What is Reddit's opinion of
GNUnet?
From 3.5 billion Reddit comments
➔ GNUnet website
By popularity on Reddit, this Service is:
42 reviews of this app found across Reddit:
This literally was Tim Berners Lee original vision of the world wide web.
​
HTML was supposed to be human writable so that anyone with just a few hours of learning who knew how to use a word processor could build their own web-page and upload their own information. People didn't need to know the details about how to run apache since schools/institutions/community-websites would be the places to provide hosting for its own members.
​
It was never intended to be a format for performing creating what are essentially real-time multimedia sharing or messaging apps. Definitely wasn't intended to be a source for profiteering. But with javascript becoming a vehicle for web-tracking, and generating profiles of users to try and sell people more crap, companies have eaten up the World Wide Web, and it has turned to shit.
​
My hope at this point is if developers can make a less retarded version of GNUNet integrate with IPv6, then something will be ready and in place when the rollover from v4 to v6 happens (which to be fair, may not)
> The capitalist machinery of our time can just as easily be taken over as the factories of previous revolutions.
Low-level internet protocols (including the Internet Protocol), are designed to be centralised and hierarchical (DNS is notoriously centralised, and the server-client paradigm is a relation of authority). We could try to take them over, and in the event of a global revolution we would probably be successful, but I'd rather see us try to replace the Internet with protocols with decentralised protocols (eg mesh networks) and peer-to-peer/client-to-client applications.
tl;dr: is not just about taking over Google's server farms - the Internet is authoritarian by design.
There is https://gnunet.org in the making which will make it possible to create (anonymous) networks completely over WiFi so no company would ever be able to shut it down. The government would need to get into every house and shut every router down to kill the network.
There is the GNU Name System, which is being developed as a part of GNUnet, and is probably where we should be aiming for the future. It is compared with some other systems in this document.
Well the internet was created here so the first domains pointed to servers in the USA.
No one is ever going to enforce country specific discussion based on the tld. Definitely not ICANN who allowed the org TLD to get sold off.
If you really want a new internet you should get behind https://gnunet.org
Also simply because it's not able to provide the same features as a centralized architecture right now.
Mobile device constraints, constrained networks with NAT and firewall, not being able to store messages on a server and delivering them later, authentication, etc. are all problems that are not solved very well yet in p2p networks.
The internet might very well need to be replaced to enable truly p2p applications. This might sound impossible, but for example Gnunet can actually work on top of the current internet even though it is designed to be independent of it.
https://gnunet.org/tutorial-using-gnunet — You might have missed this
GNUnet’s documentation is rather sparse, and the software itself is not user-friendly, but there are a few things to try out, like filesharing and telephony.
From what I read of the other posts, I think the main differences are user-friendliness, and the accent on privacy/anti-censorship in GNUnet.
Absolutely! There are a few different approaches here that are relevant. Bitcoin enthusiasts will probably cite "Hierarchical Deterministic Wallets", but there's a lot of older work in this space which provides different and interesting properties.
Most notably to me, Zooko's "Semiprivate Keys" come to mind, originally described in section 6.1 of the Tahoe paper:
https://gnunet.org/sites/default/files/lafs.pdf
See also Hal Finney's description of them on the Tahoe mailing list:
https://tahoe-lafs.org/pipermail/tahoe-dev/2009-July/002371.html
Semiprivate keys can be used to recursively derive a hierarchy of keys, where each level can sign messages that can be verified by a lower level, but cannot impersonate a higher level, and the key can be the same size as the original signature algorithm. Bonus points: you can also derive other keys for each level, e.g. an encryption key to go with a private signing key.
Check out my synthesis of other people's work, as applied to the Curve25519-based signature algorithm Ed25519, soon to be an informational RFC and the new standard signature algorithm for TLS:
Yes. We're collaborating with GNUnet to get .bit (and .gnu) registered as special purpose TLD's. Same for I2P. There appears to be some political resistance at IETF to Namecoin and GNUnet, which wasn't the case for Tor (or I2P). See https://gnunet.org/ietf93dnsop . We're still hoping for a positive outcome.
I graduated from TUM... so TUM, or maybe RWTH Aachen, or Karlsruhe Institute of Technology.
But TUM still ranks no.1 in Germany, you can't go wrong when there's around 13 Nobel laureates from here. Lots of our projects here are joint collaboration with industry partners, e.g. BMW, Siemens, Google, etc. Lots of the PhD students and lecturers are engaged in hi-profile projects, e.g. WillowGarage, PCL
Also Christian Grothoff, the guy who broke PRISM and created GNUNet, is one of the lecturers here. I had oral exam under him, he is ... brutal.
It's just that Munich is the most expensive state in Germany. My apartment rent is 500 euro per month, and it's considered a steal, you can't find price like that anymore. Unless maybe student-housing. You need around 8000 euro in your bank account in order to be granted student resident permit, no tuition fee (maybe few hundreds euro per semester for administration, including transport).
Also I heard it's harder to get in TUM nowadays, too many foreign students these days.
Isn't this what GNUnet is already doing? Except for the paying part, decentralized DNS, filesharing, messaging and (video)calls are implemented. All traffic is encrypted and your anonymity can be guaranteed. https://gnunet.org/ http://youbroketheinternet.org/
> Lots of things are centralized just to make things work
It really does not have to be like that though. GnuNet tackles exactly that issue.
Trouble is that sort of project will never get funding from 'business' because it works in anthesis of how business monetises the web today. Which business wants anonymous customers, zero tracking ability and no metric information whatsoever?
Society need to change so that businesses change. We need to demand more rights to privacy, personal information, shopping habits etc. And we need to reflect in our use of social media too.
As I understand it (as a casually interested person), secushare aims to be a distributed social network; kind of a universal communication tool, as summarised by the initial line: “Facebook, Whatsapp, Gmail and Skype rolled into one”. It would enable people to securely share all kinds of content in various forms.
“Distributed” networks use a peer-to-peer architecture, so there are no “servers” in the common sense of the word, contrary to centralised and federated networks. Instead, clients talk directly to other clients (but perhaps it's then technically true that each client is also a server). The users don't need to trust third-party service providers, as there is no service; everyone is principally on equal grounds.
I know that the developers of secushare also work closely with the (also very interesting) GNUnet project, which provides a new network protocol stack (compared to the old one here). This means the network would have a robust foundation, without depending on the current internet architecture.
Perhaps the name is a bit too aspirational? It looks more like an IPFS primer. For a "decentralized web" primer I'd expect to find out more about the original ideas behind the concepts and perhaps mention some of the existing players like https://gnunet.org/ or even Ethereum's Swarm
Sure, it's not a requirement for a darknet. However, cjdns is meant to replace the internet and GNUnet has started to develop options for clearnet-independent mesh networking and is leaning towards this as well - "developing a wide range of new decentralized networking applications, possibly to the point of replacing the Internet as it is known today with a GNU network"source.
And yeah, IPv6 has been taking forever, but the economic incentives for big established ISP's weren't there, wheras now the question is whether privacy is enough of an incentive for users - not ISP's - to do something. I can just think about the mix of people who are interested: right-wing conservative conspiracy-theory people, leftist egalitarians, piracy people, and some pretty awful people and increasingly even pretty regular people. The user-friendliness to install GNUnet and probably also cjdns is going to increase a lot so I think it looks brighter in comparison.
edit: emritz points out that GNUnet can work over WLAN https://gnunet.org/wlanworks
Yeah, I think GNUnet still accesses the Internet through your Internet Service Provider (Verizon, Comcast, Charter). Not really digging down to the hardware level we are exploring in /r/darknetplan. However, I thought some people here would enjoy reading about GNUnet just the same.
That's literally what Proof of Work was invented for, the paper from dwork and noar is 26 years old [1]. Not exactly revolutionary today. Hashcash by Adam Back [2] even combined it with a token to "pay" for unmetered resources (first published in 97)
[1] https://link.springer.com/content/pdf/10.1007/3-540-48071-4_10.pdf
I like your effort, but: 1. DNS is distributed and not decentralized (https://gnunet.org/centralized-dns) and 2. ev is broken (https://stripe.ian.sh)
In the end it makes attacks harder but not impossible. Please add HPKP (https://developer.mozilla.org/en/docs/Web/Security/Public_Key_Pinning) to make attacks almost impossible.
I don’t want to spread FUD, I know running a decentralized exchange is hard. This is just a recommendation from some security guy.
PS: I love switcheo, congrats on the launch and great job.
Thank you for a very informative answer. The 1kbit/s that I "checked" was checking speed that had been reported.
I have now joined GNUnet :-P and I hope to try it out with a local Mesh setup as well.
> Unless you are listed by the i2p devs then your outlaw.i2p wont work unless user manually adds it.
That's not really how it works.
Basically, an I2P user can Subscribe to certain sources of naming information. There's also one or two default subscriptions that are automatically added at installation.
So, it doesn't have to be "listed by the i2p devs" - it could be listed by anyone. And accepting that URL as valid is completely voluntary for the user. It's also not really "manual" in any sense, unless you're trying to visit there without a subscription.
Also, they actually did submit their name to the most prominent name subscription spot (stats.i2p) a few days ago.
Finally, the naming issue is a real problem, and the i2p devs and community know that. There's a lot of discussion that's ongoing about how to improve the i2p name system - the focus seems to be largely in favor of something like GNS, although there's some good arguments for a potential blockchain-based NS like BlockStore, BitAlias or DNSchain.
If you feel like it's a significant and pressing issue, you'd be welcome to contribute some work to the project; I2P has an extremely open development community.
The thing is, it doesn't seem like information about individual nodes would reveal much. Check this out. Here's some relevant info:
"In GNUnet, the identity of a host is the (SHA-512) hash of its public key. For that reason, man-in-the-middle attacks will not break the authentication or accounting goals. Essentially, for GNUnet, the IP of the host has nothing to do with the identity of the host. As the public key is the only thing that truly matters, faking an IP, a port or any other property of the underlying transport protocol is irrelevant. In fact, GNUnet peers can use multiple IPs (IPv4 and IPv6) on multiple ports --- or even not use the IP protocol at all (by running directly on layer 2)."
Also, I found a paper on a swarming protocol on their site.
EDIT: I like how honest they are about anonymity: "Providing anonymity for users is the central goal for the anonymous file-sharing application. Many other design decisions follow in the footsteps of this requirement. Anonymity is never absolute. While there are various scientific metrics that can help quantify the level of anonymity that a given mechanism provides, there is no such thing as complete anonymity. GNUnet's file-sharing implementation allows users to select for each operation (publish, search, download) the desired level of anonymity. The metric used is the amount of cover traffic available to hide the request. While this metric is not as good as, for example, the theoretical metric given in scientific metrics, it is probably the best metric available to a peer with a purely local view of the world that does not rely on unreliable external information. The default anonymity level is 1, which uses anonymous routing but imposes no minimal requirements on cover traffic. It is possible to forego anonymity when this is not required. The anonymity level of 0 allows GNUnet to use more efficient, non-anonymous routing."
(Your schema syntax is semantically ambiguous.)
Overriding arbitrary DNS records is dangerous and cannot work generally without very good protection.
What you try to implement has been solved comprehensively by gnunet's GNS. You might want to follow that up. You simply pull GNS records from a particular identity into a securely scoped namestore which can subsequently be resolved completely transparently through NSS but without maliciously overriding already existing names.
If I'm actually understanding what they're trying to do, I do see the usefulness. They're just slapping on an abstraction layer on everything, so you can run your "instance" independently from any particular physical device, network provider, etc. At least that seems to be the basic thing they're trying to do, but whenever they describe it, it sounds a lot more grandiose, so I keep getting the feeling I'm missing something.
There's another project in a similar vain called GnuNet, it's an interesting comparison, because their philosophy seems a lot more "left wing". Also their scope is a lot more limited (alternatively: they use buzzwords and gimmicks more sparingly), so it's easier to wrap your head around what they're trying to accomplish.
It kinda depends on who is in charge of recreating the Internet. The folks developing GNUnet are very privacy-focused and GNUnet seems to me somewhat more difficult to use because it is so secure. A group less focused on privacy would likely create something easier to use but, of course, less respecting of user privacy.
A lot of these problems are due to the fact that the IPv4/6 protocol itself is insecure, unstable, and is based on the client-server model by design. Have you ever looked at GNU Net? It's basically an entire re-imagining of the web with things like decentralization and federation baked in. I thought it couldn't possibly replace the Internet as we know currently, but it seems like it's really well thought out, despite still being in the planning phase. Perhaps you could look into it. Look, I don't see you as no simpleton, but your comments make feel pessimistic about the future of these things when I think there's a lot of good stuff. Maybe it's just me, but it can truly hurt sometimes :I . Just the fact that people are making a true effort to go against the grain is awesome.
It's not a drop-in replacement for DNS, and it's still in development. If you're not an experienced Linux user (and possibly developer with some knowledge of C) it might be too hard to even install.
Here is the software (GNS is part of GNUnet): https://gnunet.org/en/
This is not an official communication channel for the GNUnet project, nor is it frequented by the developers. Have you brought up your problems and remarks on the mailing list or IRC (linked on this page)? They may be of better use to both you and tho others there!
It is not the standard stack currently in use, so when (and if) it will be, it'll be new, as /u/chloela wrote. The project is also a huge undertaking and is being actively worked on; some parts of the project currently have issues and are being redesigned to avoid them (see ‘Known Issues’ in the news section), so portions of it are new in the sense of ‘recently created’, even if the project as a whole is not. With the manpower they've got, it ought to take a while still.
I think GNUnet is pretty general-purpose. There's an application built on top of it which allows for distributed file sharing, but it has other potential uses, so it could work as a VPN, or a DNS extension/replacement. There's the secushare project trying to design a social network, and re:claimID working on a an identity system (think OpenID, but distributed).
Please strongly consider reporting bug and asking for help with the build process in channels which receive support and are not just occasionally monitored. https://gnunet.org/en/engage.html
Hey eleitl, it is a loft goal indeed.\
​
I honestly do not know the answer to your question, but I would invite you to ask it in the IRC channel or mailing list: https://gnunet.org/en/engage.html
I believe this may be the page you want to read. Found as ‘Documentation → Handbook → 5 Using GNUnet → 5.5 File-sharing’.
The old website, whose information now may or may not be up to date, now lives at old.gnunet.org. You can reach old pages by adding the ‘old.’ part in front of the ‘gnunet’ part. Granted, a redirection would be nice, and the new website is still a work in progress, so they might be adding it eventually. (You can also get in touch with them!)
Nice redesign! I was curious about "GNUnet filesharing", so I looked it up and the two first links I found on qwant are dead:
In fact, it looks like most previous URLs are dead, which is a very bad practice in Web development (read the classic Cool URIs don't change for more info). People behind GNUnet website should create re-routing for old URLs to point to existing webpages at least...
You and /u/wh33t might like to take a look at this comprehensive document describing the many aspects of GNUnet. If you can't get by with the resources you were able to find (which wouldn't be too surprising), I would definitely recommend getting in touch with the developers. (See the Contact page on the website.)
You can see if there's anyone up for a chat on the Freenode IRC channel, or send a message to the help-gnunet mailing this (both described in the aforementioned page). They might answer your questions and explain the concept in a better way, or point you in the right direction. And if you find learning resources, you can definitely tell them what you think needs improvement; they are looking to improve the experience for newcomers.
Actually there are companies starting to use it. When you look at our gnunet-ev repository, pretty Easy privacy and Taler S.A. are working together with us. There's another one, but if I remember correctly they provide it for free? It's been a while.
Once we've polished the public appearance and texts, companies as well as people will (hopefully) understand more. Right now the confusion and questions I've been reading online are only natural.
So much of this show comes from the world of FOSS, yet it presents "the industry" as only that...an industry :( Personally, the only thing that really bothers me, where I think at least attribution of some form should be given, is the fact that "New Net" and "New New Net" actually already exist; It's GNU Net, a project that could surely use some more contribution.
//edit: added, well tried to, add pic of protest banner
https://www.flickr.com/photos/greenoid/9693327611
MORECOWBELL is probably the best tool that we are publicly aware of that is capable of doing what you are asking. NSA tech but Australia is a member of 5 eyes so they have access to it.
Here is the thesis that advogato was built on:
https://gnunet.org/sites/default/files/compact.pdf
Equality by Lot is a group blog discussion sortition and sortition-related events, their summary is nice and sweet:
https://equalitybylot.wordpress.com/introduction-to-sortition-government-by-jury/
I also recommend the rest of the site.
Making up ad-hoc constructions where there is a standardized option available is rarely a good idea. I'm not sure why you're claiming it has designed by committee traits (the paper has only one name on it), it's very simple, and I'll copy/paste the whole description right here:
HKDF-Expand(PRK, info, L) -> OKM
Options: Hash a hash function; HashLen denotes the length of the hash function output in octets
Inputs: PRK a pseudorandom key of at least HashLen octets (usually, the output from the extract step) info optional context and application specific information (can be a zero-length string) L length of output keying material in octets (<= 255*HashLen)
Output: OKM output keying material (of L octets)
The output OKM is calculated as follows:
N = ceil(L/HashLen) T = T(1) | T(2) | T(3) | ... | T(N) OKM = first L octets of T
where: T(0) = empty string (zero length) T(1) = HMAC-Hash(PRK, T(0) | info | 0x01) T(2) = HMAC-Hash(PRK, T(1) | info | 0x02) T(3) = HMAC-Hash(PRK, T(2) | info | 0x03) ...
(where the constant concatenated to the end of each T(n) is a single octet.)
Over what you suggested, hkdf_expand has a few advantages:
- It combines the seed with the "salt" data for the subkeys using HMAC, a design with more conservative security.
- Subkeys can be specified by an arbitrary string that describes their function
- Subkeys can be longer than the output of the hash function used.
- HKDF has a security proof https://gnunet.org/sites/default/files/264.pdf
Maybe what you're after is something like GNUnet, or even GNU Social:
http://www.gnu.org/software/social/faq.html
However, if it's just for friends and family, setting up some rsync jobs, at low bandwidth, which would copy encrypted files, driven by a cronjob should be all you need.
The problem with bittorrent is it was not built with annoynimitty in mind, and while the public continues using them, this will continue to happen...
We need to replace torrents with something alot more anon-centric, and luckily it shouldn't be to much work. (https://gnunet.org/)