Italian, Swedish, Dutch Type Anonymity, Peer-to-peer, Friend-to-friend License GNU General Public License Website https://freenetproject.org
http://en.wikipedia.org/wiki/Freenet
Maybe Darknetplan is 11 years behind...If people are already working on a solution maybe joining their team makes more sense.
You could try Jitsi, it has support for XMPP and SIP. Encryption is a strong feature but it can be turned off (looking at the options: you can disable call encryption on per-account basis from Options -> Accounts -> Security, secure messaging from Options -> Security -> Chat, and SSL&TLS from Options -> Advanced -> SIP).
I use BTGuard and I think it's great! There was a great post yesterday that broke it down nicely that BTGuard does NOT store any of your data (ie: IP, etc) and if a 3rd party were to ask for costumer information (ie: court order) they wouldn't have any data to hand over to begin with. For $10 it's worth it.
Bluetooth goes like 3-5m at max? Also bluetooth seems to be more battery consuming than low-profile wifi to me (maybe even normal wifi if you have a good signal) .
But yeah i also couldnt find proper solutions, i actually only found Serval Mesh what is Android only and has a very different aim.
Holy Shit, what a mess. Here's my quick and dirty plan, now open for commenting but not editing, on Google Docs.
Already being done regularly in Afghanistan, New Zealand, and parts of Syria. It's called wok-fi, and the rigs are built with commodity USB wi-fi interfaces (you know the ones - they look like USB keys) and cheap wire strainers. No other hardware modifications are required. Ranges of 10km are regularly achieved this way.
https://en.wikipedia.org/wiki/WokFi http://www.instructables.com/id/Wifi-Signal-Strainer-WokFi/
hi hexydes, you can sync over wifi using either pubs (peers who are always online and have a public ip address) or Manyverse added direct p2p connections using a DHT. in both cases, either the pub or one DHT peer creates an invite code, sends it through some external channel to the other peer, who consumes the invite code.
hope that helps! if not, happy to answer more questions. =^.^=
Email verification seems broken. I'm running a standard MailInABox setup.
Correction, it barely made it, you should probably tweak some things about your SMTP (rDNS, SPF)
Received: from emsar.innovandalism.eu ([127.0.0.1]) by emsar.innovandalism.eu (Dovecot) with LMTP id yV8nG14eLlbOfQAAvBEecA for <>; Mon, 26 Oct 2015 13:36:46 +0100 X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on emsar.innovandalism.eu X-Spam-Level: **** X-Spam-Status: No, score=4.8 required=5.0 tests=FSL_HELO_NON_FQDN_1,RDNS_NONE autolearn=no autolearn_force=no version=3.4.0 X-Greylist: delayed 1582 seconds by postgrey-1.35 at emsar; Mon, 26 Oct 2015 13:36:45 CET Authentication-Results: emsar; dmarc=none header.from=meshbits.io Received: from flarum (unknown [119.9.26.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by emsar.innovandalism.eu (Postfix) with ESMTPS id 7E14BBC0330 for <>; Mon, 26 Oct 2015 13:36:44 +0100 (CET) Received: from localhost ([127.0.0.1] helo=forum.meshbits.io) by flarum with esmtp (Exim 4.84) (envelope-from <>) id 1ZqgbN-0001Vw-T4 for ; Mon, 26 Oct 2015 12:10:13 +0000
Wouldn't be the first time they've tried to change the law retrospectively.
I don't know if it was successful, but if not it may only have been because BP voluntarily waived the cap.
I know this post is a couple days old, and I'm not sure if this exactly fits what you were after, but Ushahidi might be an inexpensive/easy platform upon which information sharing (RSS, SMS, Twitter, and email), and quick interactive maps (e.g., Riot Cops are building kettling formations on X and Y streets, so escape routes can be found via N or Z streets.) could be built. Hope it helps for future occupations.
In my experience, OpenWrt is a pretty great platform, and the community has got it working on a sizable number of "normal" home wireless routers if you are adventurous enough to tinker with it. From there you can maybe do some fairly simple hardware or antenna modifications to increase the wireless output and gain, and the platform is definitely suitable for a variety of routing/switching configurations. It just depends on the money that you want to spend on the hardware, or the time you want to invest in it.
Routerboards also look fairly interesting, and you are far more likely to get the kind of radio strength right out of the box that you want, but I don't know anything about what the software environment is like on them and they're probably a bit more expensive.
Do let us know what you come up with, I'll be interested to hear it. :-)
I'm not really sure if anyone has considered this: Raspberry Pi
Pros: * CHEAP! $25-$35 * ARM-based * Small * Low power (2.5-3.5 Watts) * Runs Linux, and therefore any Linux software.
Cons * No PCI, but has USB * Built-in ethernet limited to 10/100 speeds * VERY hard to get due to popularity.
I don't think a router built from a RaspPi will ever beat a Cisco, but it could be a GREAT component for a Mash node. Thanks to its low power, it can run off solar panels and backup batteries, and it can likewise be used as a web/dns/torrent/etc server.
take a look at this http://www.zeroshell.net/eng/
and this one is interesting but it is not free http://www.mikrotik.com/
I would suggest zeroshell
it needs a lot of work but it is free and can be modified.
most def. It is a great way to ensure freedom of press and "promote" democracy.
One example is Sida - Swedish International Development Cooperation Agency sponsoring the Tor project, what better way to export democracy^TM?
TrackMeNot uses that exact technique for Google. It periodically sends bursts of queries to Google to hide your activity, and is very configurable. I use it whenever I have to use Google instead of DuckDuckGo.
I'm a very active member of the cjdns community. Reddit is pretty much the worst place you can possibly go to find information about us.
I only see a small number of names here that I recognize as belonging to people who know what they're talking about.
Your best bet is to read the documentation which is included in the github repository (https://github.com/cjdelisle/cjdns) and jump on irc #fc00 on Freenode or #cjdns on EFNet.
cjdns is not about DNS: https://github.com/cjdelisle/cjdns
> Cjdns implements an encrypted IPv6 network using public-key cryptography for address allocation and a distributed hash table for routing. This provides near-zero-configuration networking, and prevents many of the security and scalability issues that plague existing networks.
For the most part the protocol is being developed with the implementation, hence the need for the hyperboria test network. The closest thing to what you want is the whitepaper https://github.com/cjdelisle/cjdns/blob/master/doc/Whitepaper.md
Most of what your talking about is routing issues, which is what CJDs Networking Suite is here to solve. It treats censorship by a node as damage & routes around it, and it defends against the DoS attack you mentioned since the government would only receive a stream of encrypted session initiation packets that were encrypted with the real nodes publickey. CJDNS will then realize that node Z is an imposter & route around it as though it was damage, thus restoring connectivity to the proper node.
Did I mention that it is very low latency, with latency equal to what you would see on an IPv4 or IPv6 network? And it acts as a full IPv6 private network, allowing all your normal applications (that are IPv6 compatible) to work like normal through the use of a Tun adapter.
> That's what #cjdns made.
FTFY!
Hyperboria is the first CJDNS powered decentralized network. It has been an ongoing effort made possible by cjd and a bunch of contributors. CJD isn't a redditor for instance, and was made aware of /r/darknetplan by another #cjdns dev back in December. A lot of awareness of the CJDNS project have been made possible by the exposure of this sub and Project Meshnet.
If you're running linux, follow the installation instructions at the bottom of the github page. If you don't have a linux machine, you can download VMplayer (for free) and install cjdns on a virtual linux machine.
If you run into any problems, jump on IRC (link in sidebar) and ask questions. Everyone there is very willing to help. You'll need to jump on there once you're done installing anyway so that you can get the info you need to connect to the existing mesh.
Sure, it's not a requirement for a darknet. However, cjdns is meant to replace the internet and GNUnet has started to develop options for clearnet-independent mesh networking and is leaning towards this as well - "developing a wide range of new decentralized networking applications, possibly to the point of replacing the Internet as it is known today with a GNU network"source.
And yeah, IPv6 has been taking forever, but the economic incentives for big established ISP's weren't there, wheras now the question is whether privacy is enough of an incentive for users - not ISP's - to do something. I can just think about the mix of people who are interested: right-wing conservative conspiracy-theory people, leftist egalitarians, piracy people, and some pretty awful people and increasingly even pretty regular people. The user-friendliness to install GNUnet and probably also cjdns is going to increase a lot so I think it looks brighter in comparison.
edit: emritz points out that GNUnet can work over WLAN https://gnunet.org/wlanworks
Yeah, I think GNUnet still accesses the Internet through your Internet Service Provider (Verizon, Comcast, Charter). Not really digging down to the hardware level we are exploring in /r/darknetplan. However, I thought some people here would enjoy reading about GNUnet just the same.
Erm, I realize I may have interpreted that incorrectly. The other interpretation is essentially what i2p does out of the box, handing you a short list of hosts from a trusted (central) authority, and letting each user add their own as they please. It's clunky, unscalable, and unfriendly, but it does work. I2p's actual solution set is more complex than this, and I recommend you read about it right from the source, as they explain their own system better than I could do justice in a reddit comment. :-)
Sure, no problem. It's mostly just unreadable because I tried to hit all the features at once!
JSON is a format that lets you take programming-type objects, like a list or a dictionary, and encode them as text. You can encode pretty much anything as JSON.
MCP is the open standard protocol I'm working on, which allows you to connect to a worldwide network and share document updates. These documents can hold any JSON object, have a permissions system built in, and it's set up so you can't download an out-of-date copy of the document or have "write collisions" (where two people try to write at the same time, so nobody knows what it actually should be).
Orchard is a proof-of-concept MCP node with a friendly web interface. It encrypts all your data when storing it to disk, and part of MCP is that all data going through it is encrypted anyways. There are no central servers, and it's designed so that the network works just as well with just you and your friend, as it does years down the road with thousands of people on it.
The point of it is not so much MCP, though. That's the underlying protocol. The important thing is what you can build on top of MCP, like a distributed version of Google Wave, or a software repository that supports live typing for code collaboration in real time. It's even possible to have a P2P image editor made out of nothing but a web page!
Maybe they sound to you like that, but they are not.
I mean, most of them have a free trial month - so you can check them out.
And if you want the decentralized solution, why not both tools in the shed? AirVPN offers TOR->VPN and VPN->TOR connections. Also, if your VPN uses OpenVPN protocol, you have indeed an opensource and peerreviewd protocol.
I agree. I first went to read the vyprvpn review and saw there were only ratings per each category, then I saw that the Private Internet Access had a real review, detailing features. My subscription to Private Internet Access recently expired (I was very happy with it), but I've been looking for something cheaper or free. I'm currently using frootvpn (based on openvpn), but I'm having serious problems over the past few days as it won't connect. Plus it's irritating that I have to reenter my log-in credentials about 10 times a day (whereas Private Internet Access connected automatically) because of PC going into sleep mode, etc. I've been thinking about just shelling out the cash for PIA again (I also like that more than one device can be connected at a time) and, based on the PC Mag review you linked to, it would be a smart move.
TOFU/POP just sounds easier. Then you can decide which name is owned by which public-key by looking at "who heard of it first?" and deciding if you accept it. If it's owned by a namespace hoarder, well, you can delete/ban their key from your naming registry and wait for another legitimate contender to provide content/services under that name. Now it doesn't matter who's first with the name, all that matters is who you'd like to see under that name---and its okay that there are multiple providers under the name, you're choosing them by their public-key and history.
Please add yourself to this map which will help Meshnet participants to locate each other. It may be beneficial to start a simple mesh network with anyone in your area, which will allow for testing of different anonymizing software and methods to link local meshes to other meshes over distance.
If you have design skills, add yourself to the volunteer spreadsheet - we need your help on the website.
In case you're curious, I've found a SOCKS proxy server called polipo. It says it supports IPv6 but not link-local addresses. I'm not sure if that means it will work for cjdns or not, but if you happen to have more knowledge on this and
Heh, I'll admit this question was out of ignorance of how some of this works. I think I'll devote a day to reading up on the underlying workings of this so I know what I'm doing. Thank you for the advice. :) I actually have two linux computers on the east coast a fair distance from each other that could act as nodes... so I feel like I could help a little at least?
I'll be honest, it was more a concern of overloading the network or something by somehow sending torrent traffic over it. But now I see that this isn't really the same thing, meshnet is it's own network but dependent on the "real" internet's infrastructure to communicate? I think I'm making more sense of this now, I thought it was just another network protocol that was more difficult to censor.
Would it be reasonable for me to assume that IPv4 traffic and IPv6 traffic are isolated from each other in this setup? I mean, unless I set up a server with an IPv4 address to work with IPv6... it shouldn't?
It might be worth noting the airnergy. It would allow you to charge the device with radio energy. That is the first thing that came to mind, then i thought of Nikola Tesla, my role model. He was doing this stuff before we even needed it, now we do and now we have it.
http://en.wikipedia.org/wiki/Wireless_energy_transfer
also, here is a link on how to build it and the instructions.
1) What is socalMeshNet?
An independent network, free of internet monitoring based on CJDNS, built using ubuiquiti radios by redditors in socal. Eventually it will join other meshnets.
2) So far only 3 people on the team. We need more volunteers.
3) We're actually going to document, keep all receipts, & photograph the project. Volunteers will actually get the equipment that this money is buying for free. If you want to volunteer that's probably the best way to get a sense of how real the project is, you'll get the meeting times and locations as well as contact info. The project breakdown is actually itemized on http://www.indiegogo.com/socalmeshnet
4) I used to work for Cisco about 10 years ago so I have a pretty good background on traditional networks and I also do amateur satcom in my spare time. I was initially thinking of just buying the equipment and then configuring it and selling it to the group members, but with this plan there's no out of pocket cost to the members.
Official site & FAQ & volunteering:
http://www.reddit.com/r/socalmeshnet
I think you need to subscribe to the google group before you are able to reply, when I look at the discussion about it there is a Post Reply button in the upper right hand corner.
In terms of CJDNS being a routing protocol, it is & it isn't. There are some forks of it that can peer based on a mac address & allow it to transmit raw frames instead of UDP packets. The prime use case for cjdns is it allows us to bring together multiple networks with competing ipv4 structures & have them form one contiguous IPv6 network.
Integrating Cjdns's topograpy with Nodeshot is going to be a bit of a pain, I'll see if I can get /u/thefinn93 over to chat on jabber, I'll drop by myself too. I'm not a huge jabber user, but I shoul be able to figure it out.
Clearskies, the open source alternative to Bsync was recently finished. There's also a discussion and some other alternatives named on Hacker News.
However, this doesn't seem like what the op is looking for, but for the Bittorent update protocol that I posted in the other comment.
You are wrong. Please read these articles and then respond.
It's just an IPv6 tunnel broker based around Tinc
>Unlike a traditional tunnel broker, our scheme tunnels IPv6 transport based on Tinc VPN and dynamic routing protocol by Babel , enables the IPv6 communication between participants take Free Networks shortest paths instead of forcing all traffic to move back and forth until the end of the tunnel where the gateway.
What i personally would like to see is a cjdns package written for pfSense (an open source Router Distro Based on BSD). I think that this would be helpful because for ~60$ (old PC and a 2nd Nic) you can get a crazy powerfull router setup with fairly minimal effort) (same idea as openWRT but doesn't risk possibly bricking your $80 router, if the install fails, you just try again). I would take a stab at this but I have neither the skills or the time to do so right now.
The things that you mention are beyond the scope of this project. Besides, they are solved problems already. If you want anonymity you can already use Tor. If you want an ID system you can use things like OpenId, and lobby more online services to accept it as a log in option. The problem that this project seeks to resolve is independent of the problems that you mention.
The main objective of the MeshNet project is to design a scalable, ad hoc routing algorithm that allows you to utilize your existing router hardware to connect to your neighbors in the hope of creating an ever expanding mesh that will initially span your neighborhood, then hopefully the entire town, while still remaining an integral part of the existing internet.
You may be interested in CJDNS. It is decentralized, works with current hardware and can be used over the internet we have right now (which makes transitioning a lot easier).
/r/darknetplan is about CJDNS as well as other similar protocols.
If you want to learn to use cjdns, you can join us at irc://irc.efnet.org/#cjdns
Then you somehow install this thing, and then when you run cjdroute you'll get instructions to add a peer and fire it up. You can find public peers by typing ? peers in the IRC channel, or maybe ask one of the friendly people there if you can peer up with them.
Also, there isn't a better IRC client that exists other than Weechat.
Yeah, the cheap ARM machines tend to have low throughput. There are some benchmarks here.
Why would you need 2 antennas for each thing? Why not one for local (or just ethernet into your existing LAN, if you have one) and one for each physical peering link?
You're going to lose speed no matter what you do if you have to push cjdns traffic over many hops. Rather than going house to house to house, and touching cjdns at each hop, you can do something like 802.11s, or have longer-range links to improve throughput.
That's great, but that's not the real problem.
The real problem has been unchanged for months now: lack of a user friendly interface. If CJDNS had a proper GUI interface for setup and management, we'd be golden.
There's a start on a node interface in the repository, interested parties should look in to improving it. ;)
Just let the mobile node send data through the next best (the new) route, and as soon as the first packet arrives on the other side, it'll discover the new route by looking at the reversed label of the incoming packet.
More info on route labels: https://github.com/cjdelisle/cjdns/blob/master/doc/Whitepaper.md#operation
For all intents and purposes cjdns is just IPv6. So any application that works with IPv6 will also work with cjdns.
There is also an API for communicating with cjdns.
https://github.com/cjdelisle/cjdns/blob/master/admin/README.md
You can test and submit bugs via the project's bugtracker on github. As thefinn93 mentioned, please do use our updated automatic setup script instead.
I'd appreciate it if you tried building on ARM (ubuntu?) again. Between last night and this morning, my patch for osx was merged in and it might fix the ARM NaCL issues as a side effect.
If it doesn't fix it, please open up a new issue ticket on github with the error output.
Thanks!
Thank you for a very informative answer. The 1kbit/s that I "checked" was checking speed that had been reported.
I have now joined GNUnet :-P and I hope to try it out with a local Mesh setup as well.
The thing is, it doesn't seem like information about individual nodes would reveal much. Check this out. Here's some relevant info:
"In GNUnet, the identity of a host is the (SHA-512) hash of its public key. For that reason, man-in-the-middle attacks will not break the authentication or accounting goals. Essentially, for GNUnet, the IP of the host has nothing to do with the identity of the host. As the public key is the only thing that truly matters, faking an IP, a port or any other property of the underlying transport protocol is irrelevant. In fact, GNUnet peers can use multiple IPs (IPv4 and IPv6) on multiple ports --- or even not use the IP protocol at all (by running directly on layer 2)."
Also, I found a paper on a swarming protocol on their site.
EDIT: I like how honest they are about anonymity: "Providing anonymity for users is the central goal for the anonymous file-sharing application. Many other design decisions follow in the footsteps of this requirement. Anonymity is never absolute. While there are various scientific metrics that can help quantify the level of anonymity that a given mechanism provides, there is no such thing as complete anonymity. GNUnet's file-sharing implementation allows users to select for each operation (publish, search, download) the desired level of anonymity. The metric used is the amount of cover traffic available to hide the request. While this metric is not as good as, for example, the theoretical metric given in scientific metrics, it is probably the best metric available to a peer with a purely local view of the world that does not rely on unreliable external information. The default anonymity level is 1, which uses anonymous routing but imposes no minimal requirements on cover traffic. It is possible to forego anonymity when this is not required. The anonymity level of 0 allows GNUnet to use more efficient, non-anonymous routing."
They both have strengths and weaknesses. Here's a nice comparison:
https://geti2p.net/en/comparison/tor
Speaking for myself, I like I2P's more decentralized nature, and the fact that it's optimized for hidden services, which means that it can be much faster than Tor.
You just wget the site, I've already done it inside ipfs before. Other then losing the search bar most stuff carries over no problem. Technically it would be possible to build in common search terms so they give results. Think of it as pre-generating everything.
second this, while it's no panacea, at least briar is established and had passed independent security audit (can check the report): https://briarproject.org/news/2017-beta-released-security-audit/
more on how it works here: https://briarproject.org/how-it-works/
I am sorry I didn't see this conversation earlier. I think that establishing a trusted network similar this could be done much more easily than that, assuming that the f2f/p2p connection can be used to bridge or connect groups of people who are connected by more than one degree of separation. It's not that difficult to crank out simple html/javascript based facebook and mobile apps that invite your contacts to join the network. I have an Android app called Droidin that allows me to consolidate my Google and LinkedIn contact lists, so it should be relatively simple to clone that functionality. Once people agree to join the network (and consolidate their contacts into one list) they can move from the app to a (link to a...) Winautomation or Autoit script that automates the configuration of their network on their Windows PC. Those are the windows-only tools I am familiar with, so at least in my case that's what I have in mind for promoting the darknet. With all of the programmers we have volunteering for this project, I'm sure that once they see how these automation scripts work they could easily code setup-automation scripts for platforms other than Windows and Android.
Exits can exist anywhere. If a mesh has access to an IXP, they get a direct connection into the Internet. Otherwise, you can exit traffic from pretty much anywhere, you can even tunnel it out of a VPN like IPredator.